Integer overflow in PHP 4.4.4 and earlier allows remote context-dependent attackers to execute arbitrary code via a long string to the unserialize function, which triggers the overflow in the ZVAL reference counter.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Php | Php | * | 4.4.4 (including) |
| Red Hat Enterprise Linux 2.1 | RedHat | php-0:4.1.2-2.17 | * |
| Red Hat Enterprise Linux 3 | RedHat | php-0:4.3.2-40.ent | * |
| Red Hat Enterprise Linux 4 | RedHat | php-0:4.3.9-3.22.4 | * |
| Stronghold 4.0 for RHEL 2.1AS | RedHat | stronghold-php-0:4.1.2-15 | * |
| Php4 | Ubuntu | dapper | * |
| Php4 | Ubuntu | edgy | * |