Loading...
Loading...
Multiple integer overflows in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, allow remote attackers to obtain sensitive information (memory contents) or cause a denial of service (thread crash) via a large len value to the (1) strspn or (2) strcspn function, which triggers an out-of-bounds read. NOTE: this affects different product versions than CVE-2007-3996.
September 4, 2007
April 23, 2026
See which npm, PyPI, Go, and Maven packages are affected by CVE-2007-4657
EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.