CVE-2011-0421

Priority
Description
The _zip_name_locate function in zip_name_locate.c in the Zip extension in
PHP before 5.3.6 does not properly handle a ZIPARCHIVE::FL_UNCHANGED
argument, which might allow context-dependent attackers to cause a denial
of service (NULL pointer dereference) via an empty ZIP archive that is
processed with a (1) locateName or (2) statName operation.
Assigned-to
mdeslaur
Notes
sbeattiephp 5.1 in dapper did not include the zip library
Package
Upstream:released (0.10)
Patches:
Upstream:http://hg.nih.at/libzip/?fd=13654bfdc88c;file=lib/zip_name_locate.c
Package
Source: php5 (LP Ubuntu Debian)
Upstream:released (5.3.6)
Patches:
Upstream:http://svn.php.net/viewvc/?view=revision&revision=307867
More Information

Updated: 2020-09-10 01:40:13 UTC (commit 81a23a978c4436cd99e1d040e9e73e9146876281)