ID CVE-2007-1889
Summary Integer signedness error in the _zend_mm_alloc_int function in the Zend Memory Manager in PHP 5.2.0 allows remote attackers to execute arbitrary code via a large emalloc request, related to an incorrect signed long cast, as demonstrated via the HTTP SOAP client in PHP, and via a call to msg_receive with the largest positive integer value of maxsize.
References
Vulnerable Configurations
  • cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 29-07-2017 - 01:31)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
refmap via4
bid 23238
debian DSA-1283
misc
secunia
  • 25056
  • 25062
suse SUSE-SA:2007:032
xf zend-zendmmallocint-bo(33770)
statements via4
contributor Mark J Cox
lastmodified 2007-04-16
organization Red Hat
statement Not vulnerable. These issues did not affect the versions of PHP as shipped with Red Hat Enterprise Linux 2.1, 3, 4, 5, Stronghold 4.0, or Red Hat Application Stack 1.
Last major update 29-07-2017 - 01:31
Published 06-04-2007 - 01:19
Last modified 29-07-2017 - 01:31
Back to Top