Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4661

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2007-4661
Last Modified 05 Sep 2008 05:28:47
Published 04 Sep 2007 06:17:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-4661

Summary

The chunk_split function in string.c in PHP 5.2.3 does not properly calculate the needed buffer size due to precision loss when performing integer arithmetic with floating point numbers, which has unknown attack vectors and impact, possibly resulting in a heap-based buffer overflow. NOTE: this is due to an incomplete fix for CVE-2007-2872.

Vulnerable Systems

Application

  • Php 5.2.3


References

CONFIRM - http://www.php.net/releases/5_2_4.php

SECUNIA - 26642

CONFIRM - http://www.php.net/ChangeLog-5.php#5.2.4

MISC - http://cvs.php.net/viewvc.cgi/php-src/ext/standard/string.c?r1=1.445.2.14.2.58&r2=1.445.2.14.2.59

CONFIRM - https://launchpad.net/bugs/173043

CONFIRM - https://issues.rpath.com/browse/RPL-1702

UBUNTU - USN-549-1

UBUNTU - USN-549-2

GENTOO - GLSA-200710-02

SECUNIA - 28658

SECUNIA - 27864

SECUNIA - 27102

SECUNIA - 26838

SUSE - SUSE-SA:2008:004


Last Updated: 27 May 2016 10:45:56