3 matches found
CVE-2007-1889
Integer signedness error in the zendmmallocint function in the Zend Memory Manager in PHP 5.2.0 allows remote attackers to execute arbitrary code via a large emalloc request, related to an incorrect signed long cast, as demonstrated via the HTTP SOAP client in PHP, and via a call to msgreceive wi...
openSUSE 10 Security Update : apache2-mod_php5 (apache2-mod_php5-3289)
This Update fixes numerous vulnerabilities in PHP. Most of them were made public during the 'Month of PHP Bugs'. The vulnerabilities potentially lead to crashes, information leaks or even execution of malicious code. CVE-2007-1380, CVE-2007-0988, CVE-2007-1375, CVE-2007-1454 CVE-2007-1453,...
CVE-2007-1889
CVE-2007-1889 is a PHP 5.2.0 vulnerability where an Integer signedness error in the Zend Memory Manager’s _zend_mm_alloc_int can allow remote code execution via large emalloc requests. The issue stems from an incorrect signed long cast, demonstrated via the HTTP SOAP client and a msg_receive call...