ID CVE-2007-1886
Summary Integer overflow in the str_replace function in PHP 4.4.5 and PHP 5.2.1 allows context-dependent attackers to have an unknown impact via a single character search string in conjunction with a single character replacement string, which causes an "off by one overflow."
References
Vulnerable Configurations
  • cpe:2.3:a:php:php:4.4.5:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:4.4.5:*:*:*:*:*:*:*
  • cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*
CVSS
Base: 6.8 (as of 29-07-2017 - 01:31)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:P
refmap via4
hp
  • HPSBMA02215
  • HPSBTU02232
  • SSRT071423
  • SSRT071429
misc http://www.php-security.org/MOPB/MOPB-39-2007.html
secunia
  • 25423
  • 25850
vupen
  • ADV-2007-1991
  • ADV-2007-2374
xf php-strreplace-single-unspecified(33768)
statements via4
contributor Joshua Bressers
lastmodified 2007-11-30
organization Red Hat
statement We do not consider this flaw to be a security issue as it is only exploitable by the script author. No trust boundary is crossed. For more information please see: https://bugzilla.redhat.com/show_bug.cgi?id=mopb#c37
Last major update 29-07-2017 - 01:31
Published 06-04-2007 - 01:19
Last modified 29-07-2017 - 01:31
Back to Top