PublicDate: 2007-09-10 21:17:00 UTC
Candidate: CVE-2007-4784
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4784
Description:
 The setlocale function in PHP before 5.2.4 allows context-dependent
 attackers to cause a denial of service (application crash) via a long
 string in the locale parameter.  NOTE: this might not be a vulnerability in
 most web server environments that support multiple threads, unless this
 issue can be demonstrated for code execution.
Ubuntu-Description: 
Notes: 
 kees> local script instance crasher is not a security issue.
Bugs: 
Priority: negligible
Discovered-by:
Assigned-to: 
CVSS: 
upstream_php5: released (5.2.4)
dapper_php5: needed
edgy_php5: needed
feisty_php5: needed
gutsy_php5: needed
hardy_php5: not-affected (5.2.4-2ubuntu3)
devel_php5: not-affected (5.2.4-2ubuntu3)