QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2006-1490

Back to search

CVE-2006-1490

Published: Mar 29, 2006

Modified: Aug 7, 2024

PUBLISHED

Description

PHP before 5.1.3-RC1 might allow remote attackers to obtain portions of memory via crafted binary data sent to a script that processes user input in the html_entity_decode function and sends the encoded results back to the client, aka a "binary safety" issue. NOTE: this issue has been referred to as a "memory leak," but it is an information leak that discloses memory contents.

VendorProductVersions

n/a

n/a

affected
n/a

References

MDKSA-2006:063
vendor-advisory
x_refsource_MANDRIVA
oval:org.mitre.oval:def:11084
vdb-entry
signature
x_refsource_OVAL
ADV-2006-4750
vdb-entry
x_refsource_VUPEN
19499
third-party-advisory
x_refsource_SECUNIA
17296
vdb-entry
x_refsource_BID
20210
third-party-advisory
x_refsource_SECUNIA
RHSA-2006:0276
vendor-advisory
x_refsource_REDHAT
GLSA-200605-08
vendor-advisory
x_refsource_GENTOO
19570
third-party-advisory
x_refsource_SECUNIA
19383
third-party-advisory
x_refsource_SECUNIA
USN-320-1
vendor-advisory
x_refsource_UBUNTU
23155
third-party-advisory
x_refsource_SECUNIA
19979
third-party-advisory
x_refsource_SECUNIA
20951
third-party-advisory
x_refsource_SECUNIA
21125
third-party-advisory
x_refsource_SECUNIA
19832
third-party-advisory
x_refsource_SECUNIA
APPLE-SA-2006-11-28
vendor-advisory
x_refsource_APPLE
TA06-333A
third-party-advisory
x_refsource_CERT
20052
third-party-advisory
x_refsource_SECUNIA
2006-0020
vendor-advisory
x_refsource_TRUSTIX
ADV-2006-2685
vdb-entry
x_refsource_VUPEN
SUSE-SA:2006:024
vendor-advisory
x_refsource_SUSE
ADV-2006-1149
vdb-entry
x_refsource_VUPEN

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now