Home Corporate Website Jobs  Mailing Lists RSS Blog  Online Shop Advertise
	Software Inspectors   Scan Online   Personal (PSI)   Network (NSI 2.0) Solutions For   Security Professionals   Security Vendors Free Solutions For   Open Communities   Journalists & Media Secunia Advisories   Search   Historic Advisories   Listed By Product   Listed By Vendor   Statistics / Graphs   Secunia Research   Report Vulnerability   About Advisories Virus Information   Chronological List   Last 10 Virus Alerts   About Virus Information Secunia Customers   Customer Area CVE Reference: CVE-2006-1490 NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. Original Page at CVE MITRE: CVE-2006-1490 Description: PHP before 5.1.3-RC1 might allow remote attackers to obtain portions of memory via crafted binary data sent to a script that processes user input in the html_entity_decode function and sends the encoded results back to the client, aka a "binary safety" issue. NOTE: this issue has been referred to as a "memory leak," but it is an information leak that discloses memory contents. CVE Status: Candidate References: XF   http://xforce.iss.net/xforce/xfdb/25508 UBUNTU   http://www.ubuntu.com/usn/usn-320-1 TRUSTIX   http://www.trustix.org/errata/2006/0020 SUSE   http://www.novell.com/linux/security/advisories/05-05-2006.html SGI SAID   Secunia Advisory: SA20951   Secunia Advisory: SA23155   Secunia Advisory: SA19570   Secunia Advisory: SA19832   Secunia Advisory: SA19383   Secunia Advisory: SA19499   Secunia Advisory: SA19979   Secunia Advisory: SA20052   Secunia Advisory: SA20210   Secunia Advisory: SA21125 REDHAT   http://rhn.redhat.com/errata/RHSA-2006-0276.html MISC   http://cvs.php.net/viewcvs.cgi/php-src/ext/standard/html.c?view=log   http://cvs.php.net/viewcvs.cgi/php-src/ext/standard/html.c?r1=1.112&r2=1.113 MANDRIVA   http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:063 GENTOO   http://security.gentoo.org/glsa/glsa-200605-08.xml CONFIRM   http://docs.info.apple.com/article.html?artnum=304829   http://support.avaya.com/elmodocs2/security/ASA-2006-129.htm   http://bugs.gentoo.org/show_bug.cgi?id=127939 CERT   http://www.us-cert.gov/cas/techalerts/TA06-333A.html BUGTRAQ   http://www.securityfocus.com/archive/1/archive/1/429162/100/0/threaded   http://www.securityfocus.com/archive/1/archive/1/429164/100/0/threaded BID   17296 APPLE   http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html Return to the previous page. Secunia PSI Scan | Patch | Track Free Download Secunia Poll Do you think it's important to read Setup/User Guides for applications for use within your network? Yes, I do it all the time Yes, but I do it rarely No See Results    Most Popular Advisories 1. HP OpenView Select Identity Connectors Information Disclosure 2. rPath update for libtiff 3. Cisco ASA and PIX Security Appliances Multiple Vulnerabilities 4. Gentoo update for realplayer 5. Gentoo update for yelp 6. Gentoo update for dnsmasq 7. Gentoo update for mysql 8. Cisco Secure ACS EAP Packet Denial of Service 9. SUSE update for IBMJava5-JRE and java-1_5_0-ibm 10. IBM AIX "swcons" Command Privilege Escalation Vulnerability
Vulnerability Management - Terms & Conditions - Copyright 2002-2008 Secunia - Compliance - Contact Secunia