Back to search
CVE-2007-1883
Published: Apr 6, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows context-dependent attackers to read arbitrary memory locations via an interruption that triggers a user space error handler that changes a parameter to an arbitrary pointer, as demonstrated via the iptcembed function, which calls certain convert_to_* functions with its input parameters.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
24542
third-party-advisory
x_refsource_SECUNIA
GLSA-200710-02
vendor-advisory
x_refsource_GENTOO
http://www.php-security.org/MOPB/MOPB-37-2007.html
x_refsource_MISC
php-userspace-information-disclosure(33750)
vdb-entry
x_refsource_XF
27102
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now