CVE-2007-1285 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2007-1285
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-1285

Description: The Zend Engine in PHP 4.x before 4.4.7, and 5.x before 5.2.2, allows remote attackers to cause a denial of service (stack exhaustion and PHP crash) via deeply nested arrays, which trigger deep recursion in the variable destruction routines.

CVE Status: Candidate

References: UBUNTU http://www.ubuntu.com/usn/usn-549-2 http://www.ubuntulinux.org/support/documentation/usn/usn-549-1 SUSE http://lists.opensuse.org/opensuse-security-announce/2007-07/msg00006.html ST 1017771 SLACKWARE http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.335136 SAID Secunia Advisory: SA24945 Secunia Advisory: SA24924 Secunia Advisory: SA24910 Secunia Advisory: SA24941 Secunia Advisory: SA24909 Secunia Advisory: SA25445 Secunia Advisory: SA26048 Secunia Advisory: SA26642 Secunia Advisory: SA27864 Secunia Advisory: SA28936 REDHAT http://rhn.redhat.com/errata/RHSA-2007-0155.html http://www.redhat.com/support/errata/RHSA-2007-0162.html http://rhn.redhat.com/errata/RHSA-2007-0163.html http://www.redhat.com/support/errata/RHSA-2007-0082.html http://rhn.redhat.com/errata/RHSA-2007-0154.html OSVDB 32769 MISC http://www.php-security.org/MOPB/MOPB-03-2007.html MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2007:089 http://www.mandriva.com/security/advisories?name=MDKSA-2007:090 http://www.mandriva.com/security/advisories?name=MDKSA-2007:087 http://www.mandriva.com/security/advisories?name=MDKSA-2007:088 GENTOO http://security.gentoo.org/glsa/glsa-200705-19.xml CONFIRM http://www.php.net/releases/4_4_8.php http://www.php.net/ChangeLog-4.php http://us2.php.net/releases/5_2_2.php http://www.php.net/ChangeLog-5.php#5.2.4 http://www.php.net/releases/5_2_4.php http://us2.php.net/releases/4_4_7.php BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/466166/100/0/threaded BID 22764

Return to the previous page.