Rapid7 Vulnerability & Exploit Database

SUSE-SA:2006:031: php4,php5 problems

Free InsightVM Trial No credit card necessary

Watch Demo See how it all works

Back to Search

SUSE-SA:2006:031: php4,php5 problems

Severity

CVSS

(AV:N/AC:M/Au:N/C:C/I:C/A:C)

Published

06/14/2006

Created

07/25/2018

Added

06/20/2006

Modified

11/18/2015

Description

zend_hash_del_key_or_index in zend_hash.c in PHP before 4.4.3 and 5.x before 5.1.3 can cause zend_hash_del to delete the wrong element, which prevents a variable from being unset even when the PHP unset function is called, which might cause the variable's value to be used in security-relevant operations.

Solution(s)

References

https://attackerkb.com/topics/cve-2006-1990
APPLE-SA-2006-11-28
17843
18294
TA06-333A
CVE - 2006-1990
CVE - 2006-1991
CVE - 2006-2906
CVE - 2006-3017
DSA-1117
DSA-1206
MDKSA-2006:091
25255
26466
OVAL10118
OVAL9696
RHSA-2006:0501
RHSA-2006:0549
RHSA-2006:0567
RHSA-2006:0568
20060701-01-U
SUSE-SA:2006:031
SUSE-SA:2006:034
http://docs.info.apple.com/article.html?artnum=304829
http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:091
http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:112
http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:113
http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:122
http://securityreason.com/securityalert/1067
http://support.avaya.com/elmodocs2/security/ASA-2006-160.htm
http://support.avaya.com/elmodocs2/security/ASA-2006-175.htm
http://www.debian.org/security/2006/dsa-1117
http://www.frsirt.com/english/advisories/2006/1500
http://www.frsirt.com/english/advisories/2006/2174
http://www.frsirt.com/english/advisories/2006/4750
http://www.infigo.hr/en/in_focus/advisories/INFIGO-2006-04-02
http://www.mandriva.com/security/advisories?name=MDKSA-2006:112
http://www.mandriva.com/security/advisories?name=MDKSA-2006:113
http://www.mandriva.com/security/advisories?name=MDKSA-2006:122
http://www.novell.com/linux/security/advisories/2006_31_php.html
http://www.securityfocus.com/archive/1/436132
http://www.securityfocus.com/archive/1/archive/1/447866/100/0/threaded
http://www.trustix.org/errata/2006/0038
http://www.ubuntu.com/usn/usn-320-1
http://www.ubuntulinux.org/support/documentation/usn/usn-298-1
https://issues.rpath.com/browse/RPL-683
https://issues.rpath.com/browse/RPL-939
26001
26003
26976
27396

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;