Description

Integer overflow in the str_replace function in PHP 4.4.5 and PHP 5.2.1 allows context-dependent attackers to have an unknown impact via a single character search string in conjunction with a single character replacement string, which causes an "off by one overflow."

Remediation

References

CVE-2007-1886

Related Vulnerabilities

WordPress Plugin Easy Testimonial Manager SQL Injection (1.2.0)

WordPress Plugin Banner Effect Header Cross-Site Request Forgery (1.2.6)

Magento Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-8707)

WordPress 4.5.x Multiple Vulnerabilities (4.5 - 4.5.27)

WordPress Plugin Count per Day Multiple Cross-Site Scripting Vulnerabilities (3.5.4)

Severity

Medium

Classification

CVE-2007-1886

Tags

Missing Update Known Vulnerabilities