CVE-2007-1777

2007-03-30T01:19:00
ID CVE-2007-1777
Type cve
Reporter cve@mitre.org
Modified 2018-10-30T16:25:00

Description

Integer overflow in the zip_read_entry function in PHP 4 before 4.4.5 allows remote attackers to execute arbitrary code via a ZIP archive that contains an entry with a length value of 0xffffffff, which is incremented before use in an emalloc call, triggering a heap overflow.