PHP *_ecalloc* Integer Overflow Vulnerability Date: Thursday, October 05, 2006 @ 15:49:19 CDT Topic: Security SECUNIA ADVISORY ID: SA22280 VERIFY ADVISORY: http://secunia.com/advisories/22280/ CRITICAL: Moderately critical IMPACT: DoS, System access WHERE: >From remote SOFTWARE: PHP 5.1.x - http://secunia.com/product/6796/ DESCRIPTION: A vulnerability has been reported in PHP, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. The vulnerability is caused due to an integer overflow within the "_ecalloc" function. This can potentially be exploited to execute arbitrary code via specially crafted requests if a PHP script allocates memory based on attacker supplied data. SOLUTION: The vulnerability has been fixed in the CVS repository: http://cvs.php.net/viewvc.cgi/ZendEngine2/zend_alloc.c?r1=1.161&r2=1.162 PROVIDED AND/OR DISCOVERED BY: Disclosed via vendor CVS commit. ORIGINAL ADVISORY: http://cvs.php.net/viewvc.cgi/ZendEngine2/zend_alloc.c?r1=1.161&r2=1.162 This article comes from Ravens PHP Scripts https://www.ravenphpscripts.com The URL for this story is: https://www.ravenphpscripts.com/modules.php?name=News&file=article&sid=2434