CVE-2007-1777

Priority
Description
Integer overflow in the zip_read_entry function in PHP 4 before 4.4.5
allows remote attackers to execute arbitrary code via a ZIP archive that
contains an entry with a length value of 0xffffffff, which is incremented
before use in an emalloc call, triggering a heap overflow.
Notes
Package
Source: php4 (LP Ubuntu Debian)
Upstream:needs-triage
More Information

Updated: 2020-03-18 21:56:30 UTC (commit 2ea7df7bd1e69e1e489978d2724a936eb3faa1b8)