LinuxSecurity.com: Daniel Papasian discovered a stack-based buffer overflow in the apc_search_paths() function in APC that can be triggered when processing long filenames. A remote attacker could exploit this vulnerability to execute arbitrarty code in PHP applications that pass user-controlled input to the include() function. The updated packages have been patched to correct these issues.
More...