Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Fedora 10: 2009-3768 Critical: PHP Buffer Overflow And DoS

fedora
Calendar Grey May 29, 2009
Dist Fedora Esm H88
The PHP 5.2.9 release resolves several security issues such as buffer overflow risks and memory exposure flaws, now available for Fedora 10.
Update to PHP 5.2.9 A heap-based buffer overflow flaw was found in PHP's mbstring extension

Summary

ManiaDrive is an arcade car game on acrobatic tracks, with a quick and nervous

gameplay (tracks almost never exceed one minute). Features: Complex car

physics, Challenging "story mode", LAN and Internet mode, Live scores,

Track editor, Dedicated server with HTTP interface and More than 30 blocks.

Update Information:

Update to PHP 5.2.9 A heap-based buffer overflow flaw was found in PHP's mbstring extension. A remote attacker able to pass arbitrary input to a PHP script using mbstring conversion functions could cause the PHP interpreter to crash or, possibly, execute arbitrary code. (CVE-2008-5557) A directory traversal flaw was found in PHP's ZipArchive::extractTo function. If PHP is used to extract a malicious ZIP archive, it could allow an attacker to write arbitrary files anywhere the PHP process has write permissions. (CVE-2008-5658) A buffer overflow flaw was found in PHP's imageloadfont function. If a PHP script allowed a remote attacker to load a carefully crafted font file, it could cause the PHP interpreter to crash or, possibly, execute arbitrary code. (CVE-2008-3658) A memory disclosure flaw was found in the PHP gd extension's imagerotate function. A remote attacker able to pass arbitrary values as the "background color" argument of the function could, possibly, view portion...

Topics%20covered

Topics Covered

security advisory buffer overflow Fedora PHP update memory disclosure

Change Log

* Thu Apr 16 2009 Remi Collet - 1.2-13 - Rebuild for php 5.2.9 * Sun Feb 15 2009 Hans de Goede 1.2-12 - Fix maniadrive crashing with php 5.2.8 (and later) - Fix maniadrive triggering an assert in the latest ode * Wed Dec 17 2008 Hans de Goede 1.2-11 - Rebuild for new php version

References


[ 1 ] Bug #478425 - CVE-2008-5498 php: libgd imagerotate() array index error memory disclosure https://bugzilla.redhat.com/show_bug.cgi?id=478425 [ 2 ] Bug #494530 - CVE-2009-1271 php: crash on malformed input in json_decode() https://bugzilla.redhat.com/show_bug.cgi?id=494530 [ 3 ] Bug #459529 - CVE-2008-3658 php: buffer overflow in the imageloadfont function in gd extension https://bugzilla.redhat.com/show_bug.cgi?id=459529 [ 4 ] Bug #459572 - CVE-2008-3660 php: FastCGI module DoS via multiple dots preceding the extension https://bugzilla.redhat.com/show_bug.cgi?id=459572 [ 5 ] Bug #452808 - CVE-2008-2829 php: ext/imap legacy routine buffer overflow https://bugzilla.redhat.com/show_bug.cgi?id=452808 [ 6 ] Bug #474824 - CVE-2008-5658 php: ZipArchive::extractTo() Directory Traversal Vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=474824 [ 7 ] Bug #478848 - CVE-2008-5557 php: Heap-based buffer overflow in the mbs...

Read the Full Advisory

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update maniadrive' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
critical
Lowest
Low
Medium
High
Critical

Name: maniadrive
Product: Fedora 10
Version: 1.2
Release: 13.fc10
URL: http://maniadrive.raydium.org/
Summary: 3D stunt driving game

Topics%20covered

Topics Covered

security advisory buffer overflow Fedora PHP update memory disclosure

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here