VYPR
Unrated severityNVD Advisory· Published Apr 6, 2007· Updated Jun 16, 2026

CVE-2007-1886

CVE-2007-1886

Description

Integer overflow in the str_replace function in PHP 4.4.5 and PHP 5.2.1 allows context-dependent attackers to have an unknown impact via a single character search string in conjunction with a single character replacement string, which causes an "off by one overflow."

Affected products

3
  • PHP/PHP3 versions
    cpe:2.3:a:php:php:4.4.5:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:php:php:4.4.5:*:*:*:*:*:*:*
    • cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*
    • (no CPE)range: 4.4.5, 5.2.1

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.