CVE-2011-1938

Published: May 31, 2011

Modified: Aug 6, 2024

PUBLISHED

Description

Stack-based buffer overflow in the socket_connect function in ext/sockets/sockets.c in PHP 5.3.3 through 5.3.6 might allow context-dependent attackers to execute arbitrary code via a long pathname for a UNIX socket.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://svn.php.net/viewvc?view=revision&revision=311369

x_refsource_CONFIRM

HPSBOV02763

vendor-advisory

x_refsource_HP

http://support.apple.com/kb/HT5130

x_refsource_CONFIRM

49241

vdb-entry

x_refsource_BID

MDVSA-2011:165

vendor-advisory

x_refsource_MANDRIVA

[oss-security] 20110524 Re: CVE request: PHP socket_connect() - stack buffer overflow

mailing-list

x_refsource_MLIST

DSA-2399

vendor-advisory

x_refsource_DEBIAN

http://svn.php.net/viewvc/php/php-src/trunk/ext/sockets/sockets.c?r1=311369&r2=311368&pathrev=311369

x_refsource_CONFIRM

APPLE-SA-2012-02-01-1

vendor-advisory

x_refsource_APPLE

72644

vdb-entry

x_refsource_OSVDB

SSRT100826

vendor-advisory

x_refsource_HP

8294

third-party-advisory

x_refsource_SREASON

17318

exploit

x_refsource_EXPLOIT-DB

RHSA-2011:1423

vendor-advisory

x_refsource_REDHAT

http://www.php.net/ChangeLog-5.php#5.3.7

x_refsource_CONFIRM

8262

third-party-advisory

x_refsource_SREASON

http://www.php.net/archive/2011.php#id2011-08-18-1

x_refsource_CONFIRM

[oss-security] 20110523 CVE request: PHP socket_connect() - stack buffer overflow

mailing-list

x_refsource_MLIST

php-socketconnect-bo(67606)

vdb-entry

x_refsource_XF

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2011-1938

Description

Affected Products

References