PublicDate: 2007-09-10 21:17:00 UTC
Candidate: CVE-2007-4783
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4783
Description:
 The iconv_substr function in PHP 5.2.4 and earlier allows context-dependent
 attackers to cause (1) a denial of service (application crash) via a long
 string in the charset parameter, probably also requiring a long string in
 the str parameter; or (2) a denial of service (temporary application hang)
 via a long string in the str parameter.  NOTE: this might not be a
 vulnerability in most web server environments that support multiple
 threads, unless these issues can be demonstrated for code execution.
Ubuntu-Description: 
Notes: 
 kees> local php instance crasher only, not a serious security issue
Bugs: 
Priority: negligible
Discovered-by:
Assigned-to: 
CVSS: 
dapper_php5: needed
edgy_php5: needed
feisty_php5: needed
gutsy_php5: needed
hardy_php5: needed
devel_php5: needed
upstream_php5: needs-triage