Описание
Integer overflow in the str_replace function in PHP 4.4.5 and PHP 5.2.1 allows context-dependent attackers to have an unknown impact via a single character search string in conjunction with a single character replacement string, which causes an "off by one overflow."
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:php:php:4.4.5:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*
EPSS
Процентиль: 69%
0.00606
Низкий
6.8 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
debian
около 18 лет назад
Integer overflow in the str_replace function in PHP 4.4.5 and PHP 5.2. ...
github
около 3 лет назад
Integer overflow in the str_replace function in PHP 4.4.5 and PHP 5.2.1 allows context-dependent attackers to have an unknown impact via a single character search string in conjunction with a single character replacement string, which causes an "off by one overflow."
EPSS
Процентиль: 69%
0.00606
Низкий
6.8 Medium
CVSS2
Дефекты
NVD-CWE-Other