CVE-2007-1285

Priority
Description
The Zend Engine in PHP 4.x before 4.4.7, and 5.x before 5.2.2, allows
remote attackers to cause a denial of service (stack exhaustion and PHP
crash) via deeply nested arrays, which trigger deep recursion in the
variable destruction routines.
Notes
 kees> crash only, no code execution. input needs to be validated by application.
Package
Source: php5 (LP Ubuntu Debian)
Upstream:needs-triage
More Information

Updated: 2019-03-19 11:41:37 UTC (commit 15472795df7e9de45b82f2d36b8b419b939f97b2)