[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Savannah-hackers] PHP3 vulnerability

From: Jaime E . Villate
Subject: Re: [Savannah-hackers] PHP3 vulnerability
Date: Fri, 1 Mar 2002 10:53:01 +0000
User-agent: Mutt/1.2.5i

On Thu, Feb 28, 2002 at 09:47:13AM +0100, Loic Dachary wrote:
> Mark H. Weaver writes:
>  >    
>  >    PHP 3.10-3.18
>  >    
>  >       - broken boundary check    (hard to exploit)
>  >       - arbitrary heap overflow  (easy exploitable)
>  >    
>       This is us. I'm running a dist-upgrade on savannah + apply the
> fix + re-install from sources. Thanks a lot for the warning.
If I understood the security advisory correctly, we were not in danger because
we do not use web forms for file uploads. But it is good that you have
upgraded to the new version anyway.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]