CVE-2008-1384 (retired)

Priority
Description
Integer overflow in PHP 5.2.5 and earlier allows context-dependent
attackers to cause a denial of service and possibly have unspecified other
impact via a printf format parameter with a large width specifier, related
to the php_sprintf_appendstring function in formatted_print.c and probably
other functions for formatted strings (aka *printf functions).
Notes
 jdstrand> per Debian, needs a malicious script
Package
Source: php5 (LP Ubuntu Debian)
Upstream:released (5.2.6)
Patches:
Vendor:http://www.debian.org/security/2008/dsa-1572
More Information

Updated: 2019-03-26 11:43:29 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)