Re: [development] Fwd: [SECURITY] [DSA 1206-1] New php4 packages fix several vulnerabilities

6 Nov 2006

      CVE-2006-5465

   Stefan Esser discovered a buffer overflow in the htmlspecialchars()
   and htmlentities(), which might lead to the execution of arbitrary
   code.

check_plain and xmlrpc use htmlspecialchars.

Heine

Heine Deelstra