PHPDeveloper.org: Community News: Avaya Products PHP Multiple Vulnerabilities

	News Feed
	Jobs Feed

Sections

Tutorials

Books

Events

Talks

Jobs

Recent Jobs

Job Posting: TEKSystems (Recruiter) Seeks PHP Web Application Developers (Tampa, FL)

Job Posting: Quinstreet, Inc. Seeks Sr. PHP Developer (Foster City, CA)

Job Posting: WideEye Interactive/Moroch Advertising Seeks Web Developer (Dallas, TX)

Job Posting: Project People Ltd (Recruiter) Seeks PHP Developer (Paris, France)

Job Posting: Snelling (Recruiter) Seeks Web Programmer (Boston, MA)

Job Posting: Veedow Seeks Senior PHP Developer/Architect (London, UK)

Job Posting: Apex Systems (Recruiter) Seeks PHP Web Developers (Tampa, FL)

Job Posting: WordStream Seeks Web Application Developer (Needham, MA)

Job Posting: JS Creative Seeks Web Developer (Atlanta, GA)

Job Posting: Kodak Graphic Communications Group Seeks PHP Application Developer (Stamford, CT)

News Archive

Till's Blog: ZendFramework (performance) II

Sebastian Bergmann's Blog: Freezing and Thawing PHP Objects

Jani Hartikainen's Blog: NetBeans 6.5 review (with PHP support)

Rob Allen's Blog: File uploads with Zend_Form_Element_File

PHPro.org: Calculate Friday The 13th With Datetime Class

Marco Tabini's Blog: It turns out, I was wrong

Community News: Latest PEAR Releases for 12.01.2008

Site News: Job Postings for the week of 11.23.2008

KillerPHP.com: Creating a Wordpress Theme from Scratch (Video)

Chris Hartjes' Blog: Handling Multiple Environments In Your PHP Application

Community News:
Avaya Products PHP Multiple Vulnerabilities

by Chris Cornutt November 06, 2007 @ 07:56:00

As mentioned in this new security advisory from Avaya, there's a risk that the PHP version included with their Messaging systems could provide a hole for a would-be attacker to gain access.

Issues have been reported in the following:

integer overflow vulnerabilities in the PHP gd extension
integer overflow vulnerability in the PHP chunk_split function
a security update has introduced a bug into PHP session cookie handling
vulnerability in the PHP money_format function
vulnerability in the PHP wordwrap function
vulnerability in PHP session cookie handling
vulnerability in the PHP gc extension

The advisory contains links to more information from RedHat on these issues and includes a list of systems effected as well as recommended actions to take.

0 comments voice your opinion now!
secunia advisory avaya security messaging secunia advisory avaya security messaging

Similar Posts

Codewalkers.com: New Tutorial - Coding \"Best Practices\" - or at least \"Better Practices\"

Secunia.com: Debian update for PHP5

Community News: WordPress 2.0.6 Released to Resolve Security Issues

Hardened-PHP Project: Advisory - phpMyAdmin Multiple CSRF Vulnerabilities

Trevor Lowing\'s Blog: Cluesheet - Tips for PHP Developers

Community Events

Don't see your event here?
Let us know!

All content copyright, 2008 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework