CVE-2006-5465 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2006-5465
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-5465

Description: Buffer overflow in PHP before 5.2.0 allows remote attackers to execute arbitrary code via crafted UTF-8 inputs to the (1) htmlentities or (2) htmlspecialchars functions.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/29971 UBUNTU http://www.ubuntu.com/usn/usn-375-1 TURBO http://www.turbolinux.com/security/2006/TLSA-2006-38.txt TRUSTIX http://www.trustix.org/errata/2006/0061/ SUSE http://www.novell.com/linux/security/advisories/2006_67_php.html ST 1017296 1017152 SGI SAID Secunia Advisory: SA22929 Secunia Advisory: SA22759 Secunia Advisory: SA22713 Secunia Advisory: SA22753 Secunia Advisory: SA22693 Secunia Advisory: SA22688 Secunia Advisory: SA22653 Secunia Advisory: SA23139 Secunia Advisory: SA23155 Secunia Advisory: SA23247 Secunia Advisory: SA22685 Secunia Advisory: SA22779 Secunia Advisory: SA22881 Secunia Advisory: SA24606 Secunia Advisory: SA25047 REDHAT http://www.redhat.com/support/errata/RHSA-2006-0731.html http://www.redhat.com/support/errata/RHSA-2006-0730.html http://rhn.redhat.com/errata/RHSA-2006-0736.html OPENPKG http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.028.html MISC http://www.hardened-php.net/advisory_132006.138.html MANDRIVA http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:196 GENTOO http://security.gentoo.org/glsa/glsa-200703-21.xml DEBIAN http://www.debian.org/security/2006/dsa-1206 CONFIRM http://issues.rpath.com/browse/RPL-761 http://docs.info.apple.com/article.html?artnum=304829 http://support.avaya.com/elmodocs2/security/ASA-2006-245.htm http://www.php.net/releases/5_2_0.php CISCO http://www.cisco.com/en/US/products/products_security_response09186a008082c4fe.html http://www.cisco.com/warp/public/707/cisco-air-20070425-http.shtml CERT http://www.us-cert.gov/cas/techalerts/TA06-333A.html BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/453024/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/451098/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/450431/100/0/threaded BID 20879 APPLE http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html

Return to the previous page.