Fwd: CVE-2010-0397: NULL pointer dereference in PHP's xmlrpc extension

0 views
Skip to first unread message

Oscar Bacelar

unread,
Mar 12, 2010, 2:11:15 PM3/12/10
to ph...@googlegroups.com, phpri...@googlegroups.com


---------- Forwarded message ----------
From: Raphael Geissert <geis...@debian.org>
Date: 2010/3/12
Subject: CVE-2010-0397: NULL pointer dereference in PHP's xmlrpc extension
To: secu...@php.net


Hi,

At http://bugs.debian.org/573573 it has been reported a NULL pointer
dereference in the xmlrpc extension, in a call to estrdup[1]. This bug can at
least be used to perform DoS attacks.

Looking at the code, I can see multiple, similarly affected, calls.

For tracking purposes (and hoping nobody else has run and assigned one
themselves) I've assigned CVE-2010-0397.

[1]
Z_STRVAL_P(method_name_out) = estrdup(XMLRPC_RequestGetMethodName(response));

Kind regards,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net

signature.asc
Reply all
Reply to author
Forward
0 new messages