oss-sec mailing list archives

Re: CVE request: is_a() function may allow arbitrary code execution in PHP 5.3.7/5.3.8

From: Pierre Joye <pierre.php () gmail com>
Date: Sun, 25 Sep 2011 19:22:19 +0200

On Sun, Sep 25, 2011 at 6:38 PM, Rasmus Lerdorf <rasmus () php net> wrote:

So
are we talking about the tiny number of people who have explicitly
enabled allow_url_include and are running the code with this bad autoloader?


Yes, and that's why it is a very very minor problem. However it was
not happening before the code change. The few cases where the class
names&co have been sanitize before and the developer did not think
about cases like the one describe in the blog post. I think it is even
more rare combination, but it was not happening before our change.


-- 
Pierre

@pierrejoye | http://blog.thepimp.net | http://www.libgd.org

Current thread:

CVE request: is_a() function may allow arbitrary code execution in PHP 5.3.7/5.3.8 Vincent Danen (Sep 24)
- Re: CVE request: is_a() function may allow arbitrary code execution in PHP 5.3.7/5.3.8 Stas Malyshev (Sep 25)
  - Re: CVE request: is_a() function may allow arbitrary code execution in PHP 5.3.7/5.3.8 Pierre Joye (Sep 25)
    - Re: CVE request: is_a() function may allow arbitrary code execution in PHP 5.3.7/5.3.8 Stas Malyshev (Sep 25)
    - Re: CVE request: is_a() function may allow arbitrary code execution in PHP 5.3.7/5.3.8 Pierre Joye (Sep 25)
    - Re: CVE request: is_a() function may allow arbitrary code execution in PHP 5.3.7/5.3.8 Stas Malyshev (Sep 25)
    - Re: CVE request: is_a() function may allow arbitrary code execution in PHP 5.3.7/5.3.8 Pierre Joye (Sep 25)
    - RE: CVE request: is_a() function may allow arbitrary code execution in PHP 5.3.7/5.3.8 Zeev Suraski (Sep 25)
    - Re: CVE request: is_a() function may allow arbitrary code execution in PHP 5.3.7/5.3.8 Pierre Joye (Sep 25)
    - Re: CVE request: is_a() function may allow arbitrary code execution in PHP 5.3.7/5.3.8 Rasmus Lerdorf (Sep 25)
    - Re: CVE request: is_a() function may allow arbitrary code execution in PHP 5.3.7/5.3.8 Pierre Joye (Sep 25)
    - Re: Re: CVE request: is_a() function may allow arbitrary code execution in PHP 5.3.7/5.3.8 Vincent Danen (Sep 26)
    - Re: Re: CVE request: is_a() function may allow arbitrary code execution in PHP 5.3.7/5.3.8 Johannes Schlüter (Sep 26)
    - Re: Re: CVE request: is_a() function may allow arbitrary code execution in PHP 5.3.7/5.3.8 Pierre Joye (Sep 26)
- Re: CVE request: is_a() function may allow arbitrary code execution in PHP 5.3.7/5.3.8 Pierre Joye (Sep 25)
- Re: CVE request: is_a() function may allow arbitrary code execution in PHP 5.3.7/5.3.8 Josh Bressers (Sep 27)