Back to search
CVE-2008-1384
Published: Mar 27, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
Integer overflow in PHP 5.2.5 and earlier allows context-dependent attackers to cause a denial of service and possibly have unspecified other impact via a printf format parameter with a large width specifier, related to the php_sprintf_appendstring function in formatted_print.c and probably other functions for formatted strings (aka *printf functions).
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20080321 {securityreason.com}PHP 5 *printf() - Integer Overflow
mailing-list
x_refsource_BUGTRAQ
32746
third-party-advisory
x_refsource_SECUNIA
GLSA-200811-05
vendor-advisory
x_refsource_GENTOO
DSA-1572
vendor-advisory
x_refsource_DEBIAN
30345
third-party-advisory
x_refsource_SECUNIA
USN-628-1
vendor-advisory
x_refsource_UBUNTU
30967
third-party-advisory
x_refsource_SECUNIA
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0176
x_refsource_CONFIRM
php-phpsprintfappendstring-overflow(41386)
vdb-entry
x_refsource_XF
20080527 rPSA-2008-0178-1 php php-mysql php-pgsql
mailing-list
x_refsource_BUGTRAQ
30411
third-party-advisory
x_refsource_SECUNIA
30158
third-party-advisory
x_refsource_SECUNIA
MDVSA-2009:023
vendor-advisory
x_refsource_MANDRIVA
MDVSA-2009:022
vendor-advisory
x_refsource_MANDRIVA
28392
vdb-entry
x_refsource_BID
31200
third-party-advisory
x_refsource_SECUNIA
SUSE-SR:2008:014
vendor-advisory
x_refsource_SUSE
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0178
x_refsource_CONFIRM
https://issues.rpath.com/browse/RPL-2503
x_refsource_CONFIRM
20080320 PHP 5.2.5 and prior : *printf() functions Integer Overflow
third-party-advisory
x_refsource_SREASONRES
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now