CVE-2006-4486 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2006-4486
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-4486

Description: Integer overflow in memory allocation routines in PHP before 5.1.6, when running on a 64-bit system, allows context-dependent attackers to bypass the memory_limit restriction.

CVE Status: Candidate

References: UBUNTU http://www.ubuntu.com/usn/usn-362-1 TURBO http://www.turbolinux.com/security/2006/TLSA-2006-38.txt SUSE http://www.novell.com/linux/security/advisories/2006_52_php.html ST 1016984 SGI SAID Secunia Advisory: SA22069 Secunia Advisory: SA22004 Secunia Advisory: SA21546 Secunia Advisory: SA22225 Secunia Advisory: SA22440 Secunia Advisory: SA22538 Secunia Advisory: SA22487 Secunia Advisory: SA22331 Secunia Advisory: SA25945 REDHAT http://rhn.redhat.com/errata/RHSA-2006-0688.html http://www.redhat.com/support/errata/RHSA-2006-0682.html http://www.redhat.com/support/errata/RHSA-2006-0669.html MISC http://www.hardened-php.net/hphp/changelog.html#hardening_patch_0.4.14 DEBIAN http://www.debian.org/security/2007/dsa-1331 CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2006-223.htm http://support.avaya.com/elmodocs2/security/ASA-2006-222.htm http://support.avaya.com/elmodocs2/security/ASA-2006-221.htm http://www.php.net/release_5_1_6.php http://www.php.net/ChangeLog-5.php#5.1.6 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/447866/100/0/threaded BID 19582

Return to the previous page.