CERT-In Advisory CIAD-2008-41
Multiple vulnerabilities in PHP

Original issue date: August 20, 2008

Severity Rating: Medium

Systems Affected

• PHP versions prior to 4.4.9
  

Overview

Multiple vulnerabilities have been reported in PHP, since the application fails to perform adequate boundary checks on user-supplied data, which could be exploited by a remote attacker to cause Denial of Service.

1. imageloadfont function Buffer Overflow vulnerability
    (CVE-2008-3658 , CWE-119)

A Buffer Overflow vulnerability has been reported in the “ imageloadfont” function in “ ext/gd/gd.c” in PHP. A remote attacker can exploit this issue to cause a Denial of Service (crash) via a crafted font file.

2. memnstr function Buffer Overflow vulnerability
    (CVE-2008-3659 , CWE-119)

A Buffer Overflow vulnerability exists in the “memnsttr()” function in PHP. A remote attacker can exploit this issue to cause a Denial of Service (crash) via a delimiter argument to the explode function.

3. Denial of Service Vulnerability (CVE-2008-3660 , CWE-20)

Solution

Upgrade PHP to version 4.4.9
http://www.php.net/downloads.php#v4


Vendor Information

PHP
http://www.php.net/ChangeLog-4.php#4.4.9
http://news.php.net/php.cvs/52002


References

Secunia
http://secunia.com/advisories/31409/

Juniper Networks
http://www.juniper.net/security/auto/vulnerabilities/vuln30649.html

Gentoo Bugzilla
http://bugs.gentoo.org/show_bug.cgi?id=234102

Openwall
http://www.openwall.com/lists/oss-security/2008/08/08/2 http://www.openwall.com/lists/oss-security/2008/08/13/8

SANS
https://www.sans.org/newsletters/risk/display.php?v=7&i=33#08.33.45

CVE Name
CVE-2008-3658
CVE-2008-3659
CVE-2008-3660

CWE Name
CWE-119
CWE-20

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Contact Information

Phone: +91-11-24368572

Postal address

Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003