Description

Integer overflow in PHP 4.4.4 and earlier allows remote context-dependent attackers to execute arbitrary code via a long string to the unserialize function, which triggers the overflow in the ZVAL reference counter.

Remediation

References

CVE-2007-1286

Related Vulnerabilities

WordPress Cross-Site Scripting Vulnerability (3.0 - 3.6.1)

Envoy Proxy Reachable Assertion Vulnerability (CVE-2021-29258)

WordPress Plugin Conditional Payments for WooCommerce Cross-Site Request Forgery (2.3.1)

WebLogic CVE-2019-2615 Vulnerability (CVE-2019-2615)

WordPress Plugin Comment Extra Fields Multiple Cross-Site Scripting Vulnerabilities (1.7)

Severity

Medium

Classification

CVE-2007-1286

Tags

Missing Update Known Vulnerabilities