Great Reviews!Need help setting up your website, installing Apache, PHP, MySQL, or PhpNuke?Need help customizing or designing scripts?Please contact me via the Contact Us option for further details and pricing.
DESCRIPTION: Several vulnerabilities have been reported in PHP. Some have unknown impacts, while others can be exploited to disclose potentially sensitive information or bypass certain security restrictions. Other issues which may be security related have also been reported.
NOTE: Some issues can be triggered remotely under certain circumstances.
1) The "safe_mode" and "open_basedir" protection mechanisms can be bypassed via the session extension.
2) Unspecified overflows can be exploited to cause a stack corruption in the session extension.
3) Stack overflows exist in the "zip", "imap", and "sqlite" extensions.
4) A boundary error within the stream filters can be exploited to cause a buffer overflow.
5) An unspecified overflow exist in the " tr_replace()" function.
6) An unspecified error in the wddx extension can be exploited to disclose potentially sensitive information.
7) An format string error exists in the *print() functions on 64-bit systems.
8) Boundary errors exist within the "mail()" and the "ibase_add_user()", "ibase_delete_user()", and "ibase_modify_user()" and can be exploited to cause buffer overflows.
9) An format string error exists in the odbc_result_all() function.
SOLUTION:
Update to version 4.4.5.
Update to version 5.2.1.
PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.
ORIGINAL ADVISORY: http://www.php.net/releases/5_2_1.php
Posted on Friday, February 09, 2007 @ 08:38:18 EST by Raven
![[Valid RSS]](http://ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
:: 
::
