1
PublicDateAtUSN: 2011-03-19
2
Candidate: CVE-2011-0421
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0421
6
https://usn.ubuntu.com/usn/usn-1126-1
8
The _zip_name_locate function in zip_name_locate.c in the Zip extension in
9
PHP before 5.3.6 does not properly handle a ZIPARCHIVE::FL_UNCHANGED
10
argument, which might allow context-dependent attackers to cause a denial
11
of service (NULL pointer dereference) via an empty ZIP archive that is
12
processed with a (1) locateName or (2) statName operation.
15
sbeattie> php 5.1 in dapper did not include the zip library
17
http://bugs.php.net/bug.php?id=53885
18
https://bugzilla.redhat.com/show_bug.cgi?id=688735
20
Discovered-by: Maksymilian Arciemowicz
24
upstream: http://svn.php.net/viewvc/?view=revision&revision=307867
25
upstream_php5: released (5.3.6)
26
dapper_php5: not-affected
27
hardy_php5: released (5.2.4-2ubuntu5.15)
28
karmic_php5: released (5.2.10.dfsg.1-2ubuntu6.9)
29
lucid_php5: released (5.3.2-1ubuntu4.8)
30
maverick_php5: released (5.3.3-1ubuntu9.4)
31
natty_php5: released (5.3.5-1ubuntu7.1)
32
oneiric_php5: not-affected (5.3.6-11ubuntu1)
33
precise_php5: not-affected (5.3.6-11ubuntu1)
34
quantal_php5: not-affected (5.3.6-11ubuntu1)
35
raring_php5: not-affected (5.3.6-11ubuntu1)
36
devel_php5: not-affected (5.3.6-11ubuntu1)
39
upstream: http://hg.nih.at/libzip/?fd=13654bfdc88c;file=lib/zip_name_locate.c
40
upstream_libzip: released (0.10)
42
hardy_libzip: ignored (reached end-of-life)
43
karmic_libzip: ignored (reached end-of-life)
44
lucid_libzip: ignored (reached end-of-life)
45
maverick_libzip: ignored (reached end-of-life)
46
natty_libzip: ignored (reached end-of-life)
47
oneiric_libzip: ignored (reached end-of-life)
48
precise_libzip: not-affected (0.10-1)
49
quantal_libzip: not-affected (0.10-1)
50
raring_libzip: not-affected (0.10-1)
51
devel_libzip: not-affected (0.10-1)