According to: http://security.e-matters.de/advisories/012002.html
"Finally I want to mention that most of these vulnerabilities are exploitable only on linux or solaris. But the heap off by one is only exploitable on x86 architecture and the arbitrary heap overflow in PHP3 is exploitable on most OS and architectures. (This includes *BSD) " This means non-linux platforms are also affected. (Windows included) -Rob Z. -----Original Message----- From: Julio Nobrega Trabalhando [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 27, 2002 4:13 PM To: [EMAIL PROTECTED] Subject: [PHP] Re: Did everybody see the security warning at php.net? Yes :-) http://www1.dshield.org/pipermail/vuln/2002-February/000007.html http://developers.slashdot.org/article.pl?sid=02/02/27/1845238&mode=thread&t id=169 http://security.e-matters.de/advisories/012002.html http://www.newsbytes.com/news/02/174818.html Doesn't affect Windows, right? -- Julio Nobrega. Um dia eu chego lá: http://sourceforge.net/projects/toca Ajudei? Salvei? Que tal um presentinho? http://www.submarino.com.br/wishlistclient.asp?wlid=664176742884 "Robert V. Zwink" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > http://www.php.net/ > > [27-Feb-2002] Due to a security issue found in all versions of PHP > (including 3.x and 4.x), a new version of PHP has been released. Details > about the security issue are available here. All users of PHP are strongly > encouraged to either upgrade to PHP 4.1.2, or install the patch (available > for PHP 3.0.18, 4.0.6 and 4.1.0/4.1.1). > > http://security.e-matters.de/advisories/012002.html > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
