CVE-2007-1375

Published: Mar 10, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

Integer overflow in the substr_compare function in PHP 5.2.1 and earlier allows context-dependent attackers to read sensitive memory via a large value in the length argument, a different vulnerability than CVE-2006-1991.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

32780

vdb-entry

x_refsource_OSVDB

25056

third-party-advisory

x_refsource_SECUNIA

DSA-1283

vendor-advisory

x_refsource_DEBIAN

24606

third-party-advisory

x_refsource_SECUNIA

3424

exploit

x_refsource_EXPLOIT-DB

22851

vdb-entry

x_refsource_BID

GLSA-200703-21

vendor-advisory

x_refsource_GENTOO

25062

third-party-advisory

x_refsource_SECUNIA

USN-455-1

vendor-advisory

x_refsource_UBUNTU

http://www.php-security.org/MOPB/MOPB-14-2007.html

x_refsource_MISC

http://us2.php.net/releases/5_2_2.php

x_refsource_CONFIRM

MDKSA-2007:187

vendor-advisory

x_refsource_MANDRIVA

26895

third-party-advisory

x_refsource_SECUNIA

25057

third-party-advisory

x_refsource_SECUNIA

SUSE-SA:2007:032

vendor-advisory

x_refsource_SUSE

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2007-1375

Description

Affected Products

References