CVE Vulnerabilities

CVE-2007-2872

Published: Jun 04, 2007 | Modified: Feb 13, 2023
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.8 MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Multiple integer overflows in the chunk_split function in PHP 5 before 5.2.3 and PHP 4 before 4.4.8 allow remote attackers to cause a denial of service (crash) or execute arbitrary code via the (1) chunks, (2) srclen, and (3) chunklen arguments.

Affected Software

Name Vendor Start Version End Version
Php Php 5.1.5 5.1.5
Php Php 5.1.2 5.1.2
Php Php 5.1.1 5.1.1
Php Php 5.1.6 5.1.6
Php Php 5.2.2 5.2.2
Php Php 5.0.5 5.0.5
Php Php 5.0.1 5.0.1
Php Php 5.1.4 5.1.4
Php Php 5.0.4 5.0.4
Php Php * 4.4.7
Php Php 5.0.3 5.0.3
Php Php 5.1.0 5.1.0
Php Php 5.2.0 5.2.0
Php Php 5.1.3 5.1.3
Php Php 5.0.2 5.0.2
Php Php 5.2.1 5.2.1
Php Php 5.0.0 5.0.0

References