Launchpad CVE tracker

CVE 2009-4018

The proc_open function in ext/standard/proc_open.c in PHP before 5.2.11 and 5.3.x before 5.3.1 does not enforce the (1) safe_mode_allowed_env_vars and (2) safe_mode_protected_env_vars directives, which allows context-dependent attackers to execute programs with an arbitrary environment via the env parameter, as demonstrated by a crafted value of the LD_LIBRARY_PATH environment variable.

Related bugs and status

CVE-2009-4018 (Candidate) is related to these bugs:

Bug #239513: [SRU] stack smashing detected when calling xmlrpc_set_type

		In	Importance	Status
239513	[SRU] stack smashing detected when calling xmlrpc_set_type	php5 (Ubuntu)	Undecided	Fix Released
239513	[SRU] stack smashing detected when calling xmlrpc_set_type	php	Unknown	Unknown
239513	[SRU] stack smashing detected when calling xmlrpc_set_type	php5 (Ubuntu Hardy)	Undecided	Fix Released
239513	[SRU] stack smashing detected when calling xmlrpc_set_type	php5 (Ubuntu Intrepid)	Undecided	Fix Released
239513	[SRU] stack smashing detected when calling xmlrpc_set_type	php5 (Ubuntu Jaunty)	Undecided	Fix Released

Bug #446313: [ffe] security upgrade to php 5.2.11

Summary				In	Importance	Status
	446313	[ffe] security upgrade to php 5.2.11		php5 (Ubuntu)	Wishlist	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2009-4018

References