CVE-2007-0908 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2007-0908
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-0908

Description: The WDDX deserializer in the wddx extension in PHP 5 before 5.2.1 and PHP 4 before 4.4.5 does not properly initialize the key_length variable for a numerical key, which allows context-dependent attackers to read stack memory via a wddxPacket element that contains a variable with a string name before a numerical variable.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/32493 UBUNTU http://www.ubuntu.com/usn/usn-424-2 http://www.ubuntu.com/usn/usn-424-1 TRUSTIX http://www.trustix.org/errata/2007/0009/ SUSE http://lists.suse.com/archive/suse-security-announce/2007-Mar/0003.html ST 1017671 SREASON http://securityreason.com/securityalert/2321 SGI SAID Secunia Advisory: SA24419 Secunia Advisory: SA24284 Secunia Advisory: SA24642 Secunia Advisory: SA24606 Secunia Advisory: SA24514 Secunia Advisory: SA24421 Secunia Advisory: SA24432 Secunia Advisory: SA24322 Secunia Advisory: SA24295 Secunia Advisory: SA24089 Secunia Advisory: SA24195 Secunia Advisory: SA24217 Secunia Advisory: SA24248 Secunia Advisory: SA24236 REDHAT http://www.redhat.com/support/errata/RHSA-2007-0081.html http://www.redhat.com/support/errata/RHSA-2007-0082.html http://rhn.redhat.com/errata/RHSA-2007-0089.html http://www.redhat.com/support/errata/RHSA-2007-0076.html http://www.redhat.com/support/errata/RHSA-2007-0088.html OPENPKG http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.010.html MISC http://www.php-security.org/MOPB/MOPB-11-2007.html MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2007:048 GENTOO http://security.gentoo.org/glsa/glsa-200703-21.xml DEBIAN http://www.us.debian.org/security/2007/dsa-1264 CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2007-101.htm http://support.avaya.com/elmodocs2/security/ASA-2007-136.htm http://www.php.net/releases/5_2_1.php http://www.php.net/ChangeLog-5.php#5.2.1 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/461462/100/0/threaded BID 22496 22806

Return to the previous page.