Lucene search

PRIOn knowledge basePRION:CVE-2007-1884

HistoryApr 06, 2007 - 1:19 a.m.

Integer overflow

2007-04-0601:19:00

PRIOn knowledge base

www.prio-n.com

7.9 High

AI Score

Confidence

Low

0.023 Low

EPSS

Percentile

89.8%

JSON

Multiple integer signedness errors in the printf function family in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 on 64 bit machines allow context-dependent attackers to execute arbitrary code via (1) certain negative argument numbers that arise in the php_formatted_print function because of 64 to 32 bit truncation, and bypass a check for the maximum allowable value; and (2) a width and precision of -1, which make it possible for the php_sprintf_appendstring function to place an internal buffer at an arbitrary memory location.

CPENameOperatorVersion
phpeq4.3.9
phpeq4.0 beta1
phpeq4.0 beta4
phpeq4.2.0
phpeq4.4.4
phpeq4.1.0
phpeq4.3.4
phpeq4.0.4
phpeq4.3.0
phpeq4.0.5

Name	Operator	Version
php	eq	4.3.9
php	eq	4.0 beta1
php	eq	4.0 beta4
php	eq	4.2.0
php	eq	4.4.4
php	eq	4.1.0
php	eq	4.3.4
php	eq	4.0.4
php	eq	4.3.0
php	eq	4.0.5

Rows per page:

1-10 of 721

References

h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506

h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137

secunia.com/advisories/25423

secunia.com/advisories/25850

www.osvdb.org/33955

www.osvdb.org/34767

www.php-security.org/MOPB/MOPB-38-2007.html

www.php.net/releases/5_2_1.php

www.securityfocus.com/bid/23219

www.vupen.com/english/advisories/2007/1991

www.vupen.com/english/advisories/2007/2374

exchange.xforce.ibmcloud.com/vulnerabilities/33755