VDB
CVE-2006-1991
CVE-2006-1991
PUBLISHED
Reported by redhat · Published April 24, 2006
The substr_compare function in string.c in PHP 5.1.2 allows context-dependent attackers to cause a denial of service (memory access violation) via an out-of-bounds offset argument.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| n/a | n/a | n/a, *, * |
Timeline
- Apr 24, 2006 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 1, 2022 CVE Updated
- May 20, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
References
- 1015979 vdb-entryx_refsource_SECTRACK
- php-substrcompare-length-dos(26003) vdb-entryx_refsource_XF
- SUSE-SA:2006:031 vendor-advisoryx_refsource_SUSE
- MDKSA-2006:091 vendor-advisoryx_refsource_MANDRAKE
- GLSA-200605-08 vendor-advisoryx_refsource_GENTOO
- 20269 third-party-advisoryx_refsource_SECUNIA
- 20676 third-party-advisoryx_refsource_SECUNIA
- USN-320-1 vendor-advisoryx_refsource_UBUNTU
- 21125 third-party-advisoryx_refsource_SECUNIA
- x_refsource_MISC
- ADV-2006-1500 vdb-entryx_refsource_VUPEN
- 20052 third-party-advisoryx_refsource_SECUNIA