[development] Fwd: [SECURITY] [DSA 1206-1] New php4 packages fix several vulnerabilities

Heine Deelstra hdeelstra at gmail.com
Mon Nov 6 21:30:44 UTC 2006

Previous message: [development] Fwd: [SECURITY] [DSA 1206-1] New php4 packages fix several vulnerabilities
Next message: [development] Custom email notification module
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

CVE-2006-5465

   Stefan Esser discovered a buffer overflow in the htmlspecialchars()
   and htmlentities(), which might lead to the execution of arbitrary
   code.

check_plain and xmlrpc use htmlspecialchars.

Heine

Previous message: [development] Fwd: [SECURITY] [DSA 1206-1] New php4 packages fix several vulnerabilities
Next message: [development] Custom email notification module
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the development mailing list