Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTA-2007-AVI-201
Vulnerability from certfr_avis
Plusieurs vulnérabilités avaient été identifiées à l'occasion du MoPB (le Month Of PHP Bugs). L'exploitation de ces dernières peut avoir divers impacts sur le serveur vulnérable. Les mises à jour récentes de PHP corrigent la plupart de ces vulnérabilités.
Description
Plusieurs vulnérabilités avaient été identifiées en mars 2007 à l'occasion du MoPB (le Month Of PHP Bugs). A cette occasion, le CERTA a publié dans son bulletin d'actualité CERTA-2007-ACT-012 une revue des plus importantes d'entre elles. Les conséquences de l'exploitation de ces dernières sont diverses, pouvant être un dysfonctionnement du serveur vulnérable ou l'exécution de code arbitraire sur celui-ci.
Solution
Se référer aux bulletins de sécurité des différents éditeurs pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "PHP 5, pour les versions ant\u00e9rieures \u00e0 5.2.2.",
"product": {
"name": "PHP",
"vendor": {
"name": "PHP",
"scada": false
}
}
},
{
"description": "PHP 4, pour les versions ant\u00e9rieures \u00e0 4.4.7 ;",
"product": {
"name": "PHP",
"vendor": {
"name": "PHP",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s avaient \u00e9t\u00e9 identifi\u00e9es en mars 2007 \u00e0\nl\u0027occasion du MoPB (le Month Of PHP Bugs). A cette occasion, le CERTA a\npubli\u00e9 dans son bulletin d\u0027actualit\u00e9 CERTA-2007-ACT-012 une revue des\nplus importantes d\u0027entre elles. Les cons\u00e9quences de l\u0027exploitation de\nces derni\u00e8res sont diverses, pouvant \u00eatre un dysfonctionnement du\nserveur vuln\u00e9rable ou l\u0027ex\u00e9cution de code arbitraire sur celui-ci.\n\n## Solution\n\nSe r\u00e9f\u00e9rer aux bulletins de s\u00e9curit\u00e9 des diff\u00e9rents \u00e9diteurs pour\nl\u0027obtention des correctifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2007-1583",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-1583"
},
{
"name": "CVE-2007-1889",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-1889"
},
{
"name": "CVE-2007-1380",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-1380"
},
{
"name": "CVE-2007-1711",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-1711"
},
{
"name": "CVE-2007-1900",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-1900"
},
{
"name": "CVE-2007-1718",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-1718"
},
{
"name": "CVE-2007-1887",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-1887"
},
{
"name": "CVE-2007-1376",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-1376"
},
{
"name": "CVE-2007-1521",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-1521"
},
{
"name": "CVE-2007-1375",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-1375"
},
{
"name": "CVE-2007-1001",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-1001"
},
{
"name": "CVE-2007-0455",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0455"
},
{
"name": "CVE-2007-1700",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-1700"
},
{
"name": "CVE-2007-1453",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-1453"
},
{
"name": "CVE-2007-1824",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-1824"
},
{
"name": "CVE-2007-1777",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-1777"
},
{
"name": "CVE-2007-1454",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-1454"
},
{
"name": "CVE-2007-1286",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-1286"
}
],
"initial_release_date": "2007-05-07T00:00:00",
"last_revision_date": "2007-05-29T00:00:00",
"links": [
{
"title": "Mise \u00e0 jour de s\u00e9curit\u00e9 Fedora Core 6 du 18 avril 2007 :",
"url": "http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-455-1 du 27 avril 2007 :",
"url": "http://www.ubuntu.com/usn/usn-455-1"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Mandriva MDKSA-2007:090 du 18 avril 2007 :",
"url": "http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2007:090"
},
{
"title": "Site de t\u00e9l\u00e9chargement des derni\u00e8res versions PHP :",
"url": "http://fr2.php.net/downloads.php"
},
{
"title": "Note de changement de version pour PHP 4 version 4.4.7 :",
"url": "http://www.php.net/ChangeLog-4.php"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Mandriva MDKSA-2007:087 du 18 avril 2007 :",
"url": "http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2007:087"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Mandriva MDKSA-2007:091 du 18 avril 2007 :",
"url": "http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2007:091"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Gentoo GLSA-200705-19 du 26 mai 2007 :",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200705-19.xml"
},
{
"title": "Bulletin d\u0027actualit\u00e9 CERTA-2007-ACT-012 du 23 mars 2007 :",
"url": "http://www.certa.ssi.gouv.fr/site/CERTA-2007-ACT-012.pdf"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 SuSE SUSE-SA:2007:032 du 23 mai 2007 :",
"url": "http://lists.suse.com/archive/suse-security-announce/2007-May/0007.html"
},
{
"title": "Note de changement de version pour PHP 5 version 5.2.2 :",
"url": "http://www.php.net/ChangeLog-5.php"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Debian DSA 1283-1 du 29 avril 2007 :",
"url": "http://www.debian.org/security/2007/dsa-1283-1"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Mandriva MDKSA-2007:089 du 18 avril 2007 :",
"url": "http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2007:089"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2007:0155 du 16 avril 2007 :",
"url": "http://rhn.redhat.com/errata/RHSA-2007-0155.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Mandriva MDKSA-2007:088 du 18 avril 2007 :",
"url": "http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2007:088"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2007:0153 du 20 avril 2007 :",
"url": "http://rhn.redhat.com/errata/RHSA-2007-0153.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Debian DSA 1282-1 du 26 avril 2007 :",
"url": "http://www.debian.org/security/2007/dsa-1282-1"
}
],
"reference": "CERTA-2007-AVI-201",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2007-05-07T00:00:00.000000"
},
{
"description": "ajout des r\u00e9f\u0155ences aux bulletins de s\u00e9curit\u00e9 Gentoo, SuSE, Mandriva, Red Hat.",
"revision_date": "2007-05-29T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "Plusieurs vuln\u00e9rabilit\u00e9s avaient \u00e9t\u00e9 identifi\u00e9es \u00e0 l\u0027occasion du MoPB\n(le \u003cspan class=\"textit\"\u003eMonth Of PHP Bugs\u003c/span\u003e). L\u0027exploitation de\nces derni\u00e8res peut avoir divers impacts sur le serveur vuln\u00e9rable. Les\nmises \u00e0 jour r\u00e9centes de PHP corrigent la plupart de ces vuln\u00e9rabilit\u00e9s.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans PHP",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletins des mises \u00e0 jour PHP du 03 mai 2007",
"url": null
}
]
}
CVE-2007-1380 (GCVE-0-2007-1380)
Vulnerability from cvelistv5
Published
2007-03-10 00:00
Modified
2024-08-07 12:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The php_binary serialization handler in the session extension in PHP before 4.4.5, and 5.x before 5.2.1, allows context-dependent attackers to obtain sensitive information (memory contents) via a serialized variable entry with a large length value, which triggers a buffer over-read.
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:50:35.258Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-1991",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1991"
},
{
"name": "25056",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25056"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.php-security.org/MOPB/MOPB-10-2007.html"
},
{
"name": "DSA-1283",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1283"
},
{
"name": "SSRT071423",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01056506"
},
{
"name": "24606",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24606"
},
{
"name": "24514",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24514"
},
{
"name": "HPSBTU02232",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01086137"
},
{
"name": "GLSA-200703-21",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200703-21.xml"
},
{
"name": "22805",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22805"
},
{
"name": "SSRT071429",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01086137"
},
{
"name": "25062",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25062"
},
{
"name": "ADV-2007-2374",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2374"
},
{
"name": "SUSE-SA:2007:020",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2007-Mar/0003.html"
},
{
"name": "25423",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25423"
},
{
"name": "USN-455-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-455-1"
},
{
"name": "3413",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/3413"
},
{
"name": "DSA-1282",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1282"
},
{
"name": "oval:org.mitre.oval:def:10792",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10792"
},
{
"name": "HPSBMA02215",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01056506"
},
{
"name": "25850",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25850"
},
{
"name": "25057",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25057"
},
{
"name": "SUSE-SA:2007:032",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2007_32_php.html"
},
{
"name": "25025",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25025"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-03-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The php_binary serialization handler in the session extension in PHP before 4.4.5, and 5.x before 5.2.1, allows context-dependent attackers to obtain sensitive information (memory contents) via a serialized variable entry with a large length value, which triggers a buffer over-read."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2007-1991",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1991"
},
{
"name": "25056",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25056"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.php-security.org/MOPB/MOPB-10-2007.html"
},
{
"name": "DSA-1283",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1283"
},
{
"name": "SSRT071423",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01056506"
},
{
"name": "24606",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24606"
},
{
"name": "24514",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24514"
},
{
"name": "HPSBTU02232",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01086137"
},
{
"name": "GLSA-200703-21",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200703-21.xml"
},
{
"name": "22805",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22805"
},
{
"name": "SSRT071429",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01086137"
},
{
"name": "25062",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25062"
},
{
"name": "ADV-2007-2374",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2374"
},
{
"name": "SUSE-SA:2007:020",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2007-Mar/0003.html"
},
{
"name": "25423",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25423"
},
{
"name": "USN-455-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-455-1"
},
{
"name": "3413",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/3413"
},
{
"name": "DSA-1282",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1282"
},
{
"name": "oval:org.mitre.oval:def:10792",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10792"
},
{
"name": "HPSBMA02215",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01056506"
},
{
"name": "25850",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25850"
},
{
"name": "25057",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25057"
},
{
"name": "SUSE-SA:2007:032",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2007_32_php.html"
},
{
"name": "25025",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25025"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1380",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The php_binary serialization handler in the session extension in PHP before 4.4.5, and 5.x before 5.2.1, allows context-dependent attackers to obtain sensitive information (memory contents) via a serialized variable entry with a large length value, which triggers a buffer over-read."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-1991",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1991"
},
{
"name": "25056",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25056"
},
{
"name": "http://www.php-security.org/MOPB/MOPB-10-2007.html",
"refsource": "MISC",
"url": "http://www.php-security.org/MOPB/MOPB-10-2007.html"
},
{
"name": "DSA-1283",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1283"
},
{
"name": "SSRT071423",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01056506"
},
{
"name": "24606",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24606"
},
{
"name": "24514",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24514"
},
{
"name": "HPSBTU02232",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01086137"
},
{
"name": "GLSA-200703-21",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200703-21.xml"
},
{
"name": "22805",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22805"
},
{
"name": "SSRT071429",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01086137"
},
{
"name": "25062",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25062"
},
{
"name": "ADV-2007-2374",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2374"
},
{
"name": "SUSE-SA:2007:020",
"refsource": "SUSE",
"url": "http://lists.suse.com/archive/suse-security-announce/2007-Mar/0003.html"
},
{
"name": "25423",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25423"
},
{
"name": "USN-455-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-455-1"
},
{
"name": "3413",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3413"
},
{
"name": "DSA-1282",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1282"
},
{
"name": "oval:org.mitre.oval:def:10792",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10792"
},
{
"name": "HPSBMA02215",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01056506"
},
{
"name": "25850",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25850"
},
{
"name": "25057",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25057"
},
{
"name": "SUSE-SA:2007:032",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_32_php.html"
},
{
"name": "25025",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25025"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1380",
"datePublished": "2007-03-10T00:00:00",
"dateReserved": "2007-03-09T00:00:00",
"dateUpdated": "2024-08-07T12:50:35.258Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1700 (GCVE-0-2007-1700)
Vulnerability from cvelistv5
Published
2007-03-27 01:00
Modified
2024-08-07 13:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The session extension in PHP 4 before 4.4.5, and PHP 5 before 5.2.1, calculates the reference count for the session variables without considering the internal pointer from the session globals, which allows context-dependent attackers to execute arbitrary code via a crafted string in the session_register after unsetting HTTP_SESSION_VARS and _SESSION, which destroys the session data Hashtable.
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:06:26.206Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-1991",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1991"
},
{
"name": "25056",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25056"
},
{
"name": "DSA-1283",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1283"
},
{
"name": "SSRT071423",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01056506"
},
{
"name": "GLSA-200705-19",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200705-19.xml"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.php-security.org/MOPB/MOPB-30-2007.html"
},
{
"name": "23119",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23119"
},
{
"name": "HPSBTU02232",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01086137"
},
{
"name": "SSRT071429",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01086137"
},
{
"name": "25062",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25062"
},
{
"name": "ADV-2007-2374",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2374"
},
{
"name": "25423",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25423"
},
{
"name": "USN-455-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-455-1"
},
{
"name": "HPSBMA02215",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01056506"
},
{
"name": "25850",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25850"
},
{
"name": "25445",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25445"
},
{
"name": "25057",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25057"
},
{
"name": "php-session-extension-code-execution(33520)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33520"
},
{
"name": "SUSE-SA:2007:032",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2007_32_php.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-03-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The session extension in PHP 4 before 4.4.5, and PHP 5 before 5.2.1, calculates the reference count for the session variables without considering the internal pointer from the session globals, which allows context-dependent attackers to execute arbitrary code via a crafted string in the session_register after unsetting HTTP_SESSION_VARS and _SESSION, which destroys the session data Hashtable."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2007-1991",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1991"
},
{
"name": "25056",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25056"
},
{
"name": "DSA-1283",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1283"
},
{
"name": "SSRT071423",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01056506"
},
{
"name": "GLSA-200705-19",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200705-19.xml"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.php-security.org/MOPB/MOPB-30-2007.html"
},
{
"name": "23119",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23119"
},
{
"name": "HPSBTU02232",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01086137"
},
{
"name": "SSRT071429",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01086137"
},
{
"name": "25062",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25062"
},
{
"name": "ADV-2007-2374",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2374"
},
{
"name": "25423",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25423"
},
{
"name": "USN-455-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-455-1"
},
{
"name": "HPSBMA02215",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01056506"
},
{
"name": "25850",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25850"
},
{
"name": "25445",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25445"
},
{
"name": "25057",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25057"
},
{
"name": "php-session-extension-code-execution(33520)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33520"
},
{
"name": "SUSE-SA:2007:032",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2007_32_php.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1700",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The session extension in PHP 4 before 4.4.5, and PHP 5 before 5.2.1, calculates the reference count for the session variables without considering the internal pointer from the session globals, which allows context-dependent attackers to execute arbitrary code via a crafted string in the session_register after unsetting HTTP_SESSION_VARS and _SESSION, which destroys the session data Hashtable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-1991",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1991"
},
{
"name": "25056",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25056"
},
{
"name": "DSA-1283",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1283"
},
{
"name": "SSRT071423",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01056506"
},
{
"name": "GLSA-200705-19",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200705-19.xml"
},
{
"name": "http://www.php-security.org/MOPB/MOPB-30-2007.html",
"refsource": "MISC",
"url": "http://www.php-security.org/MOPB/MOPB-30-2007.html"
},
{
"name": "23119",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23119"
},
{
"name": "HPSBTU02232",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01086137"
},
{
"name": "SSRT071429",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01086137"
},
{
"name": "25062",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25062"
},
{
"name": "ADV-2007-2374",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2374"
},
{
"name": "25423",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25423"
},
{
"name": "USN-455-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-455-1"
},
{
"name": "HPSBMA02215",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01056506"
},
{
"name": "25850",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25850"
},
{
"name": "25445",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25445"
},
{
"name": "25057",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25057"
},
{
"name": "php-session-extension-code-execution(33520)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33520"
},
{
"name": "SUSE-SA:2007:032",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_32_php.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1700",
"datePublished": "2007-03-27T01:00:00",
"dateReserved": "2007-03-26T00:00:00",
"dateUpdated": "2024-08-07T13:06:26.206Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1286 (GCVE-0-2007-1286)
Vulnerability from cvelistv5
Published
2007-03-06 20:00
Modified
2024-08-07 12:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in PHP 4.4.4 and earlier allows remote context-dependent attackers to execute arbitrary code via a long string to the unserialize function, which triggers the overflow in the ZVAL reference counter.
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:50:34.928Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "2007-0009",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2007/0009/"
},
{
"name": "ADV-2007-1991",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1991"
},
{
"name": "DSA-1283",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1283"
},
{
"name": "SSRT071423",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01056506"
},
{
"name": "24606",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24606"
},
{
"name": "RHSA-2007:0154",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2007-0154.html"
},
{
"name": "20070418 rPSA-2007-0073-1 php php-mysql php-pgsql",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/466166/100/0/threaded"
},
{
"name": "GLSA-200705-19",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200705-19.xml"
},
{
"name": "24941",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24941"
},
{
"name": "HPSBTU02232",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01086137"
},
{
"name": "GLSA-200703-21",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200703-21.xml"
},
{
"name": "php-zval-code-execution(32796)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32796"
},
{
"name": "SSRT071429",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01086137"
},
{
"name": "25062",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25062"
},
{
"name": "ADV-2007-2374",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2374"
},
{
"name": "25423",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25423"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.php-security.org/MOPB/MOPB-04-2007.html"
},
{
"name": "24419",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24419"
},
{
"name": "MDKSA-2007:087",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:087"
},
{
"name": "24945",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24945"
},
{
"name": "DSA-1282",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1282"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-1268"
},
{
"name": "HPSBMA02215",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01056506"
},
{
"name": "24924",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24924"
},
{
"name": "RHSA-2007:0155",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2007-0155.html"
},
{
"name": "24910",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24910"
},
{
"name": "25850",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25850"
},
{
"name": "25445",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25445"
},
{
"name": "RHSA-2007:0163",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2007-0163.html"
},
{
"name": "oval:org.mitre.oval:def:11575",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11575"
},
{
"name": "22765",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22765"
},
{
"name": "25025",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25025"
},
{
"name": "32771",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/32771"
},
{
"name": "MDKSA-2007:088",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:088"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-03-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in PHP 4.4.4 and earlier allows remote context-dependent attackers to execute arbitrary code via a long string to the unserialize function, which triggers the overflow in the ZVAL reference counter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "2007-0009",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2007/0009/"
},
{
"name": "ADV-2007-1991",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1991"
},
{
"name": "DSA-1283",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1283"
},
{
"name": "SSRT071423",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01056506"
},
{
"name": "24606",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24606"
},
{
"name": "RHSA-2007:0154",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2007-0154.html"
},
{
"name": "20070418 rPSA-2007-0073-1 php php-mysql php-pgsql",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/466166/100/0/threaded"
},
{
"name": "GLSA-200705-19",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200705-19.xml"
},
{
"name": "24941",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24941"
},
{
"name": "HPSBTU02232",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01086137"
},
{
"name": "GLSA-200703-21",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200703-21.xml"
},
{
"name": "php-zval-code-execution(32796)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32796"
},
{
"name": "SSRT071429",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01086137"
},
{
"name": "25062",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25062"
},
{
"name": "ADV-2007-2374",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2374"
},
{
"name": "25423",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25423"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.php-security.org/MOPB/MOPB-04-2007.html"
},
{
"name": "24419",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24419"
},
{
"name": "MDKSA-2007:087",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:087"
},
{
"name": "24945",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24945"
},
{
"name": "DSA-1282",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1282"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-1268"
},
{
"name": "HPSBMA02215",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01056506"
},
{
"name": "24924",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24924"
},
{
"name": "RHSA-2007:0155",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2007-0155.html"
},
{
"name": "24910",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24910"
},
{
"name": "25850",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25850"
},
{
"name": "25445",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25445"
},
{
"name": "RHSA-2007:0163",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2007-0163.html"
},
{
"name": "oval:org.mitre.oval:def:11575",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11575"
},
{
"name": "22765",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22765"
},
{
"name": "25025",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25025"
},
{
"name": "32771",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/32771"
},
{
"name": "MDKSA-2007:088",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:088"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1286",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in PHP 4.4.4 and earlier allows remote context-dependent attackers to execute arbitrary code via a long string to the unserialize function, which triggers the overflow in the ZVAL reference counter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "2007-0009",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2007/0009/"
},
{
"name": "ADV-2007-1991",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1991"
},
{
"name": "DSA-1283",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1283"
},
{
"name": "SSRT071423",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01056506"
},
{
"name": "24606",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24606"
},
{
"name": "RHSA-2007:0154",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2007-0154.html"
},
{
"name": "20070418 rPSA-2007-0073-1 php php-mysql php-pgsql",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/466166/100/0/threaded"
},
{
"name": "GLSA-200705-19",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200705-19.xml"
},
{
"name": "24941",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24941"
},
{
"name": "HPSBTU02232",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01086137"
},
{
"name": "GLSA-200703-21",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200703-21.xml"
},
{
"name": "php-zval-code-execution(32796)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32796"
},
{
"name": "SSRT071429",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01086137"
},
{
"name": "25062",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25062"
},
{
"name": "ADV-2007-2374",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2374"
},
{
"name": "25423",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25423"
},
{
"name": "http://www.php-security.org/MOPB/MOPB-04-2007.html",
"refsource": "MISC",
"url": "http://www.php-security.org/MOPB/MOPB-04-2007.html"
},
{
"name": "24419",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24419"
},
{
"name": "MDKSA-2007:087",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:087"
},
{
"name": "24945",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24945"
},
{
"name": "DSA-1282",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1282"
},
{
"name": "https://issues.rpath.com/browse/RPL-1268",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-1268"
},
{
"name": "HPSBMA02215",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01056506"
},
{
"name": "24924",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24924"
},
{
"name": "RHSA-2007:0155",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2007-0155.html"
},
{
"name": "24910",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24910"
},
{
"name": "25850",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25850"
},
{
"name": "25445",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25445"
},
{
"name": "RHSA-2007:0163",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2007-0163.html"
},
{
"name": "oval:org.mitre.oval:def:11575",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11575"
},
{
"name": "22765",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22765"
},
{
"name": "25025",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25025"
},
{
"name": "32771",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/32771"
},
{
"name": "MDKSA-2007:088",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:088"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1286",
"datePublished": "2007-03-06T20:00:00",
"dateReserved": "2007-03-06T00:00:00",
"dateUpdated": "2024-08-07T12:50:34.928Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1889 (GCVE-0-2007-1889)
Vulnerability from cvelistv5
Published
2007-04-06 01:00
Modified
2024-08-07 13:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer signedness error in the _zend_mm_alloc_int function in the Zend Memory Manager in PHP 5.2.0 allows remote attackers to execute arbitrary code via a large emalloc request, related to an incorrect signed long cast, as demonstrated via the HTTP SOAP client in PHP, and via a call to msg_receive with the largest positive integer value of maxsize.
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:13:41.388Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "25056",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25056"
},
{
"name": "DSA-1283",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1283"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.php-security.org/MOPB/MOPB-43-2007.html"
},
{
"name": "23238",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23238"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.php-security.org/MOPB/MOPB-44-2007.html"
},
{
"name": "25062",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25062"
},
{
"name": "zend-zendmmallocint-bo(33770)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33770"
},
{
"name": "SUSE-SA:2007:032",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2007_32_php.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-03-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer signedness error in the _zend_mm_alloc_int function in the Zend Memory Manager in PHP 5.2.0 allows remote attackers to execute arbitrary code via a large emalloc request, related to an incorrect signed long cast, as demonstrated via the HTTP SOAP client in PHP, and via a call to msg_receive with the largest positive integer value of maxsize."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "25056",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25056"
},
{
"name": "DSA-1283",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1283"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.php-security.org/MOPB/MOPB-43-2007.html"
},
{
"name": "23238",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23238"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.php-security.org/MOPB/MOPB-44-2007.html"
},
{
"name": "25062",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25062"
},
{
"name": "zend-zendmmallocint-bo(33770)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33770"
},
{
"name": "SUSE-SA:2007:032",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2007_32_php.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1889",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer signedness error in the _zend_mm_alloc_int function in the Zend Memory Manager in PHP 5.2.0 allows remote attackers to execute arbitrary code via a large emalloc request, related to an incorrect signed long cast, as demonstrated via the HTTP SOAP client in PHP, and via a call to msg_receive with the largest positive integer value of maxsize."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "25056",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25056"
},
{
"name": "DSA-1283",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1283"
},
{
"name": "http://www.php-security.org/MOPB/MOPB-43-2007.html",
"refsource": "MISC",
"url": "http://www.php-security.org/MOPB/MOPB-43-2007.html"
},
{
"name": "23238",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23238"
},
{
"name": "http://www.php-security.org/MOPB/MOPB-44-2007.html",
"refsource": "MISC",
"url": "http://www.php-security.org/MOPB/MOPB-44-2007.html"
},
{
"name": "25062",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25062"
},
{
"name": "zend-zendmmallocint-bo(33770)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33770"
},
{
"name": "SUSE-SA:2007:032",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_32_php.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1889",
"datePublished": "2007-04-06T01:00:00",
"dateReserved": "2007-04-05T00:00:00",
"dateUpdated": "2024-08-07T13:13:41.388Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1777 (GCVE-0-2007-1777)
Vulnerability from cvelistv5
Published
2007-03-30 01:00
Modified
2024-08-07 13:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in the zip_read_entry function in PHP 4 before 4.4.5 allows remote attackers to execute arbitrary code via a ZIP archive that contains an entry with a length value of 0xffffffff, which is incremented before use in an emalloc call, triggering a heap overflow.
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:06:26.393Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-1283",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1283"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.php-security.org/MOPB/MOPB-35-2007.html"
},
{
"name": "25062",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25062"
},
{
"name": "23169",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23169"
},
{
"name": "php-zipreadentry-bo(33652)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33652"
},
{
"name": "DSA-1282",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1282"
},
{
"name": "MDVSA-2008:130",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:130"
},
{
"name": "25025",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25025"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-03-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the zip_read_entry function in PHP 4 before 4.4.5 allows remote attackers to execute arbitrary code via a ZIP archive that contains an entry with a length value of 0xffffffff, which is incremented before use in an emalloc call, triggering a heap overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "DSA-1283",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1283"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.php-security.org/MOPB/MOPB-35-2007.html"
},
{
"name": "25062",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25062"
},
{
"name": "23169",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23169"
},
{
"name": "php-zipreadentry-bo(33652)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33652"
},
{
"name": "DSA-1282",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1282"
},
{
"name": "MDVSA-2008:130",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:130"
},
{
"name": "25025",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25025"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1777",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the zip_read_entry function in PHP 4 before 4.4.5 allows remote attackers to execute arbitrary code via a ZIP archive that contains an entry with a length value of 0xffffffff, which is incremented before use in an emalloc call, triggering a heap overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-1283",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1283"
},
{
"name": "http://www.php-security.org/MOPB/MOPB-35-2007.html",
"refsource": "MISC",
"url": "http://www.php-security.org/MOPB/MOPB-35-2007.html"
},
{
"name": "25062",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25062"
},
{
"name": "23169",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23169"
},
{
"name": "php-zipreadentry-bo(33652)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33652"
},
{
"name": "DSA-1282",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1282"
},
{
"name": "MDVSA-2008:130",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:130"
},
{
"name": "25025",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25025"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1777",
"datePublished": "2007-03-30T01:00:00",
"dateReserved": "2007-03-29T00:00:00",
"dateUpdated": "2024-08-07T13:06:26.393Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1521 (GCVE-0-2007-1521)
Vulnerability from cvelistv5
Published
2007-03-20 20:00
Modified
2024-08-07 12:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Double free vulnerability in PHP before 4.4.7, and 5.x before 5.2.2, allows context-dependent attackers to execute arbitrary code by interrupting the session_regenerate_id function, as demonstrated by calling a userspace error handler or triggering a memory limit violation.
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:59:08.391Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-0960",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0960"
},
{
"name": "ADV-2007-2732",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2732"
},
{
"name": "25056",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25056"
},
{
"name": "DSA-1283",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1283"
},
{
"name": "24505",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24505"
},
{
"name": "APPLE-SA-2007-07-31",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html"
},
{
"name": "GLSA-200705-19",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200705-19.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://us2.php.net/releases/4_4_7.php"
},
{
"name": "25062",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25062"
},
{
"name": "USN-455-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-455-1"
},
{
"name": "DSA-1282",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1282"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://us2.php.net/releases/5_2_2.php"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://docs.info.apple.com/article.html?artnum=306172"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.php-security.org/MOPB/MOPB-22-2007.html"
},
{
"name": "25159",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25159"
},
{
"name": "25445",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25445"
},
{
"name": "25057",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25057"
},
{
"name": "SUSE-SA:2007:032",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2007_32_php.html"
},
{
"name": "25025",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25025"
},
{
"name": "22968",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22968"
},
{
"name": "26235",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26235"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-03-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Double free vulnerability in PHP before 4.4.7, and 5.x before 5.2.2, allows context-dependent attackers to execute arbitrary code by interrupting the session_regenerate_id function, as demonstrated by calling a userspace error handler or triggering a memory limit violation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-03-31T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2007-0960",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0960"
},
{
"name": "ADV-2007-2732",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2732"
},
{
"name": "25056",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25056"
},
{
"name": "DSA-1283",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1283"
},
{
"name": "24505",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24505"
},
{
"name": "APPLE-SA-2007-07-31",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html"
},
{
"name": "GLSA-200705-19",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200705-19.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://us2.php.net/releases/4_4_7.php"
},
{
"name": "25062",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25062"
},
{
"name": "USN-455-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-455-1"
},
{
"name": "DSA-1282",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1282"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://us2.php.net/releases/5_2_2.php"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://docs.info.apple.com/article.html?artnum=306172"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.php-security.org/MOPB/MOPB-22-2007.html"
},
{
"name": "25159",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25159"
},
{
"name": "25445",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25445"
},
{
"name": "25057",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25057"
},
{
"name": "SUSE-SA:2007:032",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2007_32_php.html"
},
{
"name": "25025",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25025"
},
{
"name": "22968",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22968"
},
{
"name": "26235",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26235"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1521",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Double free vulnerability in PHP before 4.4.7, and 5.x before 5.2.2, allows context-dependent attackers to execute arbitrary code by interrupting the session_regenerate_id function, as demonstrated by calling a userspace error handler or triggering a memory limit violation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-0960",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0960"
},
{
"name": "ADV-2007-2732",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2732"
},
{
"name": "25056",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25056"
},
{
"name": "DSA-1283",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1283"
},
{
"name": "24505",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24505"
},
{
"name": "APPLE-SA-2007-07-31",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html"
},
{
"name": "GLSA-200705-19",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200705-19.xml"
},
{
"name": "http://us2.php.net/releases/4_4_7.php",
"refsource": "CONFIRM",
"url": "http://us2.php.net/releases/4_4_7.php"
},
{
"name": "25062",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25062"
},
{
"name": "USN-455-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-455-1"
},
{
"name": "DSA-1282",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1282"
},
{
"name": "http://us2.php.net/releases/5_2_2.php",
"refsource": "CONFIRM",
"url": "http://us2.php.net/releases/5_2_2.php"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=306172",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=306172"
},
{
"name": "http://www.php-security.org/MOPB/MOPB-22-2007.html",
"refsource": "MISC",
"url": "http://www.php-security.org/MOPB/MOPB-22-2007.html"
},
{
"name": "25159",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25159"
},
{
"name": "25445",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25445"
},
{
"name": "25057",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25057"
},
{
"name": "SUSE-SA:2007:032",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_32_php.html"
},
{
"name": "25025",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25025"
},
{
"name": "22968",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22968"
},
{
"name": "26235",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26235"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1521",
"datePublished": "2007-03-20T20:00:00",
"dateReserved": "2007-03-20T00:00:00",
"dateUpdated": "2024-08-07T12:59:08.391Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1376 (GCVE-0-2007-1376)
Vulnerability from cvelistv5
Published
2007-03-10 00:00
Modified
2024-08-07 12:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The shmop functions in PHP before 4.4.5, and before 5.2.1 in the 5.x series, do not verify that their arguments correspond to a shmop resource, which allows context-dependent attackers to read and write arbitrary memory locations via arguments associated with an inappropriate resource, as demonstrated by a GD Image resource.
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:50:35.224Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "25056",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25056"
},
{
"name": "32781",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/32781"
},
{
"name": "DSA-1283",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1283"
},
{
"name": "24606",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24606"
},
{
"name": "GLSA-200703-21",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200703-21.xml"
},
{
"name": "25062",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25062"
},
{
"name": "3427",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/3427"
},
{
"name": "USN-455-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-455-1"
},
{
"name": "22862",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22862"
},
{
"name": "3426",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/3426"
},
{
"name": "25057",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25057"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.php-security.org/MOPB/MOPB-15-2007.html"
},
{
"name": "SUSE-SA:2007:032",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2007_32_php.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-03-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The shmop functions in PHP before 4.4.5, and before 5.2.1 in the 5.x series, do not verify that their arguments correspond to a shmop resource, which allows context-dependent attackers to read and write arbitrary memory locations via arguments associated with an inappropriate resource, as demonstrated by a GD Image resource."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "25056",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25056"
},
{
"name": "32781",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/32781"
},
{
"name": "DSA-1283",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1283"
},
{
"name": "24606",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24606"
},
{
"name": "GLSA-200703-21",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200703-21.xml"
},
{
"name": "25062",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25062"
},
{
"name": "3427",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/3427"
},
{
"name": "USN-455-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-455-1"
},
{
"name": "22862",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22862"
},
{
"name": "3426",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/3426"
},
{
"name": "25057",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25057"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.php-security.org/MOPB/MOPB-15-2007.html"
},
{
"name": "SUSE-SA:2007:032",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2007_32_php.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1376",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The shmop functions in PHP before 4.4.5, and before 5.2.1 in the 5.x series, do not verify that their arguments correspond to a shmop resource, which allows context-dependent attackers to read and write arbitrary memory locations via arguments associated with an inappropriate resource, as demonstrated by a GD Image resource."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "25056",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25056"
},
{
"name": "32781",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/32781"
},
{
"name": "DSA-1283",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1283"
},
{
"name": "24606",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24606"
},
{
"name": "GLSA-200703-21",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200703-21.xml"
},
{
"name": "25062",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25062"
},
{
"name": "3427",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3427"
},
{
"name": "USN-455-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-455-1"
},
{
"name": "22862",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22862"
},
{
"name": "3426",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3426"
},
{
"name": "25057",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25057"
},
{
"name": "http://www.php-security.org/MOPB/MOPB-15-2007.html",
"refsource": "MISC",
"url": "http://www.php-security.org/MOPB/MOPB-15-2007.html"
},
{
"name": "SUSE-SA:2007:032",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_32_php.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1376",
"datePublished": "2007-03-10T00:00:00",
"dateReserved": "2007-03-09T00:00:00",
"dateUpdated": "2024-08-07T12:50:35.224Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1718 (GCVE-0-2007-1718)
Vulnerability from cvelistv5
Published
2007-03-28 00:00
Modified
2024-08-07 13:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
CRLF injection vulnerability in the mail function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows remote attackers to inject arbitrary e-mail headers and possibly conduct spam attacks via a control character immediately following folding of the (1) Subject or (2) To parameter, as demonstrated by a parameter containing a "\r\n\t\n" sequence, related to an increment bug in the SKIP_LONG_HEADER_SEP macro.
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:06:26.069Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "23145",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23145"
},
{
"name": "25056",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25056"
},
{
"name": "DSA-1283",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1283"
},
{
"name": "oval:org.mitre.oval:def:10951",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10951"
},
{
"name": "GLSA-200705-19",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200705-19.xml"
},
{
"name": "1017946",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017946"
},
{
"name": "RHSA-2007:0162",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0162.html"
},
{
"name": "25062",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25062"
},
{
"name": "php-mailfunction-header-injection(33516)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33516"
},
{
"name": "MDKSA-2007:090",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:090"
},
{
"name": "USN-455-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-455-1"
},
{
"name": "24909",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24909"
},
{
"name": "MDKSA-2007:087",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:087"
},
{
"name": "DSA-1282",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1282"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.php-security.org/MOPB/MOPB-34-2007.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://us2.php.net/releases/5_2_2.php"
},
{
"name": "24924",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24924"
},
{
"name": "RHSA-2007:0155",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2007-0155.html"
},
{
"name": "24965",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24965"
},
{
"name": "MDKSA-2007:089",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:089"
},
{
"name": "25445",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25445"
},
{
"name": "25057",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25057"
},
{
"name": "SUSE-SA:2007:032",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2007_32_php.html"
},
{
"name": "25025",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25025"
},
{
"name": "MDKSA-2007:088",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:088"
},
{
"name": "RHSA-2007:0153",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0153.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-03-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "CRLF injection vulnerability in the mail function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows remote attackers to inject arbitrary e-mail headers and possibly conduct spam attacks via a control character immediately following folding of the (1) Subject or (2) To parameter, as demonstrated by a parameter containing a \"\\r\\n\\t\\n\" sequence, related to an increment bug in the SKIP_LONG_HEADER_SEP macro."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "23145",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23145"
},
{
"name": "25056",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25056"
},
{
"name": "DSA-1283",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1283"
},
{
"name": "oval:org.mitre.oval:def:10951",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10951"
},
{
"name": "GLSA-200705-19",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200705-19.xml"
},
{
"name": "1017946",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017946"
},
{
"name": "RHSA-2007:0162",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0162.html"
},
{
"name": "25062",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25062"
},
{
"name": "php-mailfunction-header-injection(33516)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33516"
},
{
"name": "MDKSA-2007:090",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:090"
},
{
"name": "USN-455-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-455-1"
},
{
"name": "24909",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24909"
},
{
"name": "MDKSA-2007:087",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:087"
},
{
"name": "DSA-1282",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1282"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.php-security.org/MOPB/MOPB-34-2007.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://us2.php.net/releases/5_2_2.php"
},
{
"name": "24924",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24924"
},
{
"name": "RHSA-2007:0155",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2007-0155.html"
},
{
"name": "24965",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24965"
},
{
"name": "MDKSA-2007:089",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:089"
},
{
"name": "25445",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25445"
},
{
"name": "25057",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25057"
},
{
"name": "SUSE-SA:2007:032",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2007_32_php.html"
},
{
"name": "25025",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25025"
},
{
"name": "MDKSA-2007:088",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:088"
},
{
"name": "RHSA-2007:0153",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0153.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1718",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CRLF injection vulnerability in the mail function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows remote attackers to inject arbitrary e-mail headers and possibly conduct spam attacks via a control character immediately following folding of the (1) Subject or (2) To parameter, as demonstrated by a parameter containing a \"\\r\\n\\t\\n\" sequence, related to an increment bug in the SKIP_LONG_HEADER_SEP macro."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "23145",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23145"
},
{
"name": "25056",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25056"
},
{
"name": "DSA-1283",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1283"
},
{
"name": "oval:org.mitre.oval:def:10951",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10951"
},
{
"name": "GLSA-200705-19",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200705-19.xml"
},
{
"name": "1017946",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017946"
},
{
"name": "RHSA-2007:0162",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0162.html"
},
{
"name": "25062",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25062"
},
{
"name": "php-mailfunction-header-injection(33516)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33516"
},
{
"name": "MDKSA-2007:090",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:090"
},
{
"name": "USN-455-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-455-1"
},
{
"name": "24909",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24909"
},
{
"name": "MDKSA-2007:087",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:087"
},
{
"name": "DSA-1282",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1282"
},
{
"name": "http://www.php-security.org/MOPB/MOPB-34-2007.html",
"refsource": "MISC",
"url": "http://www.php-security.org/MOPB/MOPB-34-2007.html"
},
{
"name": "http://us2.php.net/releases/5_2_2.php",
"refsource": "CONFIRM",
"url": "http://us2.php.net/releases/5_2_2.php"
},
{
"name": "24924",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24924"
},
{
"name": "RHSA-2007:0155",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2007-0155.html"
},
{
"name": "24965",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24965"
},
{
"name": "MDKSA-2007:089",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:089"
},
{
"name": "25445",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25445"
},
{
"name": "25057",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25057"
},
{
"name": "SUSE-SA:2007:032",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_32_php.html"
},
{
"name": "25025",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25025"
},
{
"name": "MDKSA-2007:088",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:088"
},
{
"name": "RHSA-2007:0153",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0153.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1718",
"datePublished": "2007-03-28T00:00:00",
"dateReserved": "2007-03-27T00:00:00",
"dateUpdated": "2024-08-07T13:06:26.069Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1887 (GCVE-0-2007-1887)
Vulnerability from cvelistv5
Published
2007-04-06 01:00
Modified
2024-08-07 13:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in the sqlite_decode_binary function in the bundled sqlite library in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 allows context-dependent attackers to execute arbitrary code via an empty value of the in parameter, as demonstrated by calling the sqlite_udf_decode_binary function with a 0x01 character.
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:13:41.290Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "27110",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27110"
},
{
"name": "DSA-1283",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1283"
},
{
"name": "ADV-2007-2016",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2016"
},
{
"name": "GLSA-200710-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml"
},
{
"name": "oval:org.mitre.oval:def:5348",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5348"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.php.net/releases/5_2_1.php"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.php-security.org/MOPB/MOPB-41-2007.html"
},
{
"name": "25062",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25062"
},
{
"name": "FEDORA-2007-2215",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00397.html"
},
{
"name": "USN-455-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-455-1"
},
{
"name": "24909",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24909"
},
{
"name": "ADV-2007-3386",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3386"
},
{
"name": "php-sqlitedecodebinary-bo(33766)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33766"
},
{
"name": "23235",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23235"
},
{
"name": "27037",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27037"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.php.net/releases/5_2_3.php"
},
{
"name": "SSRT071447",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795"
},
{
"name": "HPSBUX02262",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795"
},
{
"name": "27102",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27102"
},
{
"name": "MDKSA-2007:089",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:089"
},
{
"name": "25057",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25057"
},
{
"name": "MDKSA-2007:088",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:088"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-03-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the sqlite_decode_binary function in the bundled sqlite library in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 allows context-dependent attackers to execute arbitrary code via an empty value of the in parameter, as demonstrated by calling the sqlite_udf_decode_binary function with a 0x01 character."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "27110",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27110"
},
{
"name": "DSA-1283",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1283"
},
{
"name": "ADV-2007-2016",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2016"
},
{
"name": "GLSA-200710-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml"
},
{
"name": "oval:org.mitre.oval:def:5348",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5348"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.php.net/releases/5_2_1.php"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.php-security.org/MOPB/MOPB-41-2007.html"
},
{
"name": "25062",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25062"
},
{
"name": "FEDORA-2007-2215",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00397.html"
},
{
"name": "USN-455-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-455-1"
},
{
"name": "24909",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24909"
},
{
"name": "ADV-2007-3386",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3386"
},
{
"name": "php-sqlitedecodebinary-bo(33766)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33766"
},
{
"name": "23235",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23235"
},
{
"name": "27037",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27037"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.php.net/releases/5_2_3.php"
},
{
"name": "SSRT071447",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795"
},
{
"name": "HPSBUX02262",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795"
},
{
"name": "27102",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27102"
},
{
"name": "MDKSA-2007:089",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:089"
},
{
"name": "25057",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25057"
},
{
"name": "MDKSA-2007:088",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:088"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1887",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the sqlite_decode_binary function in the bundled sqlite library in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 allows context-dependent attackers to execute arbitrary code via an empty value of the in parameter, as demonstrated by calling the sqlite_udf_decode_binary function with a 0x01 character."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "27110",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27110"
},
{
"name": "DSA-1283",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1283"
},
{
"name": "ADV-2007-2016",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2016"
},
{
"name": "GLSA-200710-02",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml"
},
{
"name": "oval:org.mitre.oval:def:5348",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5348"
},
{
"name": "http://www.php.net/releases/5_2_1.php",
"refsource": "CONFIRM",
"url": "http://www.php.net/releases/5_2_1.php"
},
{
"name": "http://www.php-security.org/MOPB/MOPB-41-2007.html",
"refsource": "MISC",
"url": "http://www.php-security.org/MOPB/MOPB-41-2007.html"
},
{
"name": "25062",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25062"
},
{
"name": "FEDORA-2007-2215",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00397.html"
},
{
"name": "USN-455-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-455-1"
},
{
"name": "24909",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24909"
},
{
"name": "ADV-2007-3386",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3386"
},
{
"name": "php-sqlitedecodebinary-bo(33766)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33766"
},
{
"name": "23235",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23235"
},
{
"name": "27037",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27037"
},
{
"name": "http://www.php.net/releases/5_2_3.php",
"refsource": "CONFIRM",
"url": "http://www.php.net/releases/5_2_3.php"
},
{
"name": "SSRT071447",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795"
},
{
"name": "HPSBUX02262",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795"
},
{
"name": "27102",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27102"
},
{
"name": "MDKSA-2007:089",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:089"
},
{
"name": "25057",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25057"
},
{
"name": "MDKSA-2007:088",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:088"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1887",
"datePublished": "2007-04-06T01:00:00",
"dateReserved": "2007-04-05T00:00:00",
"dateUpdated": "2024-08-07T13:13:41.290Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1375 (GCVE-0-2007-1375)
Vulnerability from cvelistv5
Published
2007-03-10 00:00
Modified
2024-08-07 12:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in the substr_compare function in PHP 5.2.1 and earlier allows context-dependent attackers to read sensitive memory via a large value in the length argument, a different vulnerability than CVE-2006-1991.
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:50:35.606Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "32780",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/32780"
},
{
"name": "25056",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25056"
},
{
"name": "DSA-1283",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1283"
},
{
"name": "24606",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24606"
},
{
"name": "3424",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/3424"
},
{
"name": "22851",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22851"
},
{
"name": "GLSA-200703-21",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200703-21.xml"
},
{
"name": "25062",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25062"
},
{
"name": "USN-455-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-455-1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.php-security.org/MOPB/MOPB-14-2007.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://us2.php.net/releases/5_2_2.php"
},
{
"name": "MDKSA-2007:187",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:187"
},
{
"name": "26895",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26895"
},
{
"name": "25057",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25057"
},
{
"name": "SUSE-SA:2007:032",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2007_32_php.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-03-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the substr_compare function in PHP 5.2.1 and earlier allows context-dependent attackers to read sensitive memory via a large value in the length argument, a different vulnerability than CVE-2006-1991."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "32780",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/32780"
},
{
"name": "25056",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25056"
},
{
"name": "DSA-1283",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1283"
},
{
"name": "24606",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24606"
},
{
"name": "3424",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/3424"
},
{
"name": "22851",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22851"
},
{
"name": "GLSA-200703-21",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200703-21.xml"
},
{
"name": "25062",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25062"
},
{
"name": "USN-455-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-455-1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.php-security.org/MOPB/MOPB-14-2007.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://us2.php.net/releases/5_2_2.php"
},
{
"name": "MDKSA-2007:187",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:187"
},
{
"name": "26895",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26895"
},
{
"name": "25057",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25057"
},
{
"name": "SUSE-SA:2007:032",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2007_32_php.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1375",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the substr_compare function in PHP 5.2.1 and earlier allows context-dependent attackers to read sensitive memory via a large value in the length argument, a different vulnerability than CVE-2006-1991."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "32780",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/32780"
},
{
"name": "25056",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25056"
},
{
"name": "DSA-1283",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1283"
},
{
"name": "24606",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24606"
},
{
"name": "3424",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3424"
},
{
"name": "22851",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22851"
},
{
"name": "GLSA-200703-21",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200703-21.xml"
},
{
"name": "25062",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25062"
},
{
"name": "USN-455-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-455-1"
},
{
"name": "http://www.php-security.org/MOPB/MOPB-14-2007.html",
"refsource": "MISC",
"url": "http://www.php-security.org/MOPB/MOPB-14-2007.html"
},
{
"name": "http://us2.php.net/releases/5_2_2.php",
"refsource": "CONFIRM",
"url": "http://us2.php.net/releases/5_2_2.php"
},
{
"name": "MDKSA-2007:187",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:187"
},
{
"name": "26895",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26895"
},
{
"name": "25057",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25057"
},
{
"name": "SUSE-SA:2007:032",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_32_php.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1375",
"datePublished": "2007-03-10T00:00:00",
"dateReserved": "2007-03-09T00:00:00",
"dateUpdated": "2024-08-07T12:50:35.606Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1001 (GCVE-0-2007-1001)
Vulnerability from cvelistv5
Published
2007-04-06 00:00
Modified
2024-08-07 12:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple integer overflows in the (1) createwbmp and (2) readwbmp functions in wbmp.c in the GD library (libgd) in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allow context-dependent attackers to execute arbitrary code via Wireless Bitmap (WBMP) images with large width or height values.
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:43:21.675Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-2732",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2732"
},
{
"name": "SSA:2007-127",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.470053"
},
{
"name": "25056",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25056"
},
{
"name": "25151",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25151"
},
{
"name": "php-gd-overflow(33453)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33453"
},
{
"name": "oval:org.mitre.oval:def:10179",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10179"
},
{
"name": "20070418 rPSA-2007-0073-1 php php-mysql php-pgsql",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/466166/100/0/threaded"
},
{
"name": "APPLE-SA-2007-07-31",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html"
},
{
"name": "GLSA-200705-19",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200705-19.xml"
},
{
"name": "RHSA-2007:0162",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0162.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://us2.php.net/releases/4_4_7.php"
},
{
"name": "MDKSA-2007:090",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:090"
},
{
"name": "20070407 PHP \u003c= 5.2.1 wbmp file handling integer overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/464957/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://cvs.php.net/viewvc.cgi/php-src/ext/gd/libgd/wbmp.c?r1=1.2.4.1\u0026r2=1.2.4.1.8.1"
},
{
"name": "24909",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24909"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://ifsec.blogspot.com/2007/04/php-521-wbmp-file-handling-integer.html"
},
{
"name": "MDKSA-2007:087",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:087"
},
{
"name": "24945",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24945"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-1268"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://us2.php.net/releases/5_2_2.php"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://docs.info.apple.com/article.html?artnum=306172"
},
{
"name": "24924",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24924"
},
{
"name": "23357",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23357"
},
{
"name": "RHSA-2007:0155",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2007-0155.html"
},
{
"name": "ADV-2007-1269",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1269"
},
{
"name": "24965",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24965"
},
{
"name": "25159",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25159"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cvs.php.net/viewvc.cgi/php-src/ext/gd/libgd/wbmp.c?revision=1.2.4.1.8.1\u0026view=markup"
},
{
"name": "MDKSA-2007:089",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:089"
},
{
"name": "25445",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25445"
},
{
"name": "24814",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24814"
},
{
"name": "SUSE-SA:2007:032",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2007_32_php.html"
},
{
"name": "MDKSA-2007:088",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:088"
},
{
"name": "26235",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26235"
},
{
"name": "RHSA-2007:0153",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0153.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in the (1) createwbmp and (2) readwbmp functions in wbmp.c in the GD library (libgd) in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allow context-dependent attackers to execute arbitrary code via Wireless Bitmap (WBMP) images with large width or height values."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "ADV-2007-2732",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2732"
},
{
"name": "SSA:2007-127",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.470053"
},
{
"name": "25056",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25056"
},
{
"name": "25151",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25151"
},
{
"name": "php-gd-overflow(33453)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33453"
},
{
"name": "oval:org.mitre.oval:def:10179",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10179"
},
{
"name": "20070418 rPSA-2007-0073-1 php php-mysql php-pgsql",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/466166/100/0/threaded"
},
{
"name": "APPLE-SA-2007-07-31",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html"
},
{
"name": "GLSA-200705-19",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200705-19.xml"
},
{
"name": "RHSA-2007:0162",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0162.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://us2.php.net/releases/4_4_7.php"
},
{
"name": "MDKSA-2007:090",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:090"
},
{
"name": "20070407 PHP \u003c= 5.2.1 wbmp file handling integer overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/464957/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://cvs.php.net/viewvc.cgi/php-src/ext/gd/libgd/wbmp.c?r1=1.2.4.1\u0026r2=1.2.4.1.8.1"
},
{
"name": "24909",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24909"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://ifsec.blogspot.com/2007/04/php-521-wbmp-file-handling-integer.html"
},
{
"name": "MDKSA-2007:087",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:087"
},
{
"name": "24945",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24945"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-1268"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://us2.php.net/releases/5_2_2.php"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://docs.info.apple.com/article.html?artnum=306172"
},
{
"name": "24924",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24924"
},
{
"name": "23357",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23357"
},
{
"name": "RHSA-2007:0155",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2007-0155.html"
},
{
"name": "ADV-2007-1269",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1269"
},
{
"name": "24965",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24965"
},
{
"name": "25159",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25159"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cvs.php.net/viewvc.cgi/php-src/ext/gd/libgd/wbmp.c?revision=1.2.4.1.8.1\u0026view=markup"
},
{
"name": "MDKSA-2007:089",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:089"
},
{
"name": "25445",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25445"
},
{
"name": "24814",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24814"
},
{
"name": "SUSE-SA:2007:032",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2007_32_php.html"
},
{
"name": "MDKSA-2007:088",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:088"
},
{
"name": "26235",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26235"
},
{
"name": "RHSA-2007:0153",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0153.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2007-1001",
"datePublished": "2007-04-06T00:00:00",
"dateReserved": "2007-02-16T00:00:00",
"dateUpdated": "2024-08-07T12:43:21.675Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1900 (GCVE-0-2007-1900)
Vulnerability from cvelistv5
Published
2007-04-10 18:00
Modified
2024-08-07 13:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
CRLF injection vulnerability in the FILTER_VALIDATE_EMAIL filter in ext/filter in PHP 5.2.0 and 5.2.1 allows context-dependent attackers to inject arbitrary e-mail headers via an e-mail address with a '\n' character, which causes a regular expression to ignore the subsequent part of the address string.
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:13:41.791Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "26231",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26231"
},
{
"name": "25056",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25056"
},
{
"name": "27110",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27110"
},
{
"name": "DSA-1283",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1283"
},
{
"name": "33962",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/33962"
},
{
"name": "GLSA-200705-19",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200705-19.xml"
},
{
"name": "ADV-2007-2016",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2016"
},
{
"name": "php-filtervalidateemail-header-injection(33510)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33510"
},
{
"name": "GLSA-200710-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml"
},
{
"name": "oval:org.mitre.oval:def:6067",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6067"
},
{
"name": "25062",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25062"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.php-security.org/MOPB/PMOPB-45-2007.html"
},
{
"name": "FEDORA-2007-2215",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00397.html"
},
{
"name": "24824",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24824"
},
{
"name": "2007-0023",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2007/0023/"
},
{
"name": "USN-455-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-455-1"
},
{
"name": "ADV-2007-3386",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3386"
},
{
"name": "27037",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27037"
},
{
"name": "SSA:2007-152-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.482863"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.php.net/releases/5_2_3.php"
},
{
"name": "SSRT071447",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795"
},
{
"name": "HPSBUX02262",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795"
},
{
"name": "25535",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25535"
},
{
"name": "27102",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27102"
},
{
"name": "25445",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25445"
},
{
"name": "23359",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23359"
},
{
"name": "25057",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25057"
},
{
"name": "SUSE-SA:2007:032",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2007_32_php.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "CRLF injection vulnerability in the FILTER_VALIDATE_EMAIL filter in ext/filter in PHP 5.2.0 and 5.2.1 allows context-dependent attackers to inject arbitrary e-mail headers via an e-mail address with a \u0027\\n\u0027 character, which causes a regular expression to ignore the subsequent part of the address string."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "26231",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26231"
},
{
"name": "25056",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25056"
},
{
"name": "27110",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27110"
},
{
"name": "DSA-1283",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1283"
},
{
"name": "33962",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/33962"
},
{
"name": "GLSA-200705-19",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200705-19.xml"
},
{
"name": "ADV-2007-2016",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2016"
},
{
"name": "php-filtervalidateemail-header-injection(33510)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33510"
},
{
"name": "GLSA-200710-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml"
},
{
"name": "oval:org.mitre.oval:def:6067",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6067"
},
{
"name": "25062",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25062"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.php-security.org/MOPB/PMOPB-45-2007.html"
},
{
"name": "FEDORA-2007-2215",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00397.html"
},
{
"name": "24824",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24824"
},
{
"name": "2007-0023",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2007/0023/"
},
{
"name": "USN-455-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-455-1"
},
{
"name": "ADV-2007-3386",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3386"
},
{
"name": "27037",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27037"
},
{
"name": "SSA:2007-152-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.482863"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.php.net/releases/5_2_3.php"
},
{
"name": "SSRT071447",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795"
},
{
"name": "HPSBUX02262",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795"
},
{
"name": "25535",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25535"
},
{
"name": "27102",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27102"
},
{
"name": "25445",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25445"
},
{
"name": "23359",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23359"
},
{
"name": "25057",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25057"
},
{
"name": "SUSE-SA:2007:032",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2007_32_php.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1900",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CRLF injection vulnerability in the FILTER_VALIDATE_EMAIL filter in ext/filter in PHP 5.2.0 and 5.2.1 allows context-dependent attackers to inject arbitrary e-mail headers via an e-mail address with a \u0027\\n\u0027 character, which causes a regular expression to ignore the subsequent part of the address string."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "26231",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26231"
},
{
"name": "25056",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25056"
},
{
"name": "27110",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27110"
},
{
"name": "DSA-1283",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1283"
},
{
"name": "33962",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/33962"
},
{
"name": "GLSA-200705-19",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200705-19.xml"
},
{
"name": "ADV-2007-2016",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2016"
},
{
"name": "php-filtervalidateemail-header-injection(33510)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33510"
},
{
"name": "GLSA-200710-02",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml"
},
{
"name": "oval:org.mitre.oval:def:6067",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6067"
},
{
"name": "25062",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25062"
},
{
"name": "http://www.php-security.org/MOPB/PMOPB-45-2007.html",
"refsource": "MISC",
"url": "http://www.php-security.org/MOPB/PMOPB-45-2007.html"
},
{
"name": "FEDORA-2007-2215",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00397.html"
},
{
"name": "24824",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24824"
},
{
"name": "2007-0023",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2007/0023/"
},
{
"name": "USN-455-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-455-1"
},
{
"name": "ADV-2007-3386",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3386"
},
{
"name": "27037",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27037"
},
{
"name": "SSA:2007-152-01",
"refsource": "SLACKWARE",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2007\u0026m=slackware-security.482863"
},
{
"name": "http://www.php.net/releases/5_2_3.php",
"refsource": "CONFIRM",
"url": "http://www.php.net/releases/5_2_3.php"
},
{
"name": "SSRT071447",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795"
},
{
"name": "HPSBUX02262",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795"
},
{
"name": "25535",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25535"
},
{
"name": "27102",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27102"
},
{
"name": "25445",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25445"
},
{
"name": "23359",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23359"
},
{
"name": "25057",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25057"
},
{
"name": "SUSE-SA:2007:032",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_32_php.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1900",
"datePublished": "2007-04-10T18:00:00",
"dateReserved": "2007-04-10T00:00:00",
"dateUpdated": "2024-08-07T13:13:41.791Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-0455 (GCVE-0-2007-0455)
Vulnerability from cvelistv5
Published
2007-01-30 17:00
Modified
2024-08-07 12:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in the gdImageStringFTEx function in gdft.c in GD Graphics Library 2.0.33 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted string with a JIS encoded font.
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:19:29.974Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "24022",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24022"
},
{
"name": "29157",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29157"
},
{
"name": "24107",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24107"
},
{
"name": "24143",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24143"
},
{
"name": "22289",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22289"
},
{
"name": "20070418 rPSA-2007-0073-1 php php-mysql php-pgsql",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/466166/100/0/threaded"
},
{
"name": "ADV-2007-0400",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0400"
},
{
"name": "23916",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23916"
},
{
"name": "24151",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24151"
},
{
"name": "RHSA-2007:0162",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0162.html"
},
{
"name": "42813",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42813"
},
{
"name": "MDKSA-2007:038",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:038"
},
{
"name": "MDKSA-2007:035",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:035"
},
{
"name": "ADV-2011-0022",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0022"
},
{
"name": "oval:org.mitre.oval:def:11303",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11303"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=224607"
},
{
"name": "[security-announce] 20070208 rPSA-2007-0028-1 gd",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.rpath.com/pipermail/security-announce/2007-February/000145.html"
},
{
"name": "FEDORA-2010-19033",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052848.html"
},
{
"name": "24945",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24945"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-1268"
},
{
"name": "MDKSA-2007:109",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:109"
},
{
"name": "RHSA-2008:0146",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0146.html"
},
{
"name": "2007-0007",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2007/0007"
},
{
"name": "24053",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24053"
},
{
"name": "24924",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24924"
},
{
"name": "24052",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24052"
},
{
"name": "FEDORA-2010-19022",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052854.html"
},
{
"name": "RHSA-2007:0155",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2007-0155.html"
},
{
"name": "24965",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24965"
},
{
"name": "MDKSA-2007:036",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:036"
},
{
"name": "25575",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25575"
},
{
"name": "FEDORA-2007-150",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://fedoranews.org/cms/node/2631"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-1030"
},
{
"name": "USN-473-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-473-1"
},
{
"name": "RHSA-2007:0153",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0153.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-01-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the gdImageStringFTEx function in gdft.c in GD Graphics Library 2.0.33 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted string with a JIS encoded font."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "24022",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24022"
},
{
"name": "29157",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29157"
},
{
"name": "24107",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24107"
},
{
"name": "24143",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24143"
},
{
"name": "22289",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22289"
},
{
"name": "20070418 rPSA-2007-0073-1 php php-mysql php-pgsql",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/466166/100/0/threaded"
},
{
"name": "ADV-2007-0400",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0400"
},
{
"name": "23916",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23916"
},
{
"name": "24151",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24151"
},
{
"name": "RHSA-2007:0162",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0162.html"
},
{
"name": "42813",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42813"
},
{
"name": "MDKSA-2007:038",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:038"
},
{
"name": "MDKSA-2007:035",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:035"
},
{
"name": "ADV-2011-0022",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0022"
},
{
"name": "oval:org.mitre.oval:def:11303",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11303"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=224607"
},
{
"name": "[security-announce] 20070208 rPSA-2007-0028-1 gd",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.rpath.com/pipermail/security-announce/2007-February/000145.html"
},
{
"name": "FEDORA-2010-19033",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052848.html"
},
{
"name": "24945",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24945"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-1268"
},
{
"name": "MDKSA-2007:109",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:109"
},
{
"name": "RHSA-2008:0146",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0146.html"
},
{
"name": "2007-0007",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2007/0007"
},
{
"name": "24053",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24053"
},
{
"name": "24924",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24924"
},
{
"name": "24052",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24052"
},
{
"name": "FEDORA-2010-19022",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052854.html"
},
{
"name": "RHSA-2007:0155",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2007-0155.html"
},
{
"name": "24965",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24965"
},
{
"name": "MDKSA-2007:036",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:036"
},
{
"name": "25575",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25575"
},
{
"name": "FEDORA-2007-150",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://fedoranews.org/cms/node/2631"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-1030"
},
{
"name": "USN-473-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-473-1"
},
{
"name": "RHSA-2007:0153",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0153.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2007-0455",
"datePublished": "2007-01-30T17:00:00",
"dateReserved": "2007-01-23T00:00:00",
"dateUpdated": "2024-08-07T12:19:29.974Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1454 (GCVE-0-2007-1454)
Vulnerability from cvelistv5
Published
2007-03-14 18:00
Modified
2024-08-07 12:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
ext/filter in PHP 5.2.0, when FILTER_SANITIZE_STRING is used with the FILTER_FLAG_STRIP_LOW flag, does not properly strip HTML tags, which allows remote attackers to conduct cross-site scripting (XSS) attacks via HTML with a '<' character followed by certain whitespace characters, which passes one filter but is collapsed into a valid tag, as demonstrated using %0b.
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:59:08.283Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "25056",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25056"
},
{
"name": "DSA-1283",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1283"
},
{
"name": "22914",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22914"
},
{
"name": "25062",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25062"
},
{
"name": "MDKSA-2007:090",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:090"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.php-security.org/MOPB/MOPB-18-2007.html"
},
{
"name": "SUSE-SA:2007:032",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2007_32_php.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-03-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ext/filter in PHP 5.2.0, when FILTER_SANITIZE_STRING is used with the FILTER_FLAG_STRIP_LOW flag, does not properly strip HTML tags, which allows remote attackers to conduct cross-site scripting (XSS) attacks via HTML with a \u0027\u003c\u0027 character followed by certain whitespace characters, which passes one filter but is collapsed into a valid tag, as demonstrated using %0b."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-05-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "25056",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25056"
},
{
"name": "DSA-1283",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1283"
},
{
"name": "22914",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22914"
},
{
"name": "25062",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25062"
},
{
"name": "MDKSA-2007:090",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:090"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.php-security.org/MOPB/MOPB-18-2007.html"
},
{
"name": "SUSE-SA:2007:032",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2007_32_php.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1454",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ext/filter in PHP 5.2.0, when FILTER_SANITIZE_STRING is used with the FILTER_FLAG_STRIP_LOW flag, does not properly strip HTML tags, which allows remote attackers to conduct cross-site scripting (XSS) attacks via HTML with a \u0027\u003c\u0027 character followed by certain whitespace characters, which passes one filter but is collapsed into a valid tag, as demonstrated using %0b."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "25056",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25056"
},
{
"name": "DSA-1283",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1283"
},
{
"name": "22914",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22914"
},
{
"name": "25062",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25062"
},
{
"name": "MDKSA-2007:090",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:090"
},
{
"name": "http://www.php-security.org/MOPB/MOPB-18-2007.html",
"refsource": "MISC",
"url": "http://www.php-security.org/MOPB/MOPB-18-2007.html"
},
{
"name": "SUSE-SA:2007:032",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_32_php.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1454",
"datePublished": "2007-03-14T18:00:00",
"dateReserved": "2007-03-14T00:00:00",
"dateUpdated": "2024-08-07T12:59:08.283Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1583 (GCVE-0-2007-1583)
Vulnerability from cvelistv5
Published
2007-03-21 23:00
Modified
2024-08-07 12:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The mb_parse_str function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 sets the internal register_globals flag and does not disable it in certain cases when a script terminates, which allows remote attackers to invoke available PHP scripts with register_globals functionality that is not detectable by these scripts, as demonstrated by forcing a memory_limit violation.
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:59:08.864Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-2732",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2732"
},
{
"name": "25056",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25056"
},
{
"name": "DSA-1283",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1283"
},
{
"name": "20070418 rPSA-2007-0073-1 php php-mysql php-pgsql",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/466166/100/0/threaded"
},
{
"name": "APPLE-SA-2007-07-31",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html"
},
{
"name": "GLSA-200705-19",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200705-19.xml"
},
{
"name": "oval:org.mitre.oval:def:10245",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10245"
},
{
"name": "RHSA-2007:0162",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0162.html"
},
{
"name": "23016",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23016"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://us2.php.net/releases/4_4_7.php"
},
{
"name": "25062",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25062"
},
{
"name": "MDKSA-2007:090",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:090"
},
{
"name": "USN-455-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-455-1"
},
{
"name": "24909",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24909"
},
{
"name": "24945",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24945"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-1268"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://us2.php.net/releases/5_2_2.php"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://docs.info.apple.com/article.html?artnum=306172"
},
{
"name": "24924",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24924"
},
{
"name": "RHSA-2007:0155",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2007-0155.html"
},
{
"name": "24965",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24965"
},
{
"name": "25159",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25159"
},
{
"name": "MDKSA-2007:089",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:089"
},
{
"name": "25445",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25445"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.php-security.org/MOPB/MOPB-26-2007.html"
},
{
"name": "25057",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25057"
},
{
"name": "SUSE-SA:2007:032",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2007_32_php.html"
},
{
"name": "MDKSA-2007:088",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:088"
},
{
"name": "26235",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26235"
},
{
"name": "RHSA-2007:0153",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0153.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-03-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The mb_parse_str function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 sets the internal register_globals flag and does not disable it in certain cases when a script terminates, which allows remote attackers to invoke available PHP scripts with register_globals functionality that is not detectable by these scripts, as demonstrated by forcing a memory_limit violation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2007-2732",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2732"
},
{
"name": "25056",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25056"
},
{
"name": "DSA-1283",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1283"
},
{
"name": "20070418 rPSA-2007-0073-1 php php-mysql php-pgsql",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/466166/100/0/threaded"
},
{
"name": "APPLE-SA-2007-07-31",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html"
},
{
"name": "GLSA-200705-19",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200705-19.xml"
},
{
"name": "oval:org.mitre.oval:def:10245",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10245"
},
{
"name": "RHSA-2007:0162",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0162.html"
},
{
"name": "23016",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23016"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://us2.php.net/releases/4_4_7.php"
},
{
"name": "25062",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25062"
},
{
"name": "MDKSA-2007:090",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:090"
},
{
"name": "USN-455-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-455-1"
},
{
"name": "24909",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24909"
},
{
"name": "24945",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24945"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-1268"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://us2.php.net/releases/5_2_2.php"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://docs.info.apple.com/article.html?artnum=306172"
},
{
"name": "24924",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24924"
},
{
"name": "RHSA-2007:0155",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2007-0155.html"
},
{
"name": "24965",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24965"
},
{
"name": "25159",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25159"
},
{
"name": "MDKSA-2007:089",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:089"
},
{
"name": "25445",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25445"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.php-security.org/MOPB/MOPB-26-2007.html"
},
{
"name": "25057",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25057"
},
{
"name": "SUSE-SA:2007:032",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2007_32_php.html"
},
{
"name": "MDKSA-2007:088",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:088"
},
{
"name": "26235",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26235"
},
{
"name": "RHSA-2007:0153",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0153.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1583",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The mb_parse_str function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 sets the internal register_globals flag and does not disable it in certain cases when a script terminates, which allows remote attackers to invoke available PHP scripts with register_globals functionality that is not detectable by these scripts, as demonstrated by forcing a memory_limit violation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-2732",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2732"
},
{
"name": "25056",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25056"
},
{
"name": "DSA-1283",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1283"
},
{
"name": "20070418 rPSA-2007-0073-1 php php-mysql php-pgsql",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/466166/100/0/threaded"
},
{
"name": "APPLE-SA-2007-07-31",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html"
},
{
"name": "GLSA-200705-19",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200705-19.xml"
},
{
"name": "oval:org.mitre.oval:def:10245",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10245"
},
{
"name": "RHSA-2007:0162",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0162.html"
},
{
"name": "23016",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23016"
},
{
"name": "http://us2.php.net/releases/4_4_7.php",
"refsource": "CONFIRM",
"url": "http://us2.php.net/releases/4_4_7.php"
},
{
"name": "25062",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25062"
},
{
"name": "MDKSA-2007:090",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:090"
},
{
"name": "USN-455-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-455-1"
},
{
"name": "24909",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24909"
},
{
"name": "24945",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24945"
},
{
"name": "https://issues.rpath.com/browse/RPL-1268",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-1268"
},
{
"name": "http://us2.php.net/releases/5_2_2.php",
"refsource": "CONFIRM",
"url": "http://us2.php.net/releases/5_2_2.php"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=306172",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=306172"
},
{
"name": "24924",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24924"
},
{
"name": "RHSA-2007:0155",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2007-0155.html"
},
{
"name": "24965",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24965"
},
{
"name": "25159",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25159"
},
{
"name": "MDKSA-2007:089",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:089"
},
{
"name": "25445",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25445"
},
{
"name": "http://www.php-security.org/MOPB/MOPB-26-2007.html",
"refsource": "MISC",
"url": "http://www.php-security.org/MOPB/MOPB-26-2007.html"
},
{
"name": "25057",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25057"
},
{
"name": "SUSE-SA:2007:032",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_32_php.html"
},
{
"name": "MDKSA-2007:088",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:088"
},
{
"name": "26235",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26235"
},
{
"name": "RHSA-2007:0153",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0153.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1583",
"datePublished": "2007-03-21T23:00:00",
"dateReserved": "2007-03-21T00:00:00",
"dateUpdated": "2024-08-07T12:59:08.864Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1824 (GCVE-0-2007-1824)
Vulnerability from cvelistv5
Published
2007-04-02 23:00
Modified
2024-08-07 13:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in the php_stream_filter_create function in PHP 5 before 5.2.1 allows remote attackers to cause a denial of service (application crash) via a php://filter/ URL that has a name ending in the '.' character.
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:13:40.593Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "25056",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25056"
},
{
"name": "23237",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23237"
},
{
"name": "DSA-1283",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1283"
},
{
"name": "25062",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25062"
},
{
"name": "USN-455-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-455-1"
},
{
"name": "25057",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25057"
},
{
"name": "php-phpstreamfiltercreate-bo(33729)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33729"
},
{
"name": "SUSE-SA:2007:032",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2007_32_php.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.php-security.org/MOPB/MOPB-42-2007.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-03-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the php_stream_filter_create function in PHP 5 before 5.2.1 allows remote attackers to cause a denial of service (application crash) via a php://filter/ URL that has a name ending in the \u0027.\u0027 character."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "25056",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25056"
},
{
"name": "23237",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23237"
},
{
"name": "DSA-1283",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1283"
},
{
"name": "25062",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25062"
},
{
"name": "USN-455-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-455-1"
},
{
"name": "25057",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25057"
},
{
"name": "php-phpstreamfiltercreate-bo(33729)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33729"
},
{
"name": "SUSE-SA:2007:032",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2007_32_php.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.php-security.org/MOPB/MOPB-42-2007.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1824",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the php_stream_filter_create function in PHP 5 before 5.2.1 allows remote attackers to cause a denial of service (application crash) via a php://filter/ URL that has a name ending in the \u0027.\u0027 character."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "25056",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25056"
},
{
"name": "23237",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23237"
},
{
"name": "DSA-1283",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1283"
},
{
"name": "25062",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25062"
},
{
"name": "USN-455-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-455-1"
},
{
"name": "25057",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25057"
},
{
"name": "php-phpstreamfiltercreate-bo(33729)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33729"
},
{
"name": "SUSE-SA:2007:032",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_32_php.html"
},
{
"name": "http://www.php-security.org/MOPB/MOPB-42-2007.html",
"refsource": "MISC",
"url": "http://www.php-security.org/MOPB/MOPB-42-2007.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1824",
"datePublished": "2007-04-02T23:00:00",
"dateReserved": "2007-04-02T00:00:00",
"dateUpdated": "2024-08-07T13:13:40.593Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1453 (GCVE-0-2007-1453)
Vulnerability from cvelistv5
Published
2007-03-14 18:00
Modified
2024-08-07 12:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer underflow in the PHP_FILTER_TRIM_DEFAULT macro in the filtering extension (ext/filter) in PHP 5.2.0 allows context-dependent attackers to execute arbitrary code by calling filter_var with certain modes such as FILTER_VALIDATE_INT, which causes filter to write a null byte in whitespace that precedes the buffer.
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:59:08.639Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "25056",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25056"
},
{
"name": "DSA-1283",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1283"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.php.net/releases/5_2_1.php"
},
{
"name": "22922",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22922"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.php-security.org/MOPB/MOPB-19-2007.html"
},
{
"name": "25062",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25062"
},
{
"name": "SUSE-SA:2007:032",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2007_32_php.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-03-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer underflow in the PHP_FILTER_TRIM_DEFAULT macro in the filtering extension (ext/filter) in PHP 5.2.0 allows context-dependent attackers to execute arbitrary code by calling filter_var with certain modes such as FILTER_VALIDATE_INT, which causes filter to write a null byte in whitespace that precedes the buffer."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-05-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "25056",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25056"
},
{
"name": "DSA-1283",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1283"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.php.net/releases/5_2_1.php"
},
{
"name": "22922",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22922"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.php-security.org/MOPB/MOPB-19-2007.html"
},
{
"name": "25062",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25062"
},
{
"name": "SUSE-SA:2007:032",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2007_32_php.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1453",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer underflow in the PHP_FILTER_TRIM_DEFAULT macro in the filtering extension (ext/filter) in PHP 5.2.0 allows context-dependent attackers to execute arbitrary code by calling filter_var with certain modes such as FILTER_VALIDATE_INT, which causes filter to write a null byte in whitespace that precedes the buffer."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "25056",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25056"
},
{
"name": "DSA-1283",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1283"
},
{
"name": "http://www.php.net/releases/5_2_1.php",
"refsource": "MISC",
"url": "http://www.php.net/releases/5_2_1.php"
},
{
"name": "22922",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22922"
},
{
"name": "http://www.php-security.org/MOPB/MOPB-19-2007.html",
"refsource": "MISC",
"url": "http://www.php-security.org/MOPB/MOPB-19-2007.html"
},
{
"name": "25062",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25062"
},
{
"name": "SUSE-SA:2007:032",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_32_php.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1453",
"datePublished": "2007-03-14T18:00:00",
"dateReserved": "2007-03-14T00:00:00",
"dateUpdated": "2024-08-07T12:59:08.639Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1711 (GCVE-0-2007-1711)
Vulnerability from cvelistv5
Published
2007-03-27 01:00
Modified
2024-08-07 13:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Double free vulnerability in the unserializer in PHP 4.4.5 and 4.4.6 allows context-dependent attackers to execute arbitrary code by overwriting variables pointing to (1) the GLOBALS array or (2) the session data in _SESSION. NOTE: this issue was introduced when attempting to patch CVE-2007-1701 (MOPB-31-2007).
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:06:25.850Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-2732",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2732"
},
{
"name": "23121",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23121"
},
{
"name": "DSA-1283",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1283"
},
{
"name": "RHSA-2007:0154",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2007-0154.html"
},
{
"name": "20070418 rPSA-2007-0073-1 php php-mysql php-pgsql",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/466166/100/0/threaded"
},
{
"name": "APPLE-SA-2007-07-31",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html"
},
{
"name": "GLSA-200705-19",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200705-19.xml"
},
{
"name": "24941",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24941"
},
{
"name": "25062",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25062"
},
{
"name": "oval:org.mitre.oval:def:10406",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10406"
},
{
"name": "MDKSA-2007:087",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:087"
},
{
"name": "24945",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24945"
},
{
"name": "DSA-1282",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1282"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-1268"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://docs.info.apple.com/article.html?artnum=306172"
},
{
"name": "php-deserializer-code-execution(33575)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33575"
},
{
"name": "24924",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24924"
},
{
"name": "RHSA-2007:0155",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2007-0155.html"
},
{
"name": "24910",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24910"
},
{
"name": "25159",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25159"
},
{
"name": "25445",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25445"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.php-security.org/MOPB/MOPB-32-2007.html"
},
{
"name": "RHSA-2007:0163",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2007-0163.html"
},
{
"name": "25025",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25025"
},
{
"name": "MDKSA-2007:088",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:088"
},
{
"name": "26235",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26235"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-03-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Double free vulnerability in the unserializer in PHP 4.4.5 and 4.4.6 allows context-dependent attackers to execute arbitrary code by overwriting variables pointing to (1) the GLOBALS array or (2) the session data in _SESSION. NOTE: this issue was introduced when attempting to patch CVE-2007-1701 (MOPB-31-2007)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2007-2732",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2732"
},
{
"name": "23121",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23121"
},
{
"name": "DSA-1283",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1283"
},
{
"name": "RHSA-2007:0154",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2007-0154.html"
},
{
"name": "20070418 rPSA-2007-0073-1 php php-mysql php-pgsql",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/466166/100/0/threaded"
},
{
"name": "APPLE-SA-2007-07-31",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html"
},
{
"name": "GLSA-200705-19",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200705-19.xml"
},
{
"name": "24941",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24941"
},
{
"name": "25062",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25062"
},
{
"name": "oval:org.mitre.oval:def:10406",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10406"
},
{
"name": "MDKSA-2007:087",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:087"
},
{
"name": "24945",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24945"
},
{
"name": "DSA-1282",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1282"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-1268"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://docs.info.apple.com/article.html?artnum=306172"
},
{
"name": "php-deserializer-code-execution(33575)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33575"
},
{
"name": "24924",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24924"
},
{
"name": "RHSA-2007:0155",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2007-0155.html"
},
{
"name": "24910",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24910"
},
{
"name": "25159",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25159"
},
{
"name": "25445",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25445"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.php-security.org/MOPB/MOPB-32-2007.html"
},
{
"name": "RHSA-2007:0163",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2007-0163.html"
},
{
"name": "25025",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25025"
},
{
"name": "MDKSA-2007:088",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:088"
},
{
"name": "26235",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26235"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1711",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Double free vulnerability in the unserializer in PHP 4.4.5 and 4.4.6 allows context-dependent attackers to execute arbitrary code by overwriting variables pointing to (1) the GLOBALS array or (2) the session data in _SESSION. NOTE: this issue was introduced when attempting to patch CVE-2007-1701 (MOPB-31-2007)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-2732",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2732"
},
{
"name": "23121",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23121"
},
{
"name": "DSA-1283",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1283"
},
{
"name": "RHSA-2007:0154",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2007-0154.html"
},
{
"name": "20070418 rPSA-2007-0073-1 php php-mysql php-pgsql",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/466166/100/0/threaded"
},
{
"name": "APPLE-SA-2007-07-31",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html"
},
{
"name": "GLSA-200705-19",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200705-19.xml"
},
{
"name": "24941",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24941"
},
{
"name": "25062",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25062"
},
{
"name": "oval:org.mitre.oval:def:10406",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10406"
},
{
"name": "MDKSA-2007:087",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:087"
},
{
"name": "24945",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24945"
},
{
"name": "DSA-1282",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1282"
},
{
"name": "https://issues.rpath.com/browse/RPL-1268",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-1268"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=306172",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=306172"
},
{
"name": "php-deserializer-code-execution(33575)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33575"
},
{
"name": "24924",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24924"
},
{
"name": "RHSA-2007:0155",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2007-0155.html"
},
{
"name": "24910",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24910"
},
{
"name": "25159",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25159"
},
{
"name": "25445",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25445"
},
{
"name": "http://www.php-security.org/MOPB/MOPB-32-2007.html",
"refsource": "MISC",
"url": "http://www.php-security.org/MOPB/MOPB-32-2007.html"
},
{
"name": "RHSA-2007:0163",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2007-0163.html"
},
{
"name": "25025",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25025"
},
{
"name": "MDKSA-2007:088",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:088"
},
{
"name": "26235",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26235"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1711",
"datePublished": "2007-03-27T01:00:00",
"dateReserved": "2007-03-26T00:00:00",
"dateUpdated": "2024-08-07T13:06:25.850Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…