[php5] [CVE-2007-4887] possible denial of service
Bug #162170 reported by
disabled.user
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
php5 (Ubuntu) |
Won't Fix
|
Wishlist
|
Unassigned |
Bug Description
Binary package hint: php5
References:
[1] http://
[2] http://
From [1]:
"The dl function in PHP 5.2.4 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long string in the library parameter. NOTE: there are limited usage scenarios under which this would be a vulnerability."
CVE References
To post a comment you must log in.
Thanks for the report. This CVE is not considered a real security issue since it is just a script-author-local crash of a PHP instance without evidence of controllable memory corruption.