Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4659

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2007-4659
Last Modified 07 Mar 2011 09:58:57
Published 04 Sep 2007 06:17:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-4659

Summary

The zend_alter_ini_entry function in PHP before 5.2.4 does not properly handle an interruption to the flow of execution triggered by a memory_limit violation, which has unknown impact and attack vectors.

Vulnerable Systems

Application

  • Php 5.2.3


References

CONFIRM - http://www.php.net/ChangeLog-5.php#5.2.4

SECUNIA - 26642

VUPEN - ADV-2007-3023

CONFIRM - http://www.php.net/releases/5_2_4.php

CONFIRM - https://issues.rpath.com/browse/RPL-1702

CONFIRM - https://issues.rpath.com/browse/RPL-1693

XF - php-zendalterinientry-unspecified(36380)

TRUSTIX - 2007-0026

GENTOO - GLSA-200710-02

DEBIAN - DSA-1444

SECUNIA - 28249

SECUNIA - 27377

SECUNIA - 27102

SECUNIA - 26838

SECUNIA - 26822


Last Updated: 27 May 2016 10:45:56