Description

Integer overflow in the substr_compare function in PHP 5.2.1 and earlier allows context-dependent attackers to read sensitive memory via a large value in the length argument, a different vulnerability than CVE-2006-1991.

Remediation

References

CVE-2007-1375

Related Vulnerabilities

Joomla! Core 3.x.x Security Bypass (3.0.0 - 3.9.23)

OpenSSL Improper Access Control Vulnerability (CVE-2016-7054)

PostgreSQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-32028)

Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-42029)

WordPress Plugin WP-Cal 'id' Parameter SQL Injection (0.3)

Severity

Medium

Classification

CVE-2007-1375

Tags

Missing Update Known Vulnerabilities