SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   Cute PHP Library Vendors:   meindlSOFT
Cute PHP Library (cphplib) May Incorrectly Validate Parameters
SecurityTracker Alert ID:  1011076
SecurityTracker URL:  http://securitytracker.com/id/1011076
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Aug 27 2004
Impact:   Modification of user information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 0.46 and prior versions
Description:   A vulnerability was reported in the Cute PHP Library (cphplib). The library may incorrectly validate certain parameters.

The vendor reported that some of the library functions to validate parameters (e.g., password, e-mail address, phone number) contains flawed regular expression statements. The library's validation functions may not perform properly and may validate parameter contents that are invalid.

Applications that use the library may be adversely affected if using the validation functions for security relevant processing. The specific impact depends on the application using the affected functions.

The flaw resides in 'cphplib.inc'.

Impact:   An application that uses the library may be adversely affected if using the validation functions for security relevant processing. The specific impact depends on how the application uses the affected functions.
Solution:   The vendor has released a fixed version (0.47), available at:

http://www.meindlsoft.com/cphplib_download.php

Vendor URL:  www.meindlsoft.com/cphplib.php (Links to External Site)
Cause:   State error
Underlying OS:  Linux (Any), UNIX (Any), Windows (Any)

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC