Launchpad.net

CVE 2008-1384

Integer overflow in PHP 5.2.5 and earlier allows context-dependent attackers to cause a denial of service and possibly have unspecified other impact via a printf format parameter with a large width specifier, related to the php_sprintf_appendstring function in formatted_print.c and probably other functions for formatted strings (aka *printf functions).

Related bugs and status

CVE-2008-1384 (Candidate) is related to these bugs:

Bug #227464: Please roll out security fixes from PHP 5.2.6

		In	Importance	Status
227464	Please roll out security fixes from PHP 5.2.6	php5 (Ubuntu)	Undecided	Fix Released
227464	Please roll out security fixes from PHP 5.2.6	php5 (Debian)	Unknown	Fix Released
227464	Please roll out security fixes from PHP 5.2.6	Hardy Backports	Undecided	Invalid
227464	Please roll out security fixes from PHP 5.2.6	php5 (Ubuntu Hardy)	Undecided	Fix Released
227464	Please roll out security fixes from PHP 5.2.6	php5 (Ubuntu Dapper)	Undecided	Fix Released
227464	Please roll out security fixes from PHP 5.2.6	php5 (Ubuntu Feisty)	Undecided	Fix Released
227464	Please roll out security fixes from PHP 5.2.6	php5 (Ubuntu Gutsy)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

SREASONRES: 20080320 PHP 5.2.5 and...
BID: 28392
CONFIRM: http://wiki.rpath.com/...
CONFIRM: https://issues.rpath.c...
SECUNIA: 30345
CONFIRM: http://wiki.rpath.com/...
SECUNIA: 30411
SUSE: SUSE-SR:2008:014
SECUNIA: 30967
UBUNTU: USN-628-1
SECUNIA: 31200
DEBIAN: DSA-1572
SECUNIA: 30158
MANDRIVA: MDVSA-2009:022
MANDRIVA: MDVSA-2009:023
GENTOO: GLSA-200811-05
SECUNIA: 32746
CONFIRM: http://cvs.php.net/vie...
XF: php-phpsprintfappendst...
BUGTRAQ: 20080321 {securityreas...
BUGTRAQ: 20080523 rPSA-2008-017...
BUGTRAQ: 20080527 rPSA-2008-017...