Buffer overflow in the php_stream_filter_create function in PHP 5 before 5.2.1 allows remote attackers to cause a denial of service (application crash) via a php://filter/ URL that has a name ending in the ‘.’ character.
secunia.com/advisories/25056
secunia.com/advisories/25057
secunia.com/advisories/25062
www.debian.org/security/2007/dsa-1283
www.novell.com/linux/security/advisories/2007_32_php.html
www.php-security.org/MOPB/MOPB-42-2007.html
www.securityfocus.com/bid/23237
www.ubuntu.com/usn/usn-455-1
exchange.xforce.ibmcloud.com/vulnerabilities/33729