Description

The WDDX deserializer in the wddx extension in PHP 5 before 5.2.1 and PHP 4 before 4.4.5 does not properly initialize the key_length variable for a numerical key, which allows context-dependent attackers to read stack memory via a wddxPacket element that contains a variable with a string name before a numerical variable.

Remediation

References

CVE-2007-0908

Related Vulnerabilities

WordPress Plugin Data Tables Generator by Supsystic Cross-Site Scripting (1.10.0)

XWiki URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2023-32068)

Joomla! Core 1.5.x Cross-Site Scripting (1.5.0 - 1.5.10)

Oracle JRE CVE-2018-2602 Vulnerability (CVE-2018-2602)

WordPress Plugin SS Downloads Multiple Cross-Site Scripting Vulnerabilities (1.4.4.1)

Severity

Medium

Classification

CVE-2007-0908 CWE-20

Tags

Missing Update Known Vulnerabilities