ID CVE-2007-1584
Summary Buffer underflow in the header function in PHP 5.2.0 allows context-dependent attackers to execute arbitrary code by passing an all-whitespace string to this function, which causes it to write '\0' characters in whitespace that precedes the string.
References
Vulnerable Configurations
  • cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*
CVSS
Base: 6.8 (as of 11-10-2017 - 01:31)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:P
refmap via4
exploit-db 3517
misc http://www.php-security.org/MOPB/MOPB-25-2007.html
statements via4
contributor Mark J Cox
lastmodified 2007-05-01
organization Red Hat
statement This CVE name is a duplicate as the vulnerability is addressed by CVE-2007-0907.
Last major update 11-10-2017 - 01:31
Published 21-03-2007 - 23:19
Back to Top