Home page logo

oss-sec logo oss-sec mailing list archives

CVE request for PHP 5.3.x Corrupted $_FILES indices lead to security concern
From: Kurt Seifried <kseifried () redhat com>
Date: Thu, 08 Mar 2012 13:56:26 -0700

Just looking through http://www.php.net/ChangeLog-5.php#5.4.0

Fixed bug #55500 (Corrupted $_FILES indices lead to security concern).

(still locked)

But the blog posting:


has details and it appears to be a security issue. I have emailed
security () php net twice, no response in a week so I'm sending the request
to OSS-sec.

Kurt Seifried Red Hat Security Response Team (SRT)

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]