CVE-2007-4657

Priority
Description
Multiple integer overflows in PHP 4 before 4.4.8, and PHP 5 before 5.2.4,
allow remote attackers to obtain sensitive information (memory contents) or
cause a denial of service (thread crash) via a large len value to the (1)
strspn or (2) strcspn function, which triggers an out-of-bounds read.
NOTE: this affects different product versions than CVE-2007-3996.
Notes
 kees> http://cvs.php.net/viewcvs.cgi/php-src/ext/standard/string.c?r1=1.640&r2=1.641, prior to line 7667
 kees> 201-strspn-oob-read.patch
Package
Source: php4 (LP Ubuntu Debian)
Upstream:released (4.4.8)
Patches:
Upstream:http://cvs.php.net/viewcvs.cgi/php-src/ext/standard/string.c?r1=1.640&r2=1.641, prior to line 7667
Other:201-strspn-oob-read.patch
Package
Source: php5 (LP Ubuntu Debian)
Upstream:released (5.2.4)
More Information

Updated: 2019-03-19 11:43:34 UTC (commit 15472795df7e9de45b82f2d36b8b419b939f97b2)