Max Spelsberg

**Name of the Vulnerable Software and Affected Versions** PHP versions prior to 5.4.42 PHP versions 5.5.x prior to 5.5.26 PHP versions 5.6.x prior to 5.6.10 **Description** The issue is caused by an integer overflow in the `ftp genlist` function, allowing remote FTP servers to execute arbitrary code via a long reply to a LIST command. This leads to a heap-based buffer overflow. The estimated number of potentially affected devices worldwide is not specified. **Recommendations** For PHP versions prior to 5.4.42, update to version 5.4.42 or later. For PHP versions 5.5.x prior to 5.5.26, update to version 5.5.26 or later. For PHP versions 5.6.x prior to 5.6.10, update to version 5.6.10 or later.

**Name of the Vulnerable Software and Affected Versions** PHP versions prior to 5.4.41 PHP versions 5.5.x prior to 5.5.25 PHP versions 5.6.x prior to 5.6.9 **Description** The issue is related to an integer overflow in the `ftp genlist` function, which can be exploited by remote FTP servers. This can lead to a heap-based buffer overflow, allowing the execution of arbitrary code via a long reply to a LIST command. **Recommendations** For PHP versions prior to 5.4.41, update to version 5.4.41 or later. For PHP versions 5.5.x prior to 5.5.25, update to version 5.5.25 or later. For PHP versions 5.6.x prior to 5.6.9, update to version 5.6.9 or later.