Back to search
CVE-2007-4887
Published: Sep 14, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
The dl function in PHP 5.2.4 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long string in the library parameter. NOTE: there are limited usage scenarios under which this would be a vulnerability.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://www.php.net/ChangeLog-5.php#5.2.5
x_refsource_CONFIRM
3133
third-party-advisory
x_refsource_SREASON
https://issues.rpath.com/browse/RPL-1943
x_refsource_CONFIRM
28750
third-party-advisory
x_refsource_SECUNIA
GLSA-200710-02
vendor-advisory
x_refsource_GENTOO
ADV-2008-0924
vdb-entry
x_refsource_VUPEN
oval:org.mitre.oval:def:5767
vdb-entry
signature
x_refsource_OVAL
30040
third-party-advisory
x_refsource_SECUNIA
20070910 /* PHP <=5.2.4 open_basedir bypass & code exec & denial of service errata ... working on windows too .. */
mailing-list
x_refsource_BUGTRAQ
ADV-2008-0398
vdb-entry
x_refsource_VUPEN
http://www.php.net/releases/5_2_5.php
x_refsource_CONFIRM
27659
third-party-advisory
x_refsource_SECUNIA
29420
third-party-advisory
x_refsource_SECUNIA
APPLE-SA-2008-03-18
vendor-advisory
x_refsource_APPLE
SSRT080056
vendor-advisory
x_refsource_HP
20070910 PHP <=5.2.4 open_basedir bypass & code exec & denial of service
mailing-list
x_refsource_BUGTRAQ
HPSBUX02332
vendor-advisory
x_refsource_HP
http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0242
x_refsource_CONFIRM
http://docs.info.apple.com/article.html?artnum=307562
x_refsource_CONFIRM
27102
third-party-advisory
x_refsource_SECUNIA
SSRT080010
vendor-advisory
x_refsource_HP
26403
vdb-entry
x_refsource_BID
HPSBUX02308
vendor-advisory
x_refsource_HP
ADV-2007-3825
vdb-entry
x_refsource_VUPEN
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now