CVE-2007-1886 - Integer overflow in the str_replace function in PHP 4.4.5 and PHP 5.2.1 allows context-dependent att

CVE-2007-1886

Summary

Integer overflow in the str_replace function in PHP 4.4.5 and PHP 5.2.1 allows context-dependent attackers to have an unknown impact via a single character search string in conjunction with a single character replacement string, which causes an "off by one overflow."

References

Vulnerable Configurations

cpe:2.3:a:php:php:4.4.5:*:*:*:*:*:*:*
cpe:2.3:a:php:php:4.4.5:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*

CVSS

Base:	6.8 (as of 29-07-2017 - 01:31)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:M/Au:N/C:P/I:P/A:P

refmap via4

hp	HPSBMA02215 HPSBTU02232 SSRT071423 SSRT071429
misc	http://www.php-security.org/MOPB/MOPB-39-2007.html
secunia	25423 25850
vupen	ADV-2007-1991 ADV-2007-2374
xf	php-strreplace-single-unspecified(33768)

statements via4

contributor	Joshua Bressers
lastmodified	2007-11-30
organization	Red Hat
statement	We do not consider this flaw to be a security issue as it is only exploitable by the script author. No trust boundary is crossed. For more information please see: https://bugzilla.redhat.com/show_bug.cgi?id=mopb#c37

Last major update

29-07-2017 - 01:31

Published

06-04-2007 - 01:19

Last modified

29-07-2017 - 01:31