Common Vulnerabilities and Exposures assigned an identifier CVE-2010-1866 to the following vulnerability: The dechunk filter in PHP 5.3 through 5.3.2, when decoding an HTTP chunked encoding stream, allows context-dependent attackers to cause a denial of service (crash) and possibly trigger memory corruption via a negative chunk size, which bypasses a signed comparison, related to an integer overflow in the chunk size decoder. Reference: http://php-security.org/2010/05/02/mops-2010-003-php-dechunk-filter-signed-comparison-vulnerability/index.html
Created attachment 434377 [details] MOPS-2010-003 reproducer
dechunk filter is not available in pre-5.3 PHP versions. Statement: Not vulnerable. This issue did not affect the versions of php as shipped with Red Hat Enterprise Linux 3, 4, or 5, and Red Hat Application Stack v2.
Upstream commit: http://svn.php.net/viewvc?view=revision&revision=298700