Security Advisory

CVE-2007-1777

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2007-03-30 01:00:00

Last updated 2024-08-07 13:06:26

Assigner mitre

State PUBLISHED

Description

Integer overflow in the zip_read_entry function in PHP 4 before 4.4.5 allows remote attackers to execute arbitrary code via a ZIP archive that contains an entry with a length value of 0xffffffff, which is incremented before use in an emalloc call, triggering a heap overflow.

← Browse all CVEs View on cve.org ↗