CVE-2007-2872 | SynScan

Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2007-2872

Multiple integer overflows in the chunk_split function in PHP 5 before 5.2.3 and PHP 4 before 4.4.8 allow remote attackers to cause a denial of service (crash) or execute arbitrary code via the (1) chunks, (2) srclen, and (3) chunklen arguments.

Published: Jun 4, 2007
Updated: Apr 13, 2023
CVE: CVE-2007-2872
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

CWEs:

CWE-189

Affected Software
References

Software	From	Fixed in
php / php	5.1.5	5.1.5.x
php / php	5.1.2	5.1.2.x
php / php	5.1.1	5.1.1.x
php / php	5.1.6	5.1.6.x
php / php	5.2.2	5.2.2.x
php / php	5.0.5	5.0.5.x
php / php	5.0.1	5.0.1.x
php / php	5.1.4	5.1.4.x
php / php	5.0.4	5.0.4.x
php / php	-	4.4.7.x
php / php	5.0.3	5.0.3.x
php / php	5.1.0	5.1.0.x
php / php	5.2.0	5.2.0.x
php / php	5.1.3	5.1.3.x
php / php	5.0.2	5.0.2.x
php / php	5.2.1	5.2.1.x
php / php	5.0.0	5.0.0.x