|
|
CVE Reference: CVE-2007-1581 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2007-1581 |
|
|
Description: The resource system in PHP 5.0.0 through 5.2.1 allows context-dependent attackers to execute arbitrary code by interrupting the hash_update_file function via a userspace (1) error or (2) stream handler, which can then be used to destroy and modify internal resources. NOTE: it was later reported that PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 are also affected. |
|
|
CVE Status: Candidate |
|
|
References: SAID Secunia Advisory: SA24542 MISC http://www.php-security.org/MOPB/MOPB-28-2007.html http://php-security.org/2010/05/01/mops-2010-001-php-hash_update_file-already-freed-resource-access-vulnerability/index.html MILW0RM http://www.milw0rm.com/exploits/3529 BID 23062 |
|
| Return to the previous page. |
