CVE-2007-1383

Name of the Vulnerable Software and Affected Versions PHP versions 4

Description The issue is caused by an integer overflow in the 16-bit variable reference counter, allowing context-dependent attackers to execute arbitrary code. This occurs when the same variable is destroyed twice due to the overflow. A local attacker may bypass restrictions or launch local root exploits against the affected system by creating a large number of references for a specific variable, resulting in a double destruction of the underlying variable. This may allow a local attacker to execute arbitrary code within the process executing PHP, resulting in a loss of integrity.

Recommendations For PHP version 4, at the moment, there is no information about a newer version that contains a fix for this vulnerability.