Description

Integer overflow in the str_replace function in PHP 4.4.5 and PHP 5.2.1 allows context-dependent attackers to have an unknown impact via a single character search string in conjunction with a single character replacement string, which causes an "off by one overflow."

Remediation

References

CVE-2007-1886

Related Vulnerabilities

Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-1999006)

WordPress 3.9.x Multiple Vulnerabilities (3.9 - 3.9.28)

WordPress Plugin Secure File Manager Remote Code Execution (2.8.1)

WebLogic CVE-2020-5421 Vulnerability (CVE-2020-5421)

WordPress Plugin PowerPack for Beaver Builder Privilege Escalation (2.33.0)

Severity

Medium

Classification

CVE-2007-1886

Tags

Missing Update Known Vulnerabilities