CVE-2007-1883

Name of the Vulnerable Software and Affected Versions: PHP versions 4.0.0 through 4.4.6 PHP versions 5.0.0 through 5.2.1

Description: The issue allows context-dependent attackers to read arbitrary memory locations via an interruption that triggers a user space error handler, changing a parameter to an arbitrary pointer. This is demonstrated via the iptcembed function, which calls certain convert to * functions with its input parameters.

Recommendations: For PHP versions 4.0.0 through 4.4.6, update to a version outside of this range to resolve the issue. For PHP versions 5.0.0 through 5.2.1, update to a version outside of this range to resolve the issue.