Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2008-5557
Description:Heap-based buffer overflow in ext/mbstring/libmbfl/filters/mbfilter_htmlent.c in the mbstring extension in PHP 4.3.0 through 5.2.6 allows context-dependent attackers to execute arbitrary code via a crafted string containing an HTML entity, which is not properly handled during Unicode conversion, related to the (1) mb_convert_encoding, (2) mb_check_encoding, (3) mb_convert_variables, and (4) mb_parse_str functions.
Test IDs:  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2008-5557
BugTraq ID: 32948
Bugtraq: 20090302 rPSA-2009-0035-1 php php-cgi php-imap php-mcrypt php-mysql php-mysqli php-pgsql php-soap php-xsl php5 php5-cgi php5-imap php5-mcrypt php5-mysql php5-mysqli php5-pear php5-pgsql php5-soap php5-xsl (Google Search)
Cert/CC Advisory: TA09-133A
Debian Security Information: DSA-1789 (Google Search)
HPdes Security Advisory: HPSBMA02492
HPdes Security Advisory: HPSBUX02431
HPdes Security Advisory: HPSBUX02465
HPdes Security Advisory: SSRT090085
HPdes Security Advisory: SSRT090192
HPdes Security Advisory: SSRT100079
RedHat Security Advisories: RHSA-2009:0350
SuSE Security Announcement: SUSE-SR:2009:004 (Google Search)
SuSE Security Announcement: SUSE-SR:2009:008 (Google Search)
XForce ISS Database: php-multibyte-bo(47525)

© 1998-2021 E-Soft Inc. All rights reserved.