CVE-2006-1990

Public Exploit

Description

Integer overflow in the wordwrap function in string.c in PHP 4.4.2 and 5.1.2 might allow context-dependent attackers to execute arbitrary code via certain long arguments that cause a small buffer to be allocated, which triggers a heap-based buffer overflow in a memcpy function call, a different vulnerability than CVE-2002-1396.

5.0

CVSS

Severity: Medium

CVSS 2.0 •

EPSS 0.96% Top 25%

Vendor Advisory turbolinux.com Vendor Advisory novell.com Vendor Advisory mandriva.com Vendor Advisory gentoo.org Vendor Advisory redhat.com Vendor Advisory ubuntu.com Vendor Advisory redhat.com Vendor Advisory redhat.com Vendor Advisory mandriva.com Vendor Advisory apple.com Vendor Advisory sgi.com

Affected: n/a n/a

References

Link	Tags
http://www.vupen.com/english/advisories/2006/4750	vdb entry
http://secunia.com/advisories/21723	third party advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/26001	vdb entry
https://issues.rpath.com/browse/RPL-683
http://secunia.com/advisories/21252	third party advisory
http://securitytracker.com/id?1015979	vdb entry
http://secunia.com/advisories/20222	third party advisory
http://docs.info.apple.com/article.html?artnum=304829
http://www.turbolinux.com/security/2006/TLSA-2006-38.txt	vendor advisory
http://support.avaya.com/elmodocs2/security/ASA-2006-160.htm
http://secunia.com/advisories/21050	third party advisory
http://www.novell.com/linux/security/advisories/2006_31_php.html	vendor advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2006:091	vendor advisory
http://security.gentoo.org/glsa/glsa-200605-08.xml	vendor advisory
http://secunia.com/advisories/20269	third party advisory
http://www.redhat.com/support/errata/RHSA-2006-0568.html	vendor advisory
http://secunia.com/advisories/21135	third party advisory
http://secunia.com/advisories/20676	third party advisory
http://www.ubuntu.com/usn/usn-320-1	vendor advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9696	vdb entry signature
http://secunia.com/advisories/19803	third party advisory
http://www.securityfocus.com/archive/1/447866/100/0/threaded	mailing list
http://www.redhat.com/support/errata/RHSA-2006-0501.html	vendor advisory
http://secunia.com/advisories/23155	third party advisory
http://rhn.redhat.com/errata/RHSA-2006-0549.html	vendor advisory
http://secunia.com/advisories/22225	third party advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2006:122	vendor advisory
http://secunia.com/advisories/21125	third party advisory
http://www.infigo.hr/en/in_focus/advisories/INFIGO-2006-04-02	exploit
http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html	vendor advisory
http://www.vupen.com/english/advisories/2006/1500	vdb entry
http://www.us-cert.gov/cas/techalerts/TA06-333A.html	third party advisory us government resource
http://secunia.com/advisories/21031	third party advisory
http://secunia.com/advisories/20052	third party advisory
http://secunia.com/advisories/21564	third party advisory
ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U	vendor advisory
http://support.avaya.com/elmodocs2/security/ASA-2006-175.htm

Frequently Asked Questions

What is the severity of CVE-2006-1990?: CVE-2006-1990 has been scored as a medium severity vulnerability.
How to fix CVE-2006-1990?: To fix CVE-2006-1990, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2006-1990 being actively exploited in the wild?: It is possible that CVE-2006-1990 is being exploited or will be exploited in a near future based on public information. According to its EPSS score, there is a ~1% probability that this vulnerability will be exploited by malicious actors in the next 30 days.