Integer overflow in PHP 5 up to 5.1.6 and 4 before 4.3.0 allows remote attackers to execute arbitrary code via an argument to the unserialize PHP function with a large value for the number of array elements, which triggers the overflow in the Zend Engine ecalloc function (Zend/zend_alloc.c).
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2006-10-09T18:00:00
Updated: 2024-08-07T19:23:41.021Z
Reserved: 2006-09-15T00:00:00
Link: CVE-2006-4812
Vulnrichment
No data.
NVD
Status : Modified
Published: 2006-10-10T04:06:00.000
Modified: 2024-11-21T00:16:48.757
Link: CVE-2006-4812
Redhat