PHP 5 'php_sprintf_appendstring()' Remote Integer Overflow Vulnerability

PHP 5 is prone to an integer-overflow vulnerability because the software fails to ensure that integer values are not overrun.

Successful exploits of this vulnerability allow remote attackers to execute arbitrary machine code in the context of a webserver affected by the issue. Failed attempts will likely result in denial-of-service conditions.

PHP 5.2.5 and prior versions are vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus