Red Hat Bugzilla – Bug 285901
CVE-2007-4784 php crash in setlocale() function
Last modified: 2007-11-29 09:44:08 EST
Common Vulnerabilities and Exposures assigned an identifier CVE-2007-4784 to the following vulnerability:
The setlocale function in PHP before 5.2.4 allows context-dependent attackers to cause a denial of service (application crash) via a long string in the locale parameter. NOTE: this might not be a vulnerability in most web server environments that support multiple threads, unless this issue can be demonstrated for code execution.
We do not consider this to be a security issue. For more information please see
This issue was addressed in upstream PHP 5.2.5, patch: