Description

The WDDX deserializer in the wddx extension in PHP 5 before 5.2.1 and PHP 4 before 4.4.5 does not properly initialize the key_length variable for a numerical key, which allows context-dependent attackers to read stack memory via a wddxPacket element that contains a variable with a string name before a numerical variable.

Remediation

References

CVE-2007-0908

Related Vulnerabilities

WordPress Plugin Search Everything SQL Injection (8.1.5)

WordPress Plugin 1 Flash Gallery Cross-Site Scripting and SQL Injection Vulnerabilities (0.2.5)

Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-7832)

Oracle HTTP Server Out-of-bounds Read Vulnerability (CVE-2018-16890)

Moodle Improper Authentication Vulnerability (CVE-2014-0214)

Severity

Medium

Classification

CVE-2007-0908 CWE-20

Tags

Missing Update Known Vulnerabilities