Title: PHP 4.0.3 IMAP Module Buffer Overflow Vulnerability
Severity: HIGH
Description:
PHP is a freely available, open source web scripting language package. It is available for Microsoft Windows, Linux, and Unix operating systems.
A vulnerability has been discovered in PHP 4.0.3. The problem occurs in the imap module. It has been reported that a buffer overflow occurs in the imap_open() function due to insufficient sanitization of externally supplied data. The PHP imap_open() function is used to open a connection to a mail server and may potentially be utilized in various types of applications, including webmail systems.
It may be possible to exploit this issue to crash a vulnerable PHP application. Although it has not yet been confirmed it may also be possible to exploit this vulnerability to execute arbitrary code in the context of an application which uses the vulnerable function.
Affected Products:
- Debian Linux 2.2.0
- Debian Linux 2.2.0 68k
- Debian Linux 2.2.0 IA-32
- Debian Linux 2.2.0 alpha
- Debian Linux 2.2.0 arm
- Debian Linux 2.2.0 powerpc
- Debian Linux 2.2.0 sparc
- PHP PHP 4.0.3
- Sun Cobalt Control Station 4100CS
- Sun Cobalt Qube3 Japanese 4000WGJ
- Sun Cobalt Qube3 Japanese w/ Caching and RAID 4100WGJ
- Sun Cobalt Qube3 Japanese w/Caching 4010WGJ
- Sun Cobalt RaQ XTR 3500R
- Sun Cobalt RaQ XTR Japanese 3500R-ja
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
