Description

PHP 5.2.1 allows context-dependent attackers to read portions of heap memory by executing certain scripts with a serialized data input string beginning with S:, which does not properly track the number of input bytes being processed.

Remediation

References

CVE-2007-1649

Related Vulnerabilities

Next.js Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2020-5284)

WordPress Other Vulnerability (CVE-2007-1230)

WordPress Plugin Simple Login Log Multiple Vulnerabilities (0.9.3)

PostgreSQL Other Vulnerability (CVE-1999-0862)

WordPress Plugin Mikiurl WordPress Eklentisi Cross-Site Request Forgery (2.0)

Severity

High

Classification

CVE-2007-1649

Tags

Missing Update Known Vulnerabilities