QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2006-4812

Back to search

CVE-2006-4812

Published: Oct 9, 2006

Modified: Aug 7, 2024

PUBLISHED

Description

Integer overflow in PHP 5 up to 5.1.6 and 4 before 4.3.0 allows remote attackers to execute arbitrary code via an argument to the unserialize PHP function with a large value for the number of array elements, which triggers the overflow in the Zend Engine ecalloc function (Zend/zend_alloc.c).

VendorProductVersions

n/a

n/a

affected
n/a

References

22300
third-party-advisory
x_refsource_SECUNIA
22650
third-party-advisory
x_refsource_SECUNIA
1016984
vdb-entry
x_refsource_SECTRACK
22281
third-party-advisory
x_refsource_SECUNIA
22338
third-party-advisory
x_refsource_SECUNIA
20349
vdb-entry
x_refsource_BID
OpenPKG-SA-2006.023
vendor-advisory
x_refsource_OPENPKG
GLSA-200610-14
vendor-advisory
x_refsource_GENTOO
2006-0055
vendor-advisory
x_refsource_TRUSTIX
RHSA-2006:0688
vendor-advisory
x_refsource_REDHAT
USN-362-1
vendor-advisory
x_refsource_UBUNTU
RHSA-2006:0708
vendor-advisory
x_refsource_REDHAT
22538
third-party-advisory
x_refsource_SECUNIA
1691
third-party-advisory
x_refsource_SREASON
22533
third-party-advisory
x_refsource_SECUNIA
SUSE-SA:2006:059
vendor-advisory
x_refsource_SUSE
22331
third-party-advisory
x_refsource_SECUNIA
ADV-2006-3922
vdb-entry
x_refsource_VUPEN
22280
third-party-advisory
x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now