CVE-2006-1990

Severity

50%

Complexity

99%

Confidentiality

48%

Integer overflow in the wordwrap function in string.c in PHP 4.4.2 and 5.1.2 might allow context-dependent attackers to execute arbitrary code via certain long arguments that cause a small buffer to be allocated, which triggers a heap-based buffer overflow in a memcpy function call, a different vulnerability than CVE-2002-1396.

Integer overflow in the wordwrap function in string.c in PHP 4.4.2 and 5.1.2 might allow context-dependent attackers to execute arbitrary code via certain long arguments that cause a small buffer to be allocated, which triggers a heap-based buffer overflow in a memcpy function call, a different vulnerability than CVE-2002-1396.

CVSS 2.0 Base Score 5. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P).

Overview

Type

PHP PHP

First reported 18 years ago

2006-04-24 23:02:00

Last updated 6 years ago

2018-10-18 16:37:00

Affected Software

PHP PHP 4.4.2

4.4.2

PHP PHP 5.1.2

5.1.2

References

20060701-01-U

http://docs.info.apple.com/article.html?artnum=304829

APPLE-SA-2006-11-28

RHSA-2006:0549

19803

20052

20222

20269

20676

21031

21050

21125

21135

21252

21564

21723

22225

23155

GLSA-200605-08

1015979

http://support.avaya.com/elmodocs2/security/ASA-2006-160.htm

http://support.avaya.com/elmodocs2/security/ASA-2006-175.htm

http://www.infigo.hr/en/in_focus/advisories/INFIGO-2006-04-02

Exploit

MDKSA-2006:091

MDKSA-2006:122

SUSE-SA:2006:031

RHSA-2006:0501

RHSA-2006:0568

20061005 rPSA-2006-0182-1 php php-mysql php-pgsql

TLSA-2006-38

USN-320-1

TA06-333A

US Government Resource

ADV-2006-1500

ADV-2006-4750

php-wordwrap-string-bo(26001)

https://issues.rpath.com/browse/RPL-683

oval:org.mitre.oval:def:9696

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.