Description

Integer overflow in PHP 4.4.4 and earlier allows remote context-dependent attackers to execute arbitrary code via a long string to the unserialize function, which triggers the overflow in the ZVAL reference counter.

Remediation

References

CVE-2007-1286

Related Vulnerabilities

Oracle Database Server CVE-2011-3511 Vulnerability (CVE-2011-3511)

WordPress Plugin iThemes Security (formerly Better WP Security) Cross-Site Scripting (3.5.3)

phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-2042)

WordPress Plugin VideoWhisper Video Presentation 'vw_upload.php' Arbitrary File Upload (3.17)

WordPress Plugin CBX Bookmark & Favorite Cross-Site Scripting (1.6.8)

Severity

Medium

Classification

CVE-2007-1286

Tags

Missing Update Known Vulnerabilities