CVE-2007-1885

Name of the Vulnerable Software and Affected Versions: PHP versions prior to 4.4.5 PHP versions prior to 5.2.1

Description: The issue is related to an integer overflow in the str replace function, allowing context-dependent attackers to execute arbitrary code via a single character search string in conjunction with a long replacement string. This overflow occurs due to the excessive length of the replacement string, which overflows a 32-bit length counter.

Recommendations: For PHP versions prior to 4.4.5, update to version 4.4.5 or later. For PHP versions prior to 5.2.1, update to version 5.2.1 or later.