CVE-2007-4887 - CVE Reference - Advisories

CVE Reference: CVE-2007-4887

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-4887

Description: The dl function in PHP 5.2.4 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long string in the library parameter. NOTE: there are limited usage scenarios under which this would be a vulnerability.

CVE Status: Candidate

References: SREASON http://securityreason.com/securityalert/3133 SAID Secunia Advisory: SA27102 Secunia Advisory: SA27659 Secunia Advisory: SA28750 Secunia Advisory: SA29420 HP http://www.securityfocus.com/archive/1/archive/1/491693/100/0/threaded http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01345501 GENTOO http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml CONFIRM http://docs.info.apple.com/article.html?artnum=307562 http://www.php.net/releases/5_2_5.php http://www.php.net/ChangeLog-5.php#5.2.5 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/478985/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/478988/100/0/threaded BID 26403 APPLE http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html

Return to the previous page.

Secunia PSI
Scan | Patch | Track
Free Download

Secunia Poll

Most Popular Advisories

1.	Yahoo! Assistant yNotifier.dll ActiveX Control Code Execution

2.	OpenKM Document Export Security Issue

3.	vShare YouTube Clone "tid" SQL Injection Vulnerability

4.	Zarafa Script Insertion Vulnerabilities

5.	Cyberfolio "rep" File Inclusion Vulnerability

6.	Maian Recipe Cross-Site Scripting Vulnerabilities

7.	Maian Guestbook footer.php Cross-Site Scripting Vulnerabilities

8.	Ubuntu update for vorbis-tools

9.	SazCart Multiple File Inclusion Vulnerabilities

10.	TFTP Server SP Long Error Message Buffer Overflow