Showing 1 - 7 of 7

CVE-2007-1285

Status Candidate

Overview

The Zend Engine in PHP 4.x before 4.4.7, and 5.x before 5.2.2, allows remote attackers to cause a denial of service (stack exhaustion and PHP crash) via deeply nested arrays, which trigger deep recursion in the variable destruction routines.

Related Files

Ubuntu Security Notice 549-2: Posted Dec 4, 2007; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 549-2 - USN-549-1 fixed vulnerabilities in PHP. However, some upstream changes were incomplete, which caused crashes in certain situations with Ubuntu 7.10.; tags | advisory, php, vulnerability; systems | linux, ubuntu; advisories | CVE-2007-1285, CVE-2007-2872, CVE-2007-3799, CVE-2007-3998, CVE-2007-4657, CVE-2007-4658, CVE-2007-4660, CVE-2007-4661, CVE-2007-4662, CVE-2007-4670, CVE-2007-5898, CVE-2007-5899; SHA-256 | 9a0a4a1d82e27e9d74bb5eb17c3168dc8ab295a00a313b9b1b95a786a5cb345f; Download | Favorite | View

Ubuntu Security Notice 549-1: Posted Nov 30, 2007; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 549-1 - Various integer overflows, arbitrary code execution, and denial of service vulnerabilities have been fixed in PHP 5.; tags | advisory, denial of service, overflow, arbitrary, php, vulnerability, code execution; systems | linux, ubuntu; advisories | CVE-2007-1285, CVE-2007-2872, CVE-2007-3799, CVE-2007-3998, CVE-2007-4657, CVE-2007-4658, CVE-2007-4660, CVE-2007-4661, CVE-2007-4662, CVE-2007-4670, CVE-2007-5898, CVE-2007-5899; SHA-256 | 82dae6b629e189b7e2d3dfbad033c409a70c0f0886d117b786a64d4164df2e82; Download | Favorite | View

Gentoo Linux Security Advisory 200705-19: Posted May 31, 2007; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory GLSA 200705-19 - Several vulnerabilities were found in PHP, most of them during the Month Of PHP Bugs (MOPB) by Stefan Esser. The most severe of these vulnerabilities are integer overflows in wbmp.c from the GD library and in the substr_compare() PHP 5 function. Ilia Alshanetsky also reported a buffer overflow in the make_http_soap_request() and in the user_filter_factory_create() functions, and Stanislav Malyshev discovered another buffer overflow in the bundled XMLRPC library. Additionally, the session_regenerate_id() and the array_user_key_compare() functions contain a double-free vulnerability. Finally, there exist implementation errors in the Zend engine, in the mb_parse_str(), the unserialize() and the mail() functions and other elements. Versions less than 5.2.2 are affected.; tags | advisory, overflow, php, vulnerability; systems | linux, gentoo; advisories | CVE-2007-1001, CVE-2007-1285, CVE-2007-1286, CVE-2007-1484, CVE-2007-1521, CVE-2007-1583, CVE-2007-1700, CVE-2007-1701, CVE-2007-1711, CVE-2007-1717, CVE-2007-1718, CVE-2007-1864, CVE-2007-1900, CVE-2007-2509, CVE-2007-2510, CVE-2007-2511; SHA-256 | 85b7223b6bfd70f54588716713c6a4f7ef1cdaf921d40a164c836fe16bbb3b6f; Download | Favorite | View

Mandriva Linux Security Advisory 2007.090: Posted Apr 20, 2007; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory - A slew of PHP vulnerabilities have been patched for 2007.0.; tags | advisory, php, vulnerability; systems | linux, mandriva; advisories | CVE-2007-1001, CVE-2007-1285, CVE-2007-1454, CVE-2007-1718, CVE-2007-1583; SHA-256 | 170fdf6f224bc714d6fc44d1ff2d7dccc2c0c3039c8c74302c1eb7ea38ee5a2a; Download | Favorite | View

Mandriva Linux Security Advisory 2007.089: Posted Apr 20, 2007; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory - A slew of PHP vulnerabilities have been patched for 2007.0, Corporate 4.0.; tags | advisory, php, vulnerability; systems | linux, mandriva; advisories | CVE-2007-1001, CVE-2007-1285, CVE-2007-1718, CVE-2007-1583; SHA-256 | 794e22e3f5b0e6b63559a1daa2d1286af468ba2df6fc2bb1dfaed9e9b64a2822; Download | Favorite | View

Mandriva Linux Security Advisory 2007.088: Posted Apr 20, 2007; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory - A slew of PHP vulnerabilities have been patched for Corporate 4.0.; tags | advisory, php, vulnerability; systems | linux, mandriva; advisories | CVE-2007-1001, CVE-2007-1285, CVE-2007-1286, CVE-2007-1711, CVE-2007-1718, CVE-2007-1583; SHA-256 | d4bca33f7631979dcc46c1dc4e70d4e380393821c54fca3f8163e1d813b7d91a; Download | Favorite | View

Mandriva Linux Security Advisory 2007.087: Posted Apr 20, 2007; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory - A slew of PHP vulnerabilities have been patched for Corporate 3.0, Multi Network Firewall 2.0.; tags | advisory, php, vulnerability; systems | linux, mandriva; advisories | CVE-2007-1001, CVE-2007-1285, CVE-2007-1286, CVE-2007-1711, CVE-2007-1718; SHA-256 | 5d65c7a60487b2fbfb19308d269db352223b3ce877dad01b58b8eb667addb473; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 210 files
Ubuntu 64 files
Debian 27 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
Ersin Erenler 4 files
E1.Coders 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,014)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,227)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,501)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,439)
UNIX (9,391)
UnixWare (187)
Windows (6,649)
Other

CVE-2007-1285

Overview

Related Files

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems