PT-2006-3922 · Php+1 · Php+1

Stefan Esser

Publicado

2006-06-14

Atualizado

2018-10-30

CVE-2006-3017

CVSS v2.0

9.3

Alta

Vetor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions PHP versions prior to 4.4.3 PHP versions 5.x prior to 5.1.3

Description The issue is related to the zend hash del key or index function in zend hash.c, which can cause zend hash del to delete the wrong element. This prevents a variable from being unset even when the PHP unset function is called, potentially allowing the variable's value to be used in security-relevant operations.

Recommendations For PHP versions prior to 4.4.3, update to version 4.4.3 or later to resolve the issue. For PHP versions 5.x prior to 5.1.3, update to version 5.1.3 or later to resolve the issue.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2006-3017

DSA-1206-1

RHSA-2006:0568

RHSA-2006_0568

Produtos afetados

Php

Red Hat

PT-2006-3922 · Php+1 · Php+1

CVE-2006-3017

Identificadores relacionados

Produtos afetados

Referências · 50