CVE-2008-2050

Publication date 5 May 2008

Last updated 24 July 2024

Ubuntu priority

Low

Why this priority?

Stack-based buffer overflow in the FastCGI SAPI (fastcgi.c) in PHP before 5.2.6 has unknown impact and attack vectors.

Read the notes from the security team

Status

No maintained releases are affected by this CVE.

Package Ubuntu Release Status
php5 8.04 LTS hardy
Fixed 5.2.4-2ubuntu5.3
7.10 gutsy
Fixed 5.2.3-1ubuntu6.4
7.04 feisty
Fixed 5.2.1-0ubuntu1.6
6.06 LTS dapper
Not affected

Notes

jdstrand

from redhat bug: Since the FastCGI server is local trusted code and not under the control of an attacker Dapper not affected (code does not exist)

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package Patch details
php5

References

Related Ubuntu Security Notices (USN)

Other references