CVE-2007-2872 - Secunia

Blog

Careers

Secunia SmallBusiness

Products

Solutions

Customers

Partner

Resources

Company

Careers

Community

CVE Reference: CVE-2007-2872
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-2872

Description: Multiple integer overflows in the chunk_split function in PHP 5 before 5.2.3 and PHP 4 before 4.4.8 allow remote attackers to cause a denial of service (crash) or execute arbitrary code via the (1) chunks, (2) srclen, and (3) chunklen arguments.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/39398 UBUNTU http://www.ubuntu.com/usn/usn-549-2 http://www.ubuntulinux.org/support/documentation/usn/usn-549-1 TRUSTIX http://www.trustix.org/errata/2007/0023/ SUSE http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2007-07/msg00006.html ST 1018186 SLACKWARE http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.335136 http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.482863 SAID Secunia Advisory: SA25535 Secunia Advisory: SA25456 Secunia Advisory: SA26048 Secunia Advisory: SA26231 Secunia Advisory: SA26838 Secunia Advisory: SA26930 Secunia Advisory: SA26871 Secunia Advisory: SA26895 Secunia Advisory: SA26967 Secunia Advisory: SA27037 Secunia Advisory: SA27110 Secunia Advisory: SA27351 Secunia Advisory: SA27377 Secunia Advisory: SA27545 Secunia Advisory: SA27102 Secunia Advisory: SA27864 Secunia Advisory: SA28318 Secunia Advisory: SA28658 Secunia Advisory: SA28750 Secunia Advisory: SA28936 Secunia Advisory: SA30040 REDHAT http://www.redhat.com/support/errata/RHSA-2007-0891.html http://www.redhat.com/support/errata/RHSA-2007-0888.html http://rhn.redhat.com/errata/RHSA-2007-0889.html http://www.redhat.com/support/errata/RHSA-2007-0890.html OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9424 OSVDB 36083 OPENPKG http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.020.html MISC http://www.sec-consult.com/291.html MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2007:187 HP http://www.securityfocus.com/archive/1/archive/1/491693/100/0/threaded http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01345501 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795 GENTOO http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml FEDORA CONFIRM http://www.php.net/releases/4_4_8.php http://www.php.net/ChangeLog-4.php http://support.avaya.com/elmodocs2/security/ASA-2007-449.htm http://www.php.net/releases/5_2_3.php BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/470244/100/0/threaded BID 24261

Return to the previous page.

Products

Solutions

Customers

Partner

Resources

Company

Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)

Industry
Compliance
Technology
Integration

Customers
Testimonials

VARS
MSSP
Technology Partners
References

Factsheets
Reports
Webinars
Events

About us
Careers
Memberships
Newsroom

© 2002-2013 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability