There are several security vulnerabilities in PHP:1) A response-splitting issue was discovered in the PHP session handling;2) A buffer overflow was discovered in the PHP sscanf() function;3) An interger overflow was discovered in the PHP wordwrap() and str_repeat() functions; 4) A buffer overflow was discovered in the PHP gd extension; and5) A interger overflow was discovered in the PHP memory allocation handling. The risk is LOW. 1) A remote attacker can force a carefully crafted session identifier to be used, a cross-site-scripting or response-splitting attack could be possible;2) A remote attacker sending a carefully crafted request could execute arbitrary code as the 'apache' user;3) A remote attacker sending a carefully crafted request might be able to cause a heap overflow; and4) On 64-bit platforms, the "memory_limit" setting was not enforced correctly, which could allow a denial of service attacker by a remote user.
More...
