PublicDate: 2007-09-12 20:17:00 UTC
Candidate: CVE-2007-4840
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4840
Description:
 PHP 5.2.4 and earlier allows context-dependent attackers to cause a denial
 of service (application crash) via (1) a long string in the out_charset
 parameter to the iconv function; or a long string in the charset parameter
 to the (2) iconv_mime_decode_headers, (3) iconv_mime_decode, or (4)
 iconv_strlen function.  NOTE: this might not be a vulnerability in most web
 server environments that support multiple threads, unless these issues can
 be demonstrated for code execution.
Ubuntu-Description: 
Notes: 
 kees> local php instance crasher only, not a serious security issue
Bugs: 
Priority: negligible
Discovered-by:
Assigned-to: 
CVSS: 
dapper_php5: needed
edgy_php5: needed
feisty_php5: needed
gutsy_php5: needed
hardy_php5: needed
devel_php5: needed
upstream_php5: needs-triage