Showing 1 - 7 of 7

CVE-2007-1285

Status Candidate

Overview

The Zend Engine in PHP 4.x before 4.4.7, and 5.x before 5.2.2, allows remote attackers to cause a denial of service (stack exhaustion and PHP crash) via deeply nested arrays, which trigger deep recursion in the variable destruction routines.

Related Files

Ubuntu Security Notice 549-2: Posted Dec 4, 2007; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 549-2 - USN-549-1 fixed vulnerabilities in PHP. However, some upstream changes were incomplete, which caused crashes in certain situations with Ubuntu 7.10.; tags | advisory, php, vulnerability; systems | linux, ubuntu; advisories | CVE-2007-1285, CVE-2007-2872, CVE-2007-3799, CVE-2007-3998, CVE-2007-4657, CVE-2007-4658, CVE-2007-4660, CVE-2007-4661, CVE-2007-4662, CVE-2007-4670, CVE-2007-5898, CVE-2007-5899; SHA-256 | 9a0a4a1d82e27e9d74bb5eb17c3168dc8ab295a00a313b9b1b95a786a5cb345f; Download | Favorite | View

Ubuntu Security Notice 549-1: Posted Nov 30, 2007; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 549-1 - Various integer overflows, arbitrary code execution, and denial of service vulnerabilities have been fixed in PHP 5.; tags | advisory, denial of service, overflow, arbitrary, php, vulnerability, code execution; systems | linux, ubuntu; advisories | CVE-2007-1285, CVE-2007-2872, CVE-2007-3799, CVE-2007-3998, CVE-2007-4657, CVE-2007-4658, CVE-2007-4660, CVE-2007-4661, CVE-2007-4662, CVE-2007-4670, CVE-2007-5898, CVE-2007-5899; SHA-256 | 82dae6b629e189b7e2d3dfbad033c409a70c0f0886d117b786a64d4164df2e82; Download | Favorite | View

Gentoo Linux Security Advisory 200705-19: Posted May 31, 2007; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory GLSA 200705-19 - Several vulnerabilities were found in PHP, most of them during the Month Of PHP Bugs (MOPB) by Stefan Esser. The most severe of these vulnerabilities are integer overflows in wbmp.c from the GD library and in the substr_compare() PHP 5 function. Ilia Alshanetsky also reported a buffer overflow in the make_http_soap_request() and in the user_filter_factory_create() functions, and Stanislav Malyshev discovered another buffer overflow in the bundled XMLRPC library. Additionally, the session_regenerate_id() and the array_user_key_compare() functions contain a double-free vulnerability. Finally, there exist implementation errors in the Zend engine, in the mb_parse_str(), the unserialize() and the mail() functions and other elements. Versions less than 5.2.2 are affected.; tags | advisory, overflow, php, vulnerability; systems | linux, gentoo; advisories | CVE-2007-1001, CVE-2007-1285, CVE-2007-1286, CVE-2007-1484, CVE-2007-1521, CVE-2007-1583, CVE-2007-1700, CVE-2007-1701, CVE-2007-1711, CVE-2007-1717, CVE-2007-1718, CVE-2007-1864, CVE-2007-1900, CVE-2007-2509, CVE-2007-2510, CVE-2007-2511; SHA-256 | 85b7223b6bfd70f54588716713c6a4f7ef1cdaf921d40a164c836fe16bbb3b6f; Download | Favorite | View

Mandriva Linux Security Advisory 2007.090: Posted Apr 20, 2007; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory - A slew of PHP vulnerabilities have been patched for 2007.0.; tags | advisory, php, vulnerability; systems | linux, mandriva; advisories | CVE-2007-1001, CVE-2007-1285, CVE-2007-1454, CVE-2007-1718, CVE-2007-1583; SHA-256 | 170fdf6f224bc714d6fc44d1ff2d7dccc2c0c3039c8c74302c1eb7ea38ee5a2a; Download | Favorite | View

Mandriva Linux Security Advisory 2007.089: Posted Apr 20, 2007; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory - A slew of PHP vulnerabilities have been patched for 2007.0, Corporate 4.0.; tags | advisory, php, vulnerability; systems | linux, mandriva; advisories | CVE-2007-1001, CVE-2007-1285, CVE-2007-1718, CVE-2007-1583; SHA-256 | 794e22e3f5b0e6b63559a1daa2d1286af468ba2df6fc2bb1dfaed9e9b64a2822; Download | Favorite | View

Mandriva Linux Security Advisory 2007.088: Posted Apr 20, 2007; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory - A slew of PHP vulnerabilities have been patched for Corporate 4.0.; tags | advisory, php, vulnerability; systems | linux, mandriva; advisories | CVE-2007-1001, CVE-2007-1285, CVE-2007-1286, CVE-2007-1711, CVE-2007-1718, CVE-2007-1583; SHA-256 | d4bca33f7631979dcc46c1dc4e70d4e380393821c54fca3f8163e1d813b7d91a; Download | Favorite | View

Mandriva Linux Security Advisory 2007.087: Posted Apr 20, 2007; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory - A slew of PHP vulnerabilities have been patched for Corporate 3.0, Multi Network Firewall 2.0.; tags | advisory, php, vulnerability; systems | linux, mandriva; advisories | CVE-2007-1001, CVE-2007-1285, CVE-2007-1286, CVE-2007-1711, CVE-2007-1718; SHA-256 | 5d65c7a60487b2fbfb19308d269db352223b3ce877dad01b58b8eb667addb473; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 237 files
indoushka 172 files
Jay Turla 150 files
Ubuntu 78 files
h00die 54 files
juan vazquez 43 files
sinn3r 41 files
H D Moore 31 files
Karn Ganeshen 23 files
Pedro Ribeiro 22 files

File Archives

Systems

AIX (430)
Apple (2,114)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,124)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,567)
HPUX (881)
iOS (389)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,237)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (16,845)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,852)
UNIX (9,456)
UnixWare (188)
Windows (6,772)
Other

CVE-2007-1285

Overview

Related Files

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems