streuner
26-02-2010, 11:44
Package : php
Date : February 23, 2010
_______________________________________________________________________
Problem Description:
A vulnerability has been found and corrected in php:
PHP before 5.2.12 does not properly handle session data,
which has unspecified impact and attack vectors related to (1)
interrupt corruption of the SESSION superglobal array and (2) the
session.save_path directive (CVE-2009-4143).
Packages for 2008.0 are provided for Corporate Desktop 2008.0
customers.
The updated packages have been patched to correct this issue.
_______________________________________________________________________
References:
CVE - CVE-2009-4143 (under review) (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4143)
(Quelle: securityfocus.com)
mfg streuner
Date : February 23, 2010
_______________________________________________________________________
Problem Description:
A vulnerability has been found and corrected in php:
PHP before 5.2.12 does not properly handle session data,
which has unspecified impact and attack vectors related to (1)
interrupt corruption of the SESSION superglobal array and (2) the
session.save_path directive (CVE-2009-4143).
Packages for 2008.0 are provided for Corporate Desktop 2008.0
customers.
The updated packages have been patched to correct this issue.
_______________________________________________________________________
References:
CVE - CVE-2009-4143 (under review) (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4143)
(Quelle: securityfocus.com)
mfg streuner