CVE-2007-3998

php floating point exception inside wordwrap

Severity Score

5.0

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

The wordwrap function in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, does not properly use the breakcharlen variable, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash, or infinite loop) via certain arguments, as demonstrated by a 'chr(0), 0, ""' argument set.

La función wordwrap del PHP 4 anterior al 4.4.8 y el PHP 5 anterior al 5.2.4, no utiliza correctamente la variable breakcharlen, lo que permite a atacantes remotos provocar una denegación de servicio (error de división por cero y caída de la aplicación o bucle infinito) a través de ciertos argumentos, como lo demostrado con el establecimiento del argumento 'chr(0), 0, ""'.

*Credits: N/A

CVSS Scores

NISTv2 5.0

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2007-07-25 CVE Reserved
2007-09-04 CVE Published
2024-08-07 CVE Updated
2024-08-15 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-20: Improper Input Validation

CAPEC

References (36)

URL	Tag	Source
http://secunia.com/advisories/26642	Third Party Advisory
http://secunia.com/advisories/26822	Third Party Advisory
http://secunia.com/advisories/26838	Third Party Advisory
http://secunia.com/advisories/26871	Third Party Advisory
http://secunia.com/advisories/26895	Third Party Advisory
http://secunia.com/advisories/26930	Third Party Advisory
http://secunia.com/advisories/26967	Third Party Advisory
http://secunia.com/advisories/27102	Third Party Advisory
http://secunia.com/advisories/27377	Third Party Advisory
http://secunia.com/advisories/27545	Third Party Advisory
http://secunia.com/advisories/27864	Third Party Advisory
http://secunia.com/advisories/28249	Third Party Advisory
http://secunia.com/advisories/28658	Third Party Advisory
http://secunia.com/advisories/30288	Third Party Advisory
http://secweb.se/en/advisories/php-wordwrap-vulnerability	Third Party Advisory
http://support.avaya.com/elmodocs2/security/ASA-2007-449.htm	Third Party Advisory
https://issues.rpath.com/browse/RPL-1693	Broken Link
https://issues.rpath.com/browse/RPL-1702	Broken Link
https://launchpad.net/bugs/173043	Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10603	Signature

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html	2018-10-26
http://rhn.redhat.com/errata/RHSA-2007-0889.html	2018-10-26
http://www.debian.org/security/2008/dsa-1444	2018-10-26
http://www.debian.org/security/2008/dsa-1578	2018-10-26
http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml	2018-10-26
http://www.mandriva.com/security/advisories?name=MDKSA-2007:187	2018-10-26
http://www.php.net/ChangeLog-5.php#5.2.4	2018-10-26
http://www.php.net/releases/5_2_4.php	2018-10-26
http://www.redhat.com/support/errata/RHSA-2007-0890.html	2018-10-26
http://www.redhat.com/support/errata/RHSA-2007-0891.html	2018-10-26
http://www.trustix.org/errata/2007/0026	2018-10-26
http://www.ubuntu.com/usn/usn-549-2	2018-10-26
https://usn.ubuntu.com/549-1	2018-10-26
https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00354.html	2018-10-26
https://access.redhat.com/security/cve/CVE-2007-3998	2007-10-23
https://bugzilla.redhat.com/show_bug.cgi?id=276081	2007-10-23

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Php Search vendor "Php"		Php Search vendor "Php" for product "Php"				>= 4.0.0 < 4.4.8 Search vendor "Php" for product "Php" and version " >= 4.0.0 < 4.4.8"		-		Affected
Php Search vendor "Php"		Php Search vendor "Php" for product "Php"				>= 5.0.0 < 5.2.4 Search vendor "Php" for product "Php" and version " >= 5.0.0 < 5.2.4"		-		Affected
Debian Search vendor "Debian"		Debian Linux Search vendor "Debian" for product "Debian Linux"				3.1 Search vendor "Debian" for product "Debian Linux" and version "3.1"		-		Affected
Debian Search vendor "Debian"		Debian Linux Search vendor "Debian" for product "Debian Linux"				4.0 Search vendor "Debian" for product "Debian Linux" and version "4.0"		-		Affected
Canonical Search vendor "Canonical"		Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux"				6.06 Search vendor "Canonical" for product "Ubuntu Linux" and version "6.06"		lts		Affected
Canonical Search vendor "Canonical"		Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux"				6.10 Search vendor "Canonical" for product "Ubuntu Linux" and version "6.10"		-		Affected
Canonical Search vendor "Canonical"		Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux"				7.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "7.04"		-		Affected
Canonical Search vendor "Canonical"		Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux"				7.10 Search vendor "Canonical" for product "Ubuntu Linux" and version "7.10"		-		Affected