PHP 5 Substr_Count Integer Overflow Vulnerability

PHP 5 is prone to an integer-overflow vulnerability because it fails to ensure that integer values aren't overrun.

A local attacker can exploit this vulnerability to obtain sensitive information (such as stack offsets, variables, and canaries) that may aid in other attacks.

PHP 5.2.1 and earlier versions are reported vulnerable to this issue.

NOTE: This issue is closely related to the one described in BID 22851 (PHP 5 Substr_Compare Integer Overflow Vulnerability).


Privacy Statement
Copyright 2010, SecurityFocus