CVE-2007-1777

CVE-2007-1777 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Integer overflow in the zip_read_entry function in PHP 4 before 4.4.5 allows remote attackers to execute arbitrary code via a ZIP archive that contains an entry with a length value of 0xffffffff, which is incremented before use in an emalloc call, triggering a heap overflow.

Learn more about our Web Application Penetration Testing UK.