CVE-2008-3659

2008-08-1400:00:00

ubuntu.com

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

0.034 Low

EPSS

Percentile

91.3%

JSON

Buffer overflow in the memnstr function in PHP 4.4.x before 4.4.9 and PHP
5.6 through 5.2.6 allows context-dependent attackers to cause a denial of
service (crash) and possibly execute arbitrary code via the delimiter
argument to the explode function. NOTE: the scope of this issue is limited
since most applications would not use an attacker-controlled delimiter, but
local attacks against safe_mode are feasible.

Bugs

<http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=499988>

Notes

Author	Note
jdstrand	per Debian, php5 -d memory_limit=256M -r \ ‘$res = explode(str_repeat(“A”,145999999),1);’ (From upstream’s ext/standard/tests/strings/explode_bug.phpt)

OSVersionArchitecturePackageVersionFilename
ubuntu6.06noarchphp5< 5.1.2-1ubuntu3.13UNKNOWN
ubuntu7.10noarchphp5< 5.2.3-1ubuntu6.5UNKNOWN
ubuntu8.04noarchphp5< 5.2.4-2ubuntu5.5UNKNOWN
ubuntu8.10noarchphp5< 5.2.6-2ubuntu4.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	6.06	noarch	php5	< 5.1.2-1ubuntu3.13	UNKNOWN
ubuntu	7.10	noarch	php5	< 5.2.3-1ubuntu6.5	UNKNOWN
ubuntu	8.04	noarch	php5	< 5.2.4-2ubuntu5.5	UNKNOWN
ubuntu	8.10	noarch	php5	< 5.2.6-2ubuntu4.1	UNKNOWN