CVE-2007-0988

Vulnerability Description

The zend_hash_init function in PHP 5 before 5.2.1 and PHP 4 before 4.4.5, when running on a 64-bit platform, allows context-dependent attackers to cause a denial of service (infinite loop) by unserializing certain integer expressions, which only cause 32-bit arguments to be used after the check for a negative value, as demonstrated by an "a:2147483649:{" argument.

CVSS Score

Affected Products

Related Weaknesses (CWE)

References

• ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.ascBroken Link
• http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=228858Issue TrackingThird Party Advisory
• http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objeBroken Link
• http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objeBroken Link
• http://osvdb.org/32762Broken Link
• http://rhn.redhat.com/errata/RHSA-2007-0089.htmlThird Party Advisory
• http://secunia.com/advisories/24195Third Party Advisory
• http://secunia.com/advisories/24217Third Party Advisory
• http://secunia.com/advisories/24236Third Party Advisory
• http://secunia.com/advisories/24248Third Party Advisory
• http://secunia.com/advisories/24284Third Party Advisory
• http://secunia.com/advisories/24295Third Party Advisory
• http://secunia.com/advisories/24322Third Party Advisory
• http://secunia.com/advisories/24419Third Party Advisory
• http://secunia.com/advisories/24421Third Party Advisory