CVE-2006-1990

Name of the Vulnerable Software and Affected Versions PHP versions 4.3.11 and prior PHP versions 4.4.2 and prior PHP versions 5.0.5 and prior PHP versions 5.1.3 RC1 and prior

Description The issue is related to multiple problems in PHP, including a buffer overflow error in the wordwrap() function, an error in the array fill() function that can lead to memory exhaustion, and an input validation error in the substr compare() function that can cause a denial of service. These issues could be exploited by remote attackers or malicious users to execute arbitrary commands or exhaust system resources.

Recommendations For PHP versions 4.3.11 and prior, consider upgrading to a newer version to address the vulnerabilities. For PHP versions 4.4.2 and prior, consider upgrading to a newer version to address the vulnerabilities. For PHP versions 5.0.5 and prior, consider upgrading to a newer version to address the vulnerabilities. For PHP versions 5.1.3 RC1 and prior, consider upgrading to a newer version to address the vulnerabilities. As a temporary workaround, consider restricting the use of the wordwrap(), array fill(), and substr compare() functions until a patch is available.