Mandriva Linux Security Advisory : php (MDVSA-2009:090)
Medium Nessus Plugin ID 37871
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionA vulnerability has been found and corrected in PHP :
The JSON_parser function (ext/json/JSON_parser.c) in PHP 5.2.x before 5.2.9 allows remote attackers to cause a denial of service (segmentation fault) via a malformed string to the json_decode API function (CVE-2009-1271).
The updated packages have been patched to correct these issues.
SolutionUpdate the affected packages.