|Max CVSS||4.3||Min CVSS||2.6||Total Count||2|
|ID||CVSS||Summary||Last (major) update||Published|
The mcrypt_create_iv function in ext/mcrypt/mcrypt.c in PHP before 4.4.7, 5.2.1, and possibly 5.0.x and other PHP 5 versions, calls php_rand_r with an uninitialized seed variable and therefore always generates the same initialization vector (IV), whi
|30-10-2018 - 16:25||16-05-2007 - 22:30|
The soap extension in PHP calls php_rand_r with an uninitialized seed variable, which has unknown impact and attack vectors, a related issue to the mcrypt_create_iv issue covered by CVE-2007-2727.
|06-11-2012 - 03:39||16-05-2007 - 22:30|