Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1991

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2006-1991
Last Modified 13 Jun 2011 12:00:00
Published 24 Apr 2006 07:02:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-1991

Summary

The substr_compare function in string.c in PHP 5.1.2 allows context-dependent attackers to cause a denial of service (memory access violation) via an out-of-bounds offset argument.

Vulnerable Systems

Application

  • Php 5.1.2


References

SECUNIA - 20269

XF - php-substrcompare-length-dos(26003)

VUPEN - ADV-2006-1500

UBUNTU - USN-320-1

SUSE - SUSE-SA:2006:031

MANDRAKE - MDKSA-2006:091

MISC - http://www.infigo.hr/en/in_focus/advisories/INFIGO-2006-04-02

SECTRACK - 1015979

GENTOO - GLSA-200605-08

SECUNIA - 21125

SECUNIA - 20676

SECUNIA - 20052


Last Updated: 27 May 2016 10:42:16