1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
|
Candidate: CVE-2011-0755
PublicDate: 2011-02-02
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0755
Description:
Integer overflow in the mt_rand function in PHP before 5.3.4 might make it
easier for context-dependent attackers to predict the return values by
leveraging a script's use of a large max parameter, as demonstrated by a
value that exceeds mt_getrandmax.
Ubuntu-Description:
Notes:
mdeslaur> isn't a security issue...arguments are under script author's
mdeslaur> control. Marking as ignored.
Bugs:
Priority: low
Discovered-by:
Assigned-to:
Patches_php5:
upstream_php5: released (5.3.4)
dapper_php5: ignored
hardy_php5: ignored
karmic_php5: ignored
lucid_php5: ignored
maverick_php5: ignored
devel_php5: not-affected (5.3.5-1ubuntu1)
|