diff --git a/ChangeLog b/ChangeLog
index e55b6145e..be6968b8f 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -5,6 +5,9 @@ phpMyAdmin - ChangeLog
 $Id$
 $Source$
 
+2007-03-01 Sebastian Mendel <cybot_tm@users.sourceforge.net>
+    * libraries/common.lib.php: bug #1671813 CVE-2006-1549 deep recursion crash
+
 2007-01-16 Marc Delisle  <lem9@users.sourceforge.net>
     ### 2.9.2 released from QA_2_9
 
diff --git a/libraries/common.lib.php b/libraries/common.lib.php
index e910f2743..0438c3c7f 100644
--- a/libraries/common.lib.php
+++ b/libraries/common.lib.php
@@ -510,6 +510,10 @@ function PMA_array_merge_recursive()
  */
 function PMA_arrayWalkRecursive(&$array, $function, $apply_to_keys_also = false)
 {
+    static $recursive_counter = 0;
+    if (++$recursive_counter > 1000) {
+        die('possible deep recursion attack');
+    }
     foreach ($array as $key => $value) {
         if (is_array($value)) {
             PMA_arrayWalkRecursive($array[$key], $function, $apply_to_keys_also);
@@ -525,6 +529,7 @@ function PMA_arrayWalkRecursive(&$array, $function, $apply_to_keys_also = false)
             }
         }
     }
+    $recursive_counter++;
 }
 
 /**
@@ -2698,6 +2703,17 @@ if (isset($_REQUEST['GLOBALS']) || isset($_FILES['GLOBALS'])
     die('GLOBALS overwrite attempt');
 }
 
+/**
+ * protect against deep recursion attack CVE-2006-1549,
+ * 1000 seems to be more than enough
+ *
+ * @see http://www.php-security.org/MOPB/MOPB-02-2007.html
+ * @see http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1549
+ */
+if (count($GLOBALS) > 1000) {
+    die('possible deep recurse attack');
+}
+
 /**
  * Check for numeric keys
  * (if register_globals is on, numeric key can be found in $GLOBALS)