PHP Group Plugs Security Holes

The flaws addressed in the PHP 4.4.1 update are rated "moderately critical" and can put users at risk of cross-site scripting attacks.

The open-source PHP Group has shipped a new version of the general-purpose scripting language to fix several potentially serious security vulnerabilities.

The flaws addressed in the PHP 4.4.1 update are rated "moderately critical" by security alerts aggregator Secunia Inc.

In a notice to users, the PHP Development Team said the patch corrects seven flaws and 35 other defects.

The most serious of the bugs could be exploited by malicious hackers to launch cross-site scripting attacks, bypass certain security restrictions, and potentially compromise a vulnerable system.

The patch corrects an error where the "GLOBALS" array is not properly protected.

It can be exploited to define global variables by sending a "multipart/form-data" POST request with a specially crafted file upload field, or via a script calling a certain PHP function.

According to the advisory, successful exploitation may open up for vulnerabilities in various applications.

The PHP update also fixes an error in the handling of an unexpected termination in the "parse_str()" PHP function and an integer overflow error in "pcrelib" that can be exploited to cause a memory corruption.

Successful exploitation may allow execution of arbitrary code, the Group warned.

PHP, a project of the Apache Software Foundation, ships standard with a number of Web servers, including Red Hat Linux.

The programming language has enjoyed phenomenal growth since its creation in 1995 and can be found on more than 22 million domains, according to statistics from Netcraft.

PHP users are strongly urged to update to version 4.4.1.


Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Security Center Editor Larry Seltzers Weblog.