CVE-2007-1285

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions PHP versions 4.x before 4.4.7 PHP versions 5.x before 5.2.2

Description The issue allows remote attackers to cause a denial of service, resulting in stack exhaustion and a PHP crash. This is achieved by using deeply nested arrays, which trigger deep recursion in the variable destruction routines.

Recommendations For PHP versions 4.x before 4.4.7, update to version 4.4.7 or later to resolve the issue. For PHP versions 5.x before 5.2.2, update to version 5.2.2 or later to resolve the issue.

Exploit

Fix

DoS

Uncontrolled Recursion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-674

Related Identifiers

CVE-2007-1285

RHSA-2007:0082

RHSA-2007:0154

RHSA-2007:0155

RHSA-2007:0162

RHSA-2007:0163

RHSA-2007_0082

RHSA-2007_0155

Affected Products

Php

Red Hat

CVE-2007-1285

Weakness Enumeration

Related Identifiers

Affected Products

References · 66