Computer Security
[EN] securityvulns.ru no-pyccku


PHP memory manager integer overflow
Published:08.04.2007
Source:
SecurityVulns ID:7551
Type:library
Threat Level:
5/10
Description:Integer overflow on large memory allocation.
Affected:PHP : PHP 5.2
CVE:CVE-2007-1889 (Integer signedness error in the _zend_mm_alloc_int function in the Zend Memory Manager in PHP 5.2.0 allows remote attackers to execute arbitrary code via a large emalloc request, related to an incorrect signed long cast, as demonstrated via the HTTP SOAP client in PHP, and via a call to msg_receive with the largest positive integer value of maxsize.)
Original documentdocumentPHP-SECURITY, MOPB-44-2007:PHP 5.2.0 Memory Manager Signed Comparision Vulnerability (08.04.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod