CVE-2006-1990

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Integer overflow in the wordwrap function in string.c in PHP 4.4.2 and 5.1.2 might allow context-dependent attackers to execute arbitrary code via certain long arguments that cause a small buffer to be allocated, which triggers a heap-based buffer overflow in a memcpy function call, a different vulnerability than CVE-2002-1396.

References

ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U

http://docs.info.apple.com/article.html?artnum=304829

http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html

http://rhn.redhat.com/errata/RHSA-2006-0549.html

http://secunia.com/advisories/19803

http://secunia.com/advisories/20052

http://secunia.com/advisories/20222

http://secunia.com/advisories/20269

http://secunia.com/advisories/20676

http://secunia.com/advisories/21031

http://secunia.com/advisories/21050

http://secunia.com/advisories/21125

http://secunia.com/advisories/21135

http://secunia.com/advisories/21252

http://secunia.com/advisories/21564

http://secunia.com/advisories/21723

http://secunia.com/advisories/22225

http://secunia.com/advisories/23155

http://security.gentoo.org/glsa/glsa-200605-08.xml

http://securitytracker.com/id?1015979

http://support.avaya.com/elmodocs2/security/ASA-2006-160.htm

http://support.avaya.com/elmodocs2/security/ASA-2006-175.htm

http://www.infigo.hr/en/in_focus/advisories/INFIGO-2006-04-02

http://www.mandriva.com/security/advisories?name=MDKSA-2006:091

http://www.mandriva.com/security/advisories?name=MDKSA-2006:122

http://www.novell.com/linux/security/advisories/2006_31_php.html

http://www.redhat.com/support/errata/RHSA-2006-0501.html

http://www.redhat.com/support/errata/RHSA-2006-0568.html

http://www.securityfocus.com/archive/1/447866/100/0/threaded

http://www.turbolinux.com/security/2006/TLSA-2006-38.txt

http://www.ubuntu.com/usn/usn-320-1

http://www.us-cert.gov/cas/techalerts/TA06-333A.html

http://www.vupen.com/english/advisories/2006/1500

http://www.vupen.com/english/advisories/2006/4750

https://exchange.xforce.ibmcloud.com/vulnerabilities/26001

https://issues.rpath.com/browse/RPL-683

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9696

Details

Source: MITRE

Published: 2006-04-24

Updated: 2018-10-18

Risk Information

CVSS v2

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:php:php:4.4.2:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.1.2:*:*:*:*:*:*:*

Tenable Plugins

View all (11 total)

IDNameProductFamilySeverity
27897Ubuntu 5.04 / 5.10 / 6.06 LTS : php4, php5 vulnerabilities (USN-320-1)NessusUbuntu Local Security Checks
high
27389openSUSE 10 Security Update : php5 (php5-1590)NessusSuSE Local Security Checks
medium
3509PHP 5.1.x < 5.1.4 Multiple VulnerabilitiesNessus Network MonitorWeb Servers
medium
22268PHP < 4.4.3 / 5.1.4 Multiple VulnerabilitiesNessusCGI abuses
high
22053Mandrake Linux Security Advisory : php (MDKSA-2006:122)NessusMandriva Local Security Checks
critical
22044RHEL 3 / 4 : php (RHSA-2006:0568)NessusRed Hat Local Security Checks
high
22037CentOS 3 / 4 : php (CESA-2006:0568)NessusCentOS Local Security Checks
high
21602Mandrake Linux Security Advisory : php (MDKSA-2006:091)NessusMandriva Local Security Checks
medium
21594RHEL 2.1 : php (RHSA-2006:0501)NessusRed Hat Local Security Checks
high
21350GLSA-200605-08 : PHP: Multiple vulnerabilitiesNessusGentoo Local Security Checks
medium
801115PHP < 5.1.4 Multiple VulnerabilitiesLog Correlation EngineWeb Servers
high