FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

php5 -- Heap based buffer overflow in quoted_printable_encode

Affected packages
php5 < 5.4.16
php53 < 5.3.26

Details

VuXML ID 59e7163c-cf84-11e2-907b-0025905a4770
Discovery 2013-06-06
Entry 2013-06-07

The PHP development team reports:

A Heap-based buffer overflow flaw was found in the php quoted_printable_encode() function. A remote attacker could use this flaw to cause php to crash or execute arbirary code with the permission of the user running php

References

CVE Name CVE-2013-2110
URL https://bugzilla.redhat.com/show_bug.cgi?id=964969