php -- integer overflow vulnerability

2008-03-21T00:00:00
ID F6377F08-12A7-11DD-BAB7-0016179B2DD5
Type freebsd
Reporter FreeBSD
Modified 2008-05-02T00:00:00

Description

CVE reports:

Integer overflow in PHP 5.2.5 and earlier allows context-dependent attackers to cause a denial of service and possibly have unspecified other impact via a printf format parameter with a large width specifier, related to the php_sprintf_appendstring function in formatted_print.c and probably other functions for formatted strings (aka *printf functions).