FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2007-0988

This CVE name corresponds to:

Entered	Topic
2007-02-17	php -- multiple vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2007-0988 at cve.mitre.org

Details

Type	Candidate
Name	CVE-2007-0988
Phase	Assigned(20070216)

Description

The zend_hash_init function in PHP 5 before 5.2.1 and PHP 4 before 4.4.5, when running on a 64-bit platform, allows context-dependent attackers to cause a denial of service (infinite loop) by unserializing certain integer expressions, which only cause 32-bit arguments to be used after the check for a negative value, as demonstrated by an "a:2147483649:{" argument.

References

Source	Reference
BUGTRAQ	20070227 rPSA-2007-0043-1 php php-mysql php-pgsql
MISC	http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=228858
MISC	http://www.php.net/releases/5_2_1.php
MISC	http://www.php-security.org/MOPB/MOPB-05-2007.html
CONFIRM	https://issues.rpath.com/browse/RPL-1088
CONFIRM	http://support.avaya.com/elmodocs2/security/ASA-2007-101.htm
CONFIRM	http://support.avaya.com/elmodocs2/security/ASA-2007-136.htm
DEBIAN	DSA-1264
GENTOO	GLSA-200703-21
HP	HPSBMA02215
HP	SSRT071423
HP	HPSBTU02232
HP	SSRT071429
MANDRIVA	MDKSA-2007:048
OPENPKG	OpenPKG-SA-2007.010
REDHAT	RHSA-2007:0076
REDHAT	RHSA-2007:0081
REDHAT	RHSA-2007:0089
REDHAT	RHSA-2007:0088
REDHAT	RHSA-2007:0082
SGI	20070201-01-P
SUSE	SUSE-SA:2007:032
TRUSTIX	2007-0009
UBUNTU	USN-424-1
UBUNTU	USN-424-2
OVAL	oval:org.mitre.oval:def:11092
VUPEN	ADV-2007-1991
VUPEN	ADV-2007-2374
OSVDB	32762
SECTRACK	1017671
SECUNIA	24195
SECUNIA	24217
SECUNIA	24248
SECUNIA	24236
SECUNIA	24295
SECUNIA	24322
SECUNIA	24432
SECUNIA	24421
SECUNIA	24606
SECUNIA	24642
SECUNIA	25056
SECUNIA	25423
SECUNIA	24284
SECUNIA	24419
SECUNIA	25850
SREASON	2315
XF	php-zendhashinit-dos(32709)