News Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Community News:
Avaya Products PHP Multiple Vulnerabilities
November 06, 2007 @ 07:56:00

As mentioned in this new security advisory from Avaya, there's a risk that the PHP version included with their Messaging systems could provide a hole for a would-be attacker to gain access.

Issues have been reported in the following:

  • integer overflow vulnerabilities in the PHP gd extension
  • integer overflow vulnerability in the PHP chunk_split function
  • a security update has introduced a bug into PHP session cookie handling
  • vulnerability in the PHP money_format function
  • vulnerability in the PHP wordwrap function
  • vulnerability in PHP session cookie handling
  • vulnerability in the PHP gc extension

The advisory contains links to more information from RedHat on these issues and includes a list of systems effected as well as recommended actions to take.

0 comments voice your opinion now!
secunia advisory avaya security messaging secunia advisory avaya security messaging


blog comments powered by Disqus

Similar Posts

Hardened-PHP Project: Advisory - PHProjekt (Remote) Include Vulnerabilities

Christopher Kunz\'s Blog: Hardened-PHP Advisory 22/2005 - phpSysInfo

Smackdown Blog: Rackspace Hacked Clients, Check Your Databases: Wordpress "wp_optimize" Backdoor

Christian Wenz's Blog: SANS Top-20 Internet Security Attack Targets (2006 Annual Update)

PHP.net: PHP 5.3.2 Release Announcement


Community Events

Don't see your event here?
Let us know!


opinion laravel5 install example release podcast library framework voicesoftheelephpant unittest php7 introduction language extension series interview laravel api community xdebug

All content copyright, 2015 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework