Published: 10/10/2006 Updated: 30/10/2018

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Integer overflow in PHP 5 up to 5.1.6 and 4 prior to 4.3.0 allows remote malicious users to execute arbitrary code via an argument to the unserialize PHP function with a large value for the number of array elements, which triggers the overflow in the Zend Engine ecalloc function (Zend/zend_alloc.c).

Vulnerable Product	Search on Vulmon	Subscribe to Product
php php 4.0.4
php php 4.0.5
php php 4.1.1
php php 4.1.2
php php 5.0.1
php php 5.0.2
php php 5.0.3
php php 5.1.1
php php 5.1.2
php php 4.0.3
php php 4.0.7
php php 4.1.0
php php 4.2
php php 5.0.0
php php 5.0
php php 5.1.0
php php 4.0.1
php php 4.0.2
php php 4.2.2
php php 4.2.3
php php 5.1.5
php php 5.1.6
php php 4.0
php php 4.0.6
php php 4.2.0
php php 4.2.1
php php 5.0.4
php php 5.0.5
php php 5.1.3
php php 5.1.4

Debian Bug report logs - #391586 Security: Possible remote-code execution via integer overflow (CVE-2006-4812) Package: php5; Maintainer for php5 is Debian PHP Maintainers <pkg-php-maint@listsaliothdebianorg>; Source for php5 is src:php5 (PTS, buildd, popcon) Reported by: debian-bts@spamblocknetzgehirnde Date: Sat, 7 ...

The stripos() function did not check for invalidly long or empty haystack strings In an application that uses this function on arbitrary untrusted data this could be exploited to crash the PHP interpreter (CVE-2006-4485) ...

source: wwwsecurityfocuscom/bid/20349/info PHP is prone to an integer-overflow vulnerability because the application fails to do proper bounds checking on user-supplied data An attacker can exploit this vulnerability to execute arbitrary code in the context of the affected application Failed exploit attempts will likely cause denial-of ...

CVE-2006-4812

Vulnerability Summary

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect