|
|
CVE Reference: CVE-2007-3806 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2007-3806 |
|
|
Description: The glob function in PHP 5.2.3 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via an invalid value of the flags parameter, probably related to memory corruption or an invalid read on win32 platforms, and possibly related to lack of initialization for a glob structure. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/35437 SAID Secunia Advisory: SA26642 Secunia Advisory: SA26085 Secunia Advisory: SA27102 Secunia Advisory: SA30288 Secunia Advisory: SA30158 MISC http://cvs.php.net/viewvc.cgi/php-src/ext/standard/dir.c?view=log http://cvs.php.net/viewvc.cgi/php-src/ext/standard/dir.c?r1=1.166&r2=1.167 MILW0RM http://www.milw0rm.com/exploits/4181 GENTOO http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml DEBIAN http://www.debian.org/security/2008/dsa-1578 http://www.debian.org/security/2008/dsa-1572 CONFIRM http://www.php.net/ChangeLog-5.php#5.2.4 http://www.php.net/releases/5_2_4.php BID 25498 24922 |
|
| Return to the previous page. |
