[security-alerts] FW: [SA22653] PHP "htmlentities()" and "htmlspecialchars()" Buffer Overflows

["Kazennov, Vladimir" <Vladimir.Kazennov@xxxxxxxxxx>]

> ----------------------------------------------------------------------
> 
> TITLE:
> PHP "htmlentities()" and "htmlspecialchars()" Buffer Overflows
> 
> SECUNIA ADVISORY ID:
> SA22653
> 
> VERIFY ADVISORY:
> http://secunia.com/advisories/22653/
> 
> CRITICAL:
> Highly critical
> 
> IMPACT:
> DoS, System access
> 
> WHERE:
> From remote
> 
> SOFTWARE:
> PHP 4.0.x
> http://secunia.com/product/1655/
> PHP 4.1.x
> http://secunia.com/product/1654/
> PHP 4.2.x
> http://secunia.com/product/105/
> PHP 4.3.x
> http://secunia.com/product/922/
> PHP 4.4.x
> http://secunia.com/product/5768/
> PHP 5.0.x
> http://secunia.com/product/3919/
> PHP 5.1.x
> http://secunia.com/product/6796/
> 
> DESCRIPTION:
> Some vulnerabilities have been reported in PHP, which can be
> exploited by malicious people to cause a DoS (Denial of Service) or
> potentially compromise a vulnerable system.
>  
> The vulnerabilities are caused due to boundary errors within the
> "htmlentities()" and "htmlspecialchars()" functions. If a PHP
> application uses these functions to process user-supplied input, this
> can be exploited to cause buffer overflows by passing specially
> crafted data to the affected application.
> 
> Successful exploitation may allow execution of arbitrary code.
> 
> SOLUTION:
> Fixes are available in the CVS repository.
> 
> PROVIDED AND/OR DISCOVERED BY:
> Stefan Esser
> 
> ORIGINAL ADVISORY:
> http://www.ubuntu.com/usn/usn-375-1
>