Back to search
CVE-2007-3998
Published: Sep 4, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
The wordwrap function in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, does not properly use the breakcharlen variable, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash, or infinite loop) via certain arguments, as demonstrated by a 'chr(0), 0, ""' argument set.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
30288
third-party-advisory
x_refsource_SECUNIA
26822
third-party-advisory
x_refsource_SECUNIA
https://launchpad.net/bugs/173043
x_refsource_CONFIRM
oval:org.mitre.oval:def:10603
vdb-entry
signature
x_refsource_OVAL
SUSE-SA:2008:004
vendor-advisory
x_refsource_SUSE
28658
third-party-advisory
x_refsource_SECUNIA
FEDORA-2007-709
vendor-advisory
x_refsource_FEDORA
26967
third-party-advisory
x_refsource_SECUNIA
DSA-1444
vendor-advisory
x_refsource_DEBIAN
GLSA-200710-02
vendor-advisory
x_refsource_GENTOO
27864
third-party-advisory
x_refsource_SECUNIA
http://www.php.net/ChangeLog-5.php#5.2.4
x_refsource_CONFIRM
26930
third-party-advisory
x_refsource_SECUNIA
2007-0026
vendor-advisory
x_refsource_TRUSTIX
RHSA-2007:0889
vendor-advisory
x_refsource_REDHAT
USN-549-1
vendor-advisory
x_refsource_UBUNTU
https://issues.rpath.com/browse/RPL-1693
x_refsource_CONFIRM
28249
third-party-advisory
x_refsource_SECUNIA
DSA-1578
vendor-advisory
x_refsource_DEBIAN
https://issues.rpath.com/browse/RPL-1702
x_refsource_CONFIRM
27545
third-party-advisory
x_refsource_SECUNIA
http://support.avaya.com/elmodocs2/security/ASA-2007-449.htm
x_refsource_CONFIRM
26838
third-party-advisory
x_refsource_SECUNIA
http://secweb.se/en/advisories/php-wordwrap-vulnerability/
x_refsource_MISC
27377
third-party-advisory
x_refsource_SECUNIA
MDKSA-2007:187
vendor-advisory
x_refsource_MANDRIVA
27102
third-party-advisory
x_refsource_SECUNIA
ADV-2007-3023
vdb-entry
x_refsource_VUPEN
http://www.php.net/releases/5_2_4.php
x_refsource_CONFIRM
26895
third-party-advisory
x_refsource_SECUNIA
USN-549-2
vendor-advisory
x_refsource_UBUNTU
RHSA-2007:0890
vendor-advisory
x_refsource_REDHAT
RHSA-2007:0891
vendor-advisory
x_refsource_REDHAT
26871
third-party-advisory
x_refsource_SECUNIA
26642
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now