CVE-2007-4784

Name of the Vulnerable Software and Affected Versions: PHP versions prior to 5.2.4

Description: The issue allows context-dependent attackers to cause a denial of service, resulting in an application crash, by providing a long string in the locale parameter to the setlocale function. This might not be considered a vulnerability in most web server environments that support multiple threads, unless it can be demonstrated to allow code execution.

Recommendations: For PHP versions prior to 5.2.4, update to version 5.2.4 or later to resolve the issue. As a temporary workaround, consider restricting the length of the string passed to the locale parameter in the setlocale function to prevent denial of service attacks.