CVE-2008-7068

Priority
Description
The dba_replace function in PHP 5.2.6 and 4.x allows context-dependent
attackers to cause a denial of service (file truncation) via a key with the
NULL byte. NOTE: this might only be a vulnerability in limited
circumstances in which the attacker can modify or add database entries but
does not have permissions to truncate the file.
Package
Source: php4 (LP Ubuntu Debian)
Upstream:needs-triage
More Information

Updated: 2019-03-19 11:48:34 UTC (commit 15472795df7e9de45b82f2d36b8b419b939f97b2)