Computer Security

PHP unserialize() integer overflow
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



PHP unserialize() integer overflow
Published:02.03.2007
Source:PHP-SECURITY
SecurityVulns ID:7333
Type:remote
Level:9/10
Description:16-bit counter overflow leads to ability of code execution on parsing cookie.
Affected:PHP : PHP 4.4
CVE:CVE-2007-1383 (Integer overflow in the 16 bit variable reference counter in PHP 4 allows context-dependent attackers to execute arbitrary code by overflowing this counter, which causes the same variable to be destroyed twice, a related issue to CVE-2007-1286.)
 CVE-2007-1286 (Integer overflow in PHP 4.4.4 and earlier allows remote context-dependent attackers to execute arbitrary code via a long string to the unserialize function, which triggers the overflow in the ZVAL reference counter.)
Original documentdocumentPHP-SECURITY, MOPB-04-2007:PHP 4 unserialize() ZVAL Reference Counter Overflow (02.03.2007)
 documentPHP-SECURITY, MOPB-01-2007:PHP 4 Userland ZVAL Reference Counter Overflow Vulnerability (02.03.2007)
Files:Exploits PHP 4 - unserialize() Reference Counter Overflow
 Exploits PHP 4 - ZVAL Reference Counter Overflow
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server