CVE-2007-2872

Published: 04 June 2007

Multiple integer overflows in the chunk_split function in PHP 5 before 5.2.3 and PHP 4 before 4.4.8 allow remote attackers to cause a denial of service (crash) or execute arbitrary code via the (1) chunks, (2) srclen, and (3) chunklen arguments.

Priority

Low

Status

Package Release Status
php5
Launchpad, Ubuntu, Debian
Upstream
Released (5.2.4)