CVE-2006-4812

Priority
Untriaged
Description
Integer overflow in PHP 5 up to 5.1.6 and 4 before 4.3.0 allows remote
attackers to execute arbitrary code via an argument to the unserialize PHP
function with a large value for the number of array elements, which
triggers the overflow in the Zend Engine ecalloc function
(Zend/zend_alloc.c).
References
Package
Source: php4 (LP Ubuntu Debian)
Upstream:needs-triage
Package
Source: php5 (LP Ubuntu Debian)
Upstream:needs-triage
More Information

Valid XHTML 1.0 Strict

Updated: 2012-06-01 15:17:23 UTC (commit 5347)