Your submission was sent successfully! Close

CVE-2008-1384

Published: 27 March 2008

Integer overflow in PHP 5.2.5 and earlier allows context-dependent attackers to cause a denial of service and possibly have unspecified other impact via a printf format parameter with a large width specifier, related to the php_sprintf_appendstring function in formatted_print.c and probably other functions for formatted strings (aka *printf functions).

Priority

Negligible

Status

Package Release Status
php5
Launchpad, Ubuntu, Debian
dapper
Released (5.1.2-1ubuntu3.12)
edgy Needed

feisty
Released (5.2.1-0ubuntu1.6)
gutsy
Released (5.2.3-1ubuntu6.4)
hardy
Released (5.2.4-2ubuntu5.3)
upstream
Released (5.2.6)