Disputed / BOGUS

PHP 5.6.4 CORE Uninitialized pointer read

Published
Credit
Risk
2015.01.09
internot
Low
CWE
CVE
Local
Remote
N/A
N/A
Yes
No

Hi,

In /ext/standard/url_scanner_ex.re, there is an uninitialized pointer read:

54 char *lasts;

[..]

72 for (key = php_strtok_r(tmp, ",", &lasts);



Thanks,

References:

http://git.php.net/?p=php-src.git;a=commit;h=f3ea1b0b6a42a08093bf9191ad76fb4b5e0a653b
https://bugs.php.net/bug.php?id=68694&edit=2


See this note in RAW Version

 
Bugtraq RSS
Bugtraq
 
CVE RSS
CVEMAP
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn


Copyright 2017, cxsecurity.com