Required CVE Record Information
Description
The chunk_split function in string.c in PHP 5.2.3 does not properly calculate the needed buffer size due to precision loss when performing integer arithmetic with floating point numbers, which has unknown attack vectors and impact, possibly resulting in a heap-based buffer overflow. NOTE: this is due to an incomplete fix for CVE-2007-2872.
References 14 Total
- https://launchpad.net/bugs/173043
- lists.opensuse.org: SUSE-SA:2008:004 vendor-advisory
- secunia.com: 28658 third-party-advisory
- gentoo.org: GLSA-200710-02 vendor-advisory
- secunia.com: 27864 third-party-advisory
- http://www.php.net/ChangeLog-5.php#5.2.4
- usn.ubuntu.com: USN-549-1 vendor-advisory
- https://issues.rpath.com/browse/RPL-1702
- secunia.com: 26838 third-party-advisory
- secunia.com: 27102 third-party-advisory
- http://www.php.net/releases/5_2_4.php
- ubuntu.com: USN-549-2 vendor-advisory
- http://cvs.php.net/viewvc.cgi/php-src/ext/standard/string.c?r1=1.445.2.14.2.58&r2=1.445.2.14.2.59
- secunia.com: 26642 third-party-advisory
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 14 Total
- https://launchpad.net/bugs/173043 x_transferred
- lists.opensuse.org: SUSE-SA:2008:004 vendor-advisoryx_transferred
- secunia.com: 28658 third-party-advisoryx_transferred
- gentoo.org: GLSA-200710-02 vendor-advisoryx_transferred
- secunia.com: 27864 third-party-advisoryx_transferred
- http://www.php.net/ChangeLog-5.php#5.2.4 x_transferred
- usn.ubuntu.com: USN-549-1 vendor-advisoryx_transferred
- https://issues.rpath.com/browse/RPL-1702 x_transferred
- secunia.com: 26838 third-party-advisoryx_transferred
- secunia.com: 27102 third-party-advisoryx_transferred
- http://www.php.net/releases/5_2_4.php x_transferred
- ubuntu.com: USN-549-2 vendor-advisoryx_transferred
- http://cvs.php.net/viewvc.cgi/php-src/ext/standard/string.c?r1=1.445.2.14.2.58&r2=1.445.2.14.2.59 x_transferred
- secunia.com: 26642 third-party-advisoryx_transferred