News Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Community News:
PHP Remote Exploit - Floating Point Issue Causes Freeze/Crash
January 06, 2011 @ 08:06:31

As reported by both The Register and Zend, there's a new remote exploit bug that possibly has something to do with the way 32-bit processors handle floating point numbers.

From Zend:

Due to the way the PHP runtime handles internal conversion of floating point numbers, it is possible for a remote attacker to bring down a web application simply by adding a specific parameter to a query string in their web browser.

The bug, found here on bugs.php.net, has been reproduced on Windows and 32-bit linux systems and can cause the server hang and/or crash as a result. The real issue comes from this bug on the x87 FPU design. The bug has already been fixed in the latest SVN versions (including 5.2 that was end-of-life recently). A release to fix the issue should be coming shortly.

0 comments voice your opinion now!
bug crash exploit floating point remote svn


blog comments powered by Disqus

Similar Posts

Felix Geisendorfer's Blog: Release early, Release often, A SVN/FTP Development Task

Johannes Schluter's Blog: Easter - Don't just look for eggs but also for bugs

Matthew Weier O'Phinney's Blog: ZF Subversion Reorganization

Stefan Esser\'s Blog: DokuWiki remote PHP code injection

Zend Developer Zone: Zend Framework Site Gets Bug Tracker, Source Browser.


Community Events

Don't see your event here?
Let us know!


interview library opinion voicesoftheelephpant application community conference symfony2 podcast performance laravel php7 series framework extension release api version introduction example

All content copyright, 2015 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework