Public Date:
242032: CVE-2007-2872 php chunk_split integer overflow

The MITRE CVE dictionary describes this issue as:

Multiple integer overflows in the chunk_split function in PHP 5 before 5.2.3 and PHP 4 before 4.4.8 allow remote attackers to cause a denial of service (crash) or execute arbitrary code via the (1) chunks, (2) srclen, and (3) chunklen arguments.

Find out more about CVE-2007-2872 from the MITRE CVE dictionary dictionary and NIST NVD.


Red Hat is aware of this issue and is tracking it via the following bug:

The Red Hat Security Response Team has rated this issue as having moderate security impact, a future update may address this flaw.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 4 (php) RHSA-2007:0890 2007-09-20
Red Hat Application Stack v1 for Enterprise Linux AS (v.4) (php) RHSA-2007:0891 2007-10-25
Red Hat Enterprise Linux 2.1 (php) RHSA-2007:0888 2007-10-23
Red Hat Enterprise Linux 3 (php) RHSA-2007:0889 2007-09-26
Red Hat Enterprise Linux 5 (php) RHSA-2007:0890 2007-09-20
Last Modified

CVE description copyright © 2017, The MITRE Corporation