QwikSec

Security Database

CVE

CWE

Training

CVE-2007-1884

Published: Apr 6, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

Multiple integer signedness errors in the printf function family in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 on 64 bit machines allow context-dependent attackers to execute arbitrary code via (1) certain negative argument numbers that arise in the php_formatted_print function because of 64 to 32 bit truncation, and bypass a check for the maximum allowable value; and (2) a width and precision of -1, which make it possible for the php_sprintf_appendstring function to place an internal buffer at an arbitrary memory location.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

php-printf-format-string(33755)

vdb-entry

x_refsource_XF

vdb-entry

x_refsource_VUPEN

vendor-advisory

x_refsource_HP

vendor-advisory

x_refsource_HP

vdb-entry

x_refsource_OSVDB

http://www.php.net/releases/5_2_1.php

x_refsource_CONFIRM

vdb-entry

x_refsource_BID

vdb-entry

x_refsource_OSVDB

vendor-advisory

x_refsource_HP

vdb-entry

x_refsource_VUPEN

third-party-advisory

x_refsource_SECUNIA

http://www.php-security.org/MOPB/MOPB-38-2007.html

x_refsource_MISC

vendor-advisory

x_refsource_HP

third-party-advisory

x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.