PT-2007-5923 · Php+1 · Php+1

Published

2007-09-10

Updated

2024-06-15

CVE-2007-4783

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions: PHP versions 5.2.4 and earlier

Description: The issue allows context-dependent attackers to cause a denial of service, either by crashing the application via a long string in the charset parameter, likely requiring a long string in the str parameter, or by causing a temporary application hang via a long string in the str parameter.

Recommendations: For PHP versions 5.2.4 and earlier, consider updating to a newer version to mitigate the risk of denial of service attacks. As a temporary workaround, consider restricting the length of strings passed to the iconv substr function to prevent potential crashes or hangs.

Fix

DoS

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2007-4783

HPSBUX02332

OPENSUSE-SU-2024:11167-1

OPENSUSE-SU-2024:11169-1

Affected Products

Hp-Ux

Php

PT-2007-5923 · Php+1 · Php+1

CVE-2007-4783

Weakness Enumeration

Related Identifiers

Affected Products

References · 124