| Revision Date: | 2015-11-16 | Version: | 1 | | Title: | CVE-2007-1380 | | Description: |
The php_binary serialization handler in the session extension in PHP before 4.4.5, and 5.x before 5.2.1, allows context-dependent attackers to obtain sensitive information (memory contents) via a serialized variable entry with a large length value, which triggers a buffer over-read.
| | Family: | unix | Class: | vulnerability | | Status: | | Reference(s): | CVE-2007-1380
| | Platform(s): | Open Enterprise Server
openSUSE 10.2
SUSE CORE 9 for AMD64 and Intel EM64T
SUSE CORE 9 for IBM POWER
SUSE CORE 9 for IBM S/390 31bit
SUSE CORE 9 for IBM zSeries 64bit
SUSE CORE 9 for Itanium Processor Family
SUSE CORE 9 for x86
SUSE LINUX 10.0
SUSE LINUX 9.3
SuSE Linux Enterprise Server 8 for AMD64
SuSE Linux Enterprise Server 8 for IBM iSeries and IBM pSeries
SuSE Linux Enterprise Server 8 for IBM zSeries
SuSE Linux Enterprise Server 8 for IPF
SuSE Linux Openexchange Server 4
SUSE LINUX Retail Solution 8
SuSE Linux School Server for i386
SuSE Linux Standard Server 8
UnitedLinux 1.0
| Product(s): | |
|