cpe:/a:php:php:5.3.3 cpe:/a:php:php:5.3.4 cpe:/a:php:php:5.3.5 cpe:/a:php:php:5.3.6 CVE-2011-1938 2011-05-31T16:55:05.220-04:00 2017-08-16T21:34:28.277-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2011-06-01T14:25:00.000-04:00 EXPLOIT-DB 17318 BID 49241 OSVDB 72644 SREASON 8262 SREASON 8294 APPLE APPLE-SA-2012-02-01-1 DEBIAN DSA-2399 IAVM IAVM:2012-B-0056 MANDRIVA MDVSA-2011:165 REDHAT RHSA-2011:1423 HP SSRT100826 MLIST [oss-security] 20110523 CVE request: PHP socket_connect() - stack buffer overflow MLIST [oss-security] 20110524 Re: CVE request: PHP socket_connect() - stack buffer overflow CONFIRM http://support.apple.com/kb/HT5130 CONFIRM http://svn.php.net/viewvc/php/php-src/trunk/ext/sockets/sockets.c?r1=311369&r2=311368&pathrev=311369 CONFIRM http://svn.php.net/viewvc?view=revision&revision=311369 CONFIRM http://www.php.net/ChangeLog-5.php#5.3.7 CONFIRM http://www.php.net/archive/2011.php#id2011-08-18-1 XF php-socketconnect-bo(67606) Stack-based buffer overflow in the socket_connect function in ext/sockets/sockets.c in PHP 5.3.3 through 5.3.6 might allow context-dependent attackers to execute arbitrary code via a long pathname for a UNIX socket.