NVD

Id
56951  
Name
CVE-2007-4840  
Description
PHP 5.2.4 and earlier allows context-dependent attackers to cause a denial of service (application crash) via (1) a long string in the out_charset parameter to the iconv function; or a long string in the charset parameter to the (2) iconv_mime_decode_headers, (3) iconv_mime_decode, or (4) iconv_strlen function. NOTE: this might not be a vulnerability in most web server environments that support multiple threads, unless these issues can be demonstrated for code execution.  
Reject
 
CVSS Version
2  
CVSS Score
5  
Severity
Medium  
CVSS Base Score
5  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:N/I:N/A:P)  
Pub Date
2017-01-07  
Published
2007-09-12  
Modified Date
2011-03-07  
Seq
2007-4840  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
290686 56951 CVE-2007-4840 SUSE-SA:2008:004  View
290687 56951 CVE-2007-4840 3122  View
290688 56951 CVE-2007-4840 http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0242  View
290689 56951 CVE-2007-4840 GLSA-200710-02  View
290690 56951 CVE-2007-4840 20070906 PHP <= 5.2.4 multiple Iconv functions denial of service  View
290691 56951 CVE-2007-4840 HPSBUX02332  View
290692 56951 CVE-2007-4840 https://issues.rpath.com/browse/RPL-1943  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
52256 JVNDB-2007-000946 PHP の複数の関数におけるサービス運用妨害 (DoS) の脆弱性 PHP の複数の関数には out_charset パラメータもしくは charset パラメータの処理に不備が存在するために、サービス運用妨害 (DoS) 状態となる脆弱性が存在します。 CVE-2007-4840 28195 CVE-2007-4840 56951 5 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-000946.html 2007-09-12 2008-05-21 View