CVE-2007-1581

Name of the Vulnerable Software and Affected Versions PHP versions 5.0.0 through 5.3.2

Description The resource system in PHP allows context-dependent attackers to execute arbitrary code by interrupting the hash update file function via a userspace (1) error or (2) stream handler, which can then be used to destroy and modify internal resources.

Recommendations For PHP versions 5.0.0 through 5.3.2, consider disabling the hash update file function until a patch is available to prevent exploitation. Restrict access to the resource system to minimize the risk of arbitrary code execution.