PublicDate: 2007-03-24 00:19:00 UTC
Candidate: CVE-2007-1649
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1649
Description:
 PHP 5.2.1 allows context-dependent attackers to read portions of heap
 memory by executing certain scripts with a serialized data input string
 beginning with S:, which does not properly track the number of input bytes
 being processed.
Ubuntu-Description:
Notes:
Priority: untriaged
Discovered-by:
Assigned-to:
CVSS:

Bugs:
upstream_php5: released (5.2.2)
dapper_php5: not-affected
edgy_php5: not-affected
feisty_php5: released (5.2.1-0ubuntu1.4)
devel_php5: not-affected