CVE-2007-0988
Published Feb 20, 2007
Last updated 5 years ago
Overview
- Description
- The zend_hash_init function in PHP 5 before 5.2.1 and PHP 4 before 4.4.5, when running on a 64-bit platform, allows context-dependent attackers to cause a denial of service (infinite loop) by unserializing certain integer expressions, which only cause 32-bit arguments to be used after the check for a negative value, as demonstrated by an "a:2147483649:{" argument.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.3
- Impact score
- 2.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:N/I:N/A:P
Weaknesses
- nvd@nist.gov
- CWE-119
Evaluator
- Comment
- Availability also affected by time out alarm for the script, which helps prevent infinite loops.
- Impact
- -
- Solution
- -
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FCAA3859-EAB8-4F6E-84FE-4DBBF9B1A251",
"versionEndExcluding": "4.4.5",
"versionStartIncluding": "4.0.0"
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E8CF9623-B049-425F-ADC0-3E7E94E2F7A3",
"versionEndExcluding": "5.2.1",
"versionStartIncluding": "5.0.0"
},
{
"criteria": "cpe:2.3:a:php:php:4.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EDBEC461-D553-41B7-8D85-20B6A933C21C"
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta_4_patch1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AEEF2298-98E8-409F-9205-84817CEF947B"
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6AFC00BA-D64D-4407-AC69-FDD9FF013943"
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D80F2A8B-B57F-4970-867A-55E8187C1502"
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EF4E0EFE-4FF6-4E8F-8EC5-68B059FC0C42"
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "49965B80-DC27-4864-BDF0-CBBFF16BFD80"
},
{
"criteria": "cpe:2.3:a:php:php:4.0:rc1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8212495A-0F2A-4787-93F2-F6618F9A777B"
},
{
"criteria": "cpe:2.3:a:php:php:4.0:rc2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C6F0F8FC-C57A-4AEA-A59F-41140347318A"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:5.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0FA3A32E-445A-4D39-A8D5-75F5370AD23D"
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5C18C3CD-969B-4AA3-AE3A-BA4A188F8BFF"
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "23E304C9-F780-4358-A58D-1E4C93977704"
}
],
"operator": "OR"
}
]
}
]