Skip to content
Commit 8d50adfe authored by Yue Tao's avatar Yue Tao Committed by Martin Jansa
Browse files

modphp: Security Advisory - php - CVE-2014-3597 

Multiple buffer overflows in the php_parserr function in
ext/standard/dns.c in PHP before 5.4.32 and 5.5.x before 5.5.16 allow
remote DNS servers to cause a denial of service (application crash) or
possibly execute arbitrary code via a crafted DNS record, related to the
dns_get_record function and the dn_expand function. NOTE: this issue
exists because of an incomplete fix for CVE-2014-4049.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3597



Signed-off-by: default avatarYue Tao <Yue.Tao@windriver.com>
Signed-off-by: default avatarMartin Jansa <Martin.Jansa@gmail.com>
parent 700078d6
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment