[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [SECURITY] [DSA 729-1] New PHP4 packages fix denial of service

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: [SECURITY] [DSA 729-1] New PHP4 packages fix denial of service
From: John GALLET <john.gallet@xxxxxxxxxx>
Date: Fri, 27 May 2005 10:24:43 +0200 (CEST)

Hi there,


> An iDEFENSE researcher discovered two problems in the image processing
> functions of PHP, a server-side, HTML-embedded scripting language, of
> which one is present in woody as well.  When reading a JPEG image, PHP
> can be tricked into an endless loop due to insufficient input
> validation.

I don't see anything in the latest change logs, could anyone please point
me to more information about this error ? Is it located in the GD php
extension ?

Sincerely,
JG

References:
- [SECURITY] [DSA 729-1] New PHP4 packages fix denial of service
  - From: Martin Schulze

Prev by Date: Citrix security contact
Next by Date: RE: ACROS Security: HTML Injection in BEA WebLogic Server Console (2)
Previous by thread: [SECURITY] [DSA 729-1] New PHP4 packages fix denial of service
Next by thread: Alwil Software Avast Antivirus Device Driver Memory Overwrite Vulnerability
Index(es):
- Date
- Thread