Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: [SECURITY] [DSA 729-1] New PHP4 packages fix denial of service
From: John GALLET <john.gallet () wanadoo fr>
Date: Fri, 27 May 2005 10:24:43 +0200 (CEST)

Hi there,


An iDEFENSE researcher discovered two problems in the image processing
functions of PHP, a server-side, HTML-embedded scripting language, of
which one is present in woody as well.  When reading a JPEG image, PHP
can be tricked into an endless loop due to insufficient input
validation.

I don't see anything in the latest change logs, could anyone please point
me to more information about this error ? Is it located in the GD php
extension ?

Sincerely,
JG



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]