rhsa-2007_0154
Vulnerability from csaf_redhat
Published
2007-04-16 15:38
Modified
2024-11-14 10:04
Summary
Red Hat Security Advisory: php security update
Notes
Topic
Updated PHP packages that fix several security issues are now available for
Red Hat Enterprise Linux 2.1.
This update has been rated as having important security impact by the Red
Hat Security Response Team.
Details
PHP is an HTML-embedded scripting language commonly used with the Apache
HTTP Web server.
A denial of service flaw was found in the way PHP processed a deeply nested
array. A remote attacker could cause the PHP interpreter to crash by
submitting an input variable with a deeply nested array. (CVE-2007-1285)
A flaw was found in the way PHP's unserialize() function processes data. If
a remote attacker is able to pass arbitrary data to PHP's unserialize()
function, it may be possible for them to execute arbitrary code as the
apache user. (CVE-2007-1286)
A double free flaw was found in PHP's session_decode() function. If a
remote attacker is able to pass arbitrary data to PHP's session_decode()
function, it may be possible for them to execute arbitrary code as the
apache user. (CVE-2007-1711)
Users of PHP should upgrade to these updated packages which contain
backported patches to correct these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated PHP packages that fix several security issues are now available for\nRed Hat Enterprise Linux 2.1.\n\nThis update has been rated as having important security impact by the Red\nHat Security Response Team.", "title": "Topic" }, { "category": "general", "text": "PHP is an HTML-embedded scripting language commonly used with the Apache\nHTTP Web server. \n\nA denial of service flaw was found in the way PHP processed a deeply nested\narray. A remote attacker could cause the PHP interpreter to crash by\nsubmitting an input variable with a deeply nested array. (CVE-2007-1285)\n\nA flaw was found in the way PHP\u0027s unserialize() function processes data. If\na remote attacker is able to pass arbitrary data to PHP\u0027s unserialize()\nfunction, it may be possible for them to execute arbitrary code as the\napache user. (CVE-2007-1286)\n\nA double free flaw was found in PHP\u0027s session_decode() function. If a\nremote attacker is able to pass arbitrary data to PHP\u0027s session_decode()\nfunction, it may be possible for them to execute arbitrary code as the\napache user. (CVE-2007-1711)\n\nUsers of PHP should upgrade to these updated packages which contain\nbackported patches to correct these issues.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2007:0154", "url": "https://access.redhat.com/errata/RHSA-2007:0154" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "235225", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=235225" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2007/rhsa-2007_0154.json" } ], "title": "Red Hat Security Advisory: php security update", "tracking": { "current_release_date": "2024-11-14T10:04:53+00:00", "generator": { "date": "2024-11-14T10:04:53+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.0" } }, "id": "RHSA-2007:0154", "initial_release_date": "2007-04-16T15:38:00+00:00", "revision_history": [ { "date": "2007-04-16T15:38:00+00:00", "number": "1", "summary": "Initial version" }, { "date": "2007-04-16T11:38:44+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-14T10:04:53+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "product": { "name": "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "product_id": "2.1AS", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:2.1::as" } } }, { "category": "product_name", "name": "Red Hat Linux Advanced Workstation 2.1", "product": { "name": "Red Hat Linux Advanced Workstation 2.1", "product_id": "2.1AW", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:2.1::aw" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux ES version 2.1", "product": { "name": "Red Hat Enterprise Linux ES version 2.1", "product_id": "2.1ES", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:2.1::es" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux WS version 2.1", "product": { "name": "Red Hat Enterprise Linux WS version 2.1", "product_id": "2.1WS", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:2.1::ws" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "php-odbc-0:4.1.2-2.17.ia64", "product": { "name": "php-odbc-0:4.1.2-2.17.ia64", "product_id": "php-odbc-0:4.1.2-2.17.ia64", "product_identification_helper": { "purl": "pkg:rpm/redhat/php-odbc@4.1.2-2.17?arch=ia64" } } }, { "category": "product_version", "name": "php-mysql-0:4.1.2-2.17.ia64", "product": { "name": "php-mysql-0:4.1.2-2.17.ia64", "product_id": "php-mysql-0:4.1.2-2.17.ia64", "product_identification_helper": { "purl": "pkg:rpm/redhat/php-mysql@4.1.2-2.17?arch=ia64" } } }, { "category": "product_version", "name": "php-pgsql-0:4.1.2-2.17.ia64", "product": { "name": "php-pgsql-0:4.1.2-2.17.ia64", "product_id": "php-pgsql-0:4.1.2-2.17.ia64", "product_identification_helper": { "purl": "pkg:rpm/redhat/php-pgsql@4.1.2-2.17?arch=ia64" } } }, { "category": "product_version", "name": "php-imap-0:4.1.2-2.17.ia64", "product": { "name": "php-imap-0:4.1.2-2.17.ia64", "product_id": "php-imap-0:4.1.2-2.17.ia64", "product_identification_helper": { "purl": "pkg:rpm/redhat/php-imap@4.1.2-2.17?arch=ia64" } } }, { "category": "product_version", "name": "php-devel-0:4.1.2-2.17.ia64", "product": { "name": "php-devel-0:4.1.2-2.17.ia64", "product_id": "php-devel-0:4.1.2-2.17.ia64", "product_identification_helper": { "purl": "pkg:rpm/redhat/php-devel@4.1.2-2.17?arch=ia64" } } }, { "category": "product_version", "name": "php-ldap-0:4.1.2-2.17.ia64", "product": { "name": "php-ldap-0:4.1.2-2.17.ia64", "product_id": "php-ldap-0:4.1.2-2.17.ia64", "product_identification_helper": { "purl": "pkg:rpm/redhat/php-ldap@4.1.2-2.17?arch=ia64" } } }, { "category": "product_version", "name": "php-manual-0:4.1.2-2.17.ia64", "product": { "name": "php-manual-0:4.1.2-2.17.ia64", "product_id": "php-manual-0:4.1.2-2.17.ia64", "product_identification_helper": { "purl": "pkg:rpm/redhat/php-manual@4.1.2-2.17?arch=ia64" } } }, { "category": "product_version", "name": "php-0:4.1.2-2.17.ia64", "product": { "name": "php-0:4.1.2-2.17.ia64", "product_id": "php-0:4.1.2-2.17.ia64", "product_identification_helper": { "purl": "pkg:rpm/redhat/php@4.1.2-2.17?arch=ia64" } } } ], "category": "architecture", "name": "ia64" }, { "branches": [ { "category": "product_version", "name": "php-0:4.1.2-2.17.src", "product": { "name": "php-0:4.1.2-2.17.src", "product_id": "php-0:4.1.2-2.17.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/php@4.1.2-2.17?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "php-odbc-0:4.1.2-2.17.i386", "product": { "name": "php-odbc-0:4.1.2-2.17.i386", "product_id": "php-odbc-0:4.1.2-2.17.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/php-odbc@4.1.2-2.17?arch=i386" } } }, { "category": "product_version", "name": "php-mysql-0:4.1.2-2.17.i386", "product": { "name": "php-mysql-0:4.1.2-2.17.i386", "product_id": "php-mysql-0:4.1.2-2.17.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/php-mysql@4.1.2-2.17?arch=i386" } } }, { "category": "product_version", "name": "php-pgsql-0:4.1.2-2.17.i386", "product": { "name": "php-pgsql-0:4.1.2-2.17.i386", "product_id": "php-pgsql-0:4.1.2-2.17.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/php-pgsql@4.1.2-2.17?arch=i386" } } }, { "category": "product_version", "name": "php-imap-0:4.1.2-2.17.i386", "product": { "name": "php-imap-0:4.1.2-2.17.i386", "product_id": "php-imap-0:4.1.2-2.17.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/php-imap@4.1.2-2.17?arch=i386" } } }, { "category": "product_version", "name": "php-devel-0:4.1.2-2.17.i386", "product": { "name": "php-devel-0:4.1.2-2.17.i386", "product_id": "php-devel-0:4.1.2-2.17.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/php-devel@4.1.2-2.17?arch=i386" } } }, { "category": "product_version", "name": "php-ldap-0:4.1.2-2.17.i386", "product": { "name": "php-ldap-0:4.1.2-2.17.i386", "product_id": "php-ldap-0:4.1.2-2.17.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/php-ldap@4.1.2-2.17?arch=i386" } } }, { "category": "product_version", "name": "php-manual-0:4.1.2-2.17.i386", "product": { "name": "php-manual-0:4.1.2-2.17.i386", "product_id": "php-manual-0:4.1.2-2.17.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/php-manual@4.1.2-2.17?arch=i386" } } }, { "category": "product_version", "name": "php-0:4.1.2-2.17.i386", "product": { "name": "php-0:4.1.2-2.17.i386", "product_id": "php-0:4.1.2-2.17.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/php@4.1.2-2.17?arch=i386" } } } ], "category": "architecture", "name": "i386" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "php-0:4.1.2-2.17.i386 as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "product_id": "2.1AS:php-0:4.1.2-2.17.i386" }, "product_reference": "php-0:4.1.2-2.17.i386", "relates_to_product_reference": "2.1AS" }, { "category": "default_component_of", "full_product_name": { "name": "php-0:4.1.2-2.17.ia64 as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "product_id": "2.1AS:php-0:4.1.2-2.17.ia64" }, "product_reference": "php-0:4.1.2-2.17.ia64", "relates_to_product_reference": "2.1AS" }, { "category": "default_component_of", "full_product_name": { "name": "php-0:4.1.2-2.17.src as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "product_id": "2.1AS:php-0:4.1.2-2.17.src" }, "product_reference": "php-0:4.1.2-2.17.src", "relates_to_product_reference": "2.1AS" }, { "category": "default_component_of", "full_product_name": { "name": "php-devel-0:4.1.2-2.17.i386 as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "product_id": "2.1AS:php-devel-0:4.1.2-2.17.i386" }, "product_reference": "php-devel-0:4.1.2-2.17.i386", "relates_to_product_reference": "2.1AS" }, { "category": "default_component_of", "full_product_name": { "name": "php-devel-0:4.1.2-2.17.ia64 as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "product_id": "2.1AS:php-devel-0:4.1.2-2.17.ia64" }, "product_reference": "php-devel-0:4.1.2-2.17.ia64", "relates_to_product_reference": "2.1AS" }, { "category": "default_component_of", "full_product_name": { "name": "php-imap-0:4.1.2-2.17.i386 as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "product_id": "2.1AS:php-imap-0:4.1.2-2.17.i386" }, "product_reference": "php-imap-0:4.1.2-2.17.i386", "relates_to_product_reference": "2.1AS" }, { "category": "default_component_of", "full_product_name": { "name": "php-imap-0:4.1.2-2.17.ia64 as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "product_id": "2.1AS:php-imap-0:4.1.2-2.17.ia64" }, "product_reference": "php-imap-0:4.1.2-2.17.ia64", "relates_to_product_reference": "2.1AS" }, { "category": "default_component_of", "full_product_name": { "name": "php-ldap-0:4.1.2-2.17.i386 as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "product_id": "2.1AS:php-ldap-0:4.1.2-2.17.i386" }, "product_reference": "php-ldap-0:4.1.2-2.17.i386", "relates_to_product_reference": "2.1AS" }, { "category": "default_component_of", "full_product_name": { "name": "php-ldap-0:4.1.2-2.17.ia64 as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "product_id": "2.1AS:php-ldap-0:4.1.2-2.17.ia64" }, "product_reference": "php-ldap-0:4.1.2-2.17.ia64", "relates_to_product_reference": "2.1AS" }, { "category": "default_component_of", "full_product_name": { "name": "php-manual-0:4.1.2-2.17.i386 as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "product_id": "2.1AS:php-manual-0:4.1.2-2.17.i386" }, "product_reference": "php-manual-0:4.1.2-2.17.i386", "relates_to_product_reference": "2.1AS" }, { "category": "default_component_of", "full_product_name": { "name": "php-manual-0:4.1.2-2.17.ia64 as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "product_id": "2.1AS:php-manual-0:4.1.2-2.17.ia64" }, "product_reference": "php-manual-0:4.1.2-2.17.ia64", "relates_to_product_reference": "2.1AS" }, { "category": "default_component_of", "full_product_name": { "name": "php-mysql-0:4.1.2-2.17.i386 as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "product_id": "2.1AS:php-mysql-0:4.1.2-2.17.i386" }, "product_reference": "php-mysql-0:4.1.2-2.17.i386", "relates_to_product_reference": "2.1AS" }, { "category": "default_component_of", "full_product_name": { "name": "php-mysql-0:4.1.2-2.17.ia64 as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "product_id": "2.1AS:php-mysql-0:4.1.2-2.17.ia64" }, "product_reference": "php-mysql-0:4.1.2-2.17.ia64", "relates_to_product_reference": "2.1AS" }, { "category": "default_component_of", "full_product_name": { "name": "php-odbc-0:4.1.2-2.17.i386 as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "product_id": "2.1AS:php-odbc-0:4.1.2-2.17.i386" }, "product_reference": "php-odbc-0:4.1.2-2.17.i386", "relates_to_product_reference": "2.1AS" }, { "category": "default_component_of", "full_product_name": { "name": "php-odbc-0:4.1.2-2.17.ia64 as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "product_id": "2.1AS:php-odbc-0:4.1.2-2.17.ia64" }, "product_reference": "php-odbc-0:4.1.2-2.17.ia64", "relates_to_product_reference": "2.1AS" }, { "category": "default_component_of", "full_product_name": { "name": "php-pgsql-0:4.1.2-2.17.i386 as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "product_id": "2.1AS:php-pgsql-0:4.1.2-2.17.i386" }, "product_reference": "php-pgsql-0:4.1.2-2.17.i386", "relates_to_product_reference": "2.1AS" }, { "category": "default_component_of", "full_product_name": { "name": "php-pgsql-0:4.1.2-2.17.ia64 as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ", "product_id": "2.1AS:php-pgsql-0:4.1.2-2.17.ia64" }, "product_reference": "php-pgsql-0:4.1.2-2.17.ia64", "relates_to_product_reference": "2.1AS" }, { "category": "default_component_of", "full_product_name": { "name": "php-0:4.1.2-2.17.i386 as a component of Red Hat Linux Advanced Workstation 2.1", "product_id": "2.1AW:php-0:4.1.2-2.17.i386" }, "product_reference": "php-0:4.1.2-2.17.i386", "relates_to_product_reference": "2.1AW" }, { "category": "default_component_of", "full_product_name": { "name": "php-0:4.1.2-2.17.ia64 as a component of Red Hat Linux Advanced Workstation 2.1", "product_id": "2.1AW:php-0:4.1.2-2.17.ia64" }, "product_reference": "php-0:4.1.2-2.17.ia64", "relates_to_product_reference": "2.1AW" }, { "category": "default_component_of", "full_product_name": { "name": "php-0:4.1.2-2.17.src as a component of Red Hat Linux Advanced Workstation 2.1", "product_id": "2.1AW:php-0:4.1.2-2.17.src" }, "product_reference": "php-0:4.1.2-2.17.src", "relates_to_product_reference": "2.1AW" }, { "category": "default_component_of", "full_product_name": { "name": "php-devel-0:4.1.2-2.17.i386 as a component of Red Hat Linux Advanced Workstation 2.1", "product_id": "2.1AW:php-devel-0:4.1.2-2.17.i386" }, "product_reference": "php-devel-0:4.1.2-2.17.i386", "relates_to_product_reference": "2.1AW" }, { "category": "default_component_of", "full_product_name": { "name": "php-devel-0:4.1.2-2.17.ia64 as a component of Red Hat Linux Advanced Workstation 2.1", "product_id": "2.1AW:php-devel-0:4.1.2-2.17.ia64" }, "product_reference": "php-devel-0:4.1.2-2.17.ia64", "relates_to_product_reference": "2.1AW" }, { "category": "default_component_of", "full_product_name": { "name": "php-imap-0:4.1.2-2.17.i386 as a component of Red Hat Linux Advanced Workstation 2.1", "product_id": "2.1AW:php-imap-0:4.1.2-2.17.i386" }, "product_reference": "php-imap-0:4.1.2-2.17.i386", "relates_to_product_reference": "2.1AW" }, { "category": "default_component_of", "full_product_name": { "name": "php-imap-0:4.1.2-2.17.ia64 as a component of Red Hat Linux Advanced Workstation 2.1", "product_id": "2.1AW:php-imap-0:4.1.2-2.17.ia64" }, "product_reference": "php-imap-0:4.1.2-2.17.ia64", "relates_to_product_reference": "2.1AW" }, { "category": "default_component_of", "full_product_name": { "name": "php-ldap-0:4.1.2-2.17.i386 as a component of Red Hat Linux Advanced Workstation 2.1", "product_id": "2.1AW:php-ldap-0:4.1.2-2.17.i386" }, "product_reference": "php-ldap-0:4.1.2-2.17.i386", "relates_to_product_reference": "2.1AW" }, { "category": "default_component_of", "full_product_name": { "name": "php-ldap-0:4.1.2-2.17.ia64 as a component of Red Hat Linux Advanced Workstation 2.1", "product_id": "2.1AW:php-ldap-0:4.1.2-2.17.ia64" }, "product_reference": "php-ldap-0:4.1.2-2.17.ia64", "relates_to_product_reference": "2.1AW" }, { "category": "default_component_of", "full_product_name": { "name": "php-manual-0:4.1.2-2.17.i386 as a component of Red Hat Linux Advanced Workstation 2.1", "product_id": "2.1AW:php-manual-0:4.1.2-2.17.i386" }, "product_reference": "php-manual-0:4.1.2-2.17.i386", "relates_to_product_reference": "2.1AW" }, { "category": "default_component_of", "full_product_name": { "name": "php-manual-0:4.1.2-2.17.ia64 as a component of Red Hat Linux Advanced Workstation 2.1", "product_id": "2.1AW:php-manual-0:4.1.2-2.17.ia64" }, "product_reference": "php-manual-0:4.1.2-2.17.ia64", "relates_to_product_reference": "2.1AW" }, { "category": "default_component_of", "full_product_name": { "name": "php-mysql-0:4.1.2-2.17.i386 as a component of Red Hat Linux Advanced Workstation 2.1", "product_id": "2.1AW:php-mysql-0:4.1.2-2.17.i386" }, "product_reference": "php-mysql-0:4.1.2-2.17.i386", "relates_to_product_reference": "2.1AW" }, { "category": "default_component_of", "full_product_name": { "name": "php-mysql-0:4.1.2-2.17.ia64 as a component of Red Hat Linux Advanced Workstation 2.1", "product_id": "2.1AW:php-mysql-0:4.1.2-2.17.ia64" }, "product_reference": "php-mysql-0:4.1.2-2.17.ia64", "relates_to_product_reference": "2.1AW" }, { "category": "default_component_of", "full_product_name": { "name": "php-odbc-0:4.1.2-2.17.i386 as a component of Red Hat Linux Advanced Workstation 2.1", "product_id": "2.1AW:php-odbc-0:4.1.2-2.17.i386" }, "product_reference": "php-odbc-0:4.1.2-2.17.i386", "relates_to_product_reference": "2.1AW" }, { "category": "default_component_of", "full_product_name": { "name": "php-odbc-0:4.1.2-2.17.ia64 as a component of Red Hat Linux Advanced Workstation 2.1", "product_id": "2.1AW:php-odbc-0:4.1.2-2.17.ia64" }, "product_reference": "php-odbc-0:4.1.2-2.17.ia64", "relates_to_product_reference": "2.1AW" }, { "category": "default_component_of", "full_product_name": { "name": "php-pgsql-0:4.1.2-2.17.i386 as a component of Red Hat Linux Advanced Workstation 2.1", "product_id": "2.1AW:php-pgsql-0:4.1.2-2.17.i386" }, "product_reference": "php-pgsql-0:4.1.2-2.17.i386", "relates_to_product_reference": "2.1AW" }, { "category": "default_component_of", "full_product_name": { "name": "php-pgsql-0:4.1.2-2.17.ia64 as a component of Red Hat Linux Advanced Workstation 2.1", "product_id": "2.1AW:php-pgsql-0:4.1.2-2.17.ia64" }, "product_reference": "php-pgsql-0:4.1.2-2.17.ia64", "relates_to_product_reference": "2.1AW" }, { "category": "default_component_of", "full_product_name": { "name": "php-0:4.1.2-2.17.i386 as a component of Red Hat Enterprise Linux ES version 2.1", "product_id": "2.1ES:php-0:4.1.2-2.17.i386" }, "product_reference": "php-0:4.1.2-2.17.i386", "relates_to_product_reference": "2.1ES" }, { "category": "default_component_of", "full_product_name": { "name": "php-0:4.1.2-2.17.ia64 as a component of Red Hat Enterprise Linux ES version 2.1", "product_id": "2.1ES:php-0:4.1.2-2.17.ia64" }, "product_reference": "php-0:4.1.2-2.17.ia64", "relates_to_product_reference": "2.1ES" }, { "category": "default_component_of", "full_product_name": { "name": "php-0:4.1.2-2.17.src as a component of Red Hat Enterprise Linux ES version 2.1", "product_id": "2.1ES:php-0:4.1.2-2.17.src" }, "product_reference": "php-0:4.1.2-2.17.src", "relates_to_product_reference": "2.1ES" }, { "category": "default_component_of", "full_product_name": { "name": "php-devel-0:4.1.2-2.17.i386 as a component of Red Hat Enterprise Linux ES version 2.1", "product_id": "2.1ES:php-devel-0:4.1.2-2.17.i386" }, "product_reference": "php-devel-0:4.1.2-2.17.i386", "relates_to_product_reference": "2.1ES" }, { "category": "default_component_of", "full_product_name": { "name": "php-devel-0:4.1.2-2.17.ia64 as a component of Red Hat Enterprise Linux ES version 2.1", "product_id": "2.1ES:php-devel-0:4.1.2-2.17.ia64" }, "product_reference": "php-devel-0:4.1.2-2.17.ia64", "relates_to_product_reference": "2.1ES" }, { "category": "default_component_of", "full_product_name": { "name": "php-imap-0:4.1.2-2.17.i386 as a component of Red Hat Enterprise Linux ES version 2.1", "product_id": "2.1ES:php-imap-0:4.1.2-2.17.i386" }, "product_reference": "php-imap-0:4.1.2-2.17.i386", "relates_to_product_reference": "2.1ES" }, { "category": "default_component_of", "full_product_name": { "name": "php-imap-0:4.1.2-2.17.ia64 as a component of Red Hat Enterprise Linux ES version 2.1", "product_id": "2.1ES:php-imap-0:4.1.2-2.17.ia64" }, "product_reference": "php-imap-0:4.1.2-2.17.ia64", "relates_to_product_reference": "2.1ES" }, { "category": "default_component_of", "full_product_name": { "name": "php-ldap-0:4.1.2-2.17.i386 as a component of Red Hat Enterprise Linux ES version 2.1", "product_id": "2.1ES:php-ldap-0:4.1.2-2.17.i386" }, "product_reference": "php-ldap-0:4.1.2-2.17.i386", "relates_to_product_reference": "2.1ES" }, { "category": "default_component_of", "full_product_name": { "name": "php-ldap-0:4.1.2-2.17.ia64 as a component of Red Hat Enterprise Linux ES version 2.1", "product_id": "2.1ES:php-ldap-0:4.1.2-2.17.ia64" }, "product_reference": "php-ldap-0:4.1.2-2.17.ia64", "relates_to_product_reference": "2.1ES" }, { "category": "default_component_of", "full_product_name": { "name": "php-manual-0:4.1.2-2.17.i386 as a component of Red Hat Enterprise Linux ES version 2.1", "product_id": "2.1ES:php-manual-0:4.1.2-2.17.i386" }, "product_reference": "php-manual-0:4.1.2-2.17.i386", "relates_to_product_reference": "2.1ES" }, { "category": "default_component_of", "full_product_name": { "name": "php-manual-0:4.1.2-2.17.ia64 as a component of Red Hat Enterprise Linux ES version 2.1", "product_id": "2.1ES:php-manual-0:4.1.2-2.17.ia64" }, "product_reference": "php-manual-0:4.1.2-2.17.ia64", "relates_to_product_reference": "2.1ES" }, { "category": "default_component_of", "full_product_name": { "name": "php-mysql-0:4.1.2-2.17.i386 as a component of Red Hat Enterprise Linux ES version 2.1", "product_id": "2.1ES:php-mysql-0:4.1.2-2.17.i386" }, "product_reference": "php-mysql-0:4.1.2-2.17.i386", "relates_to_product_reference": "2.1ES" }, { "category": "default_component_of", "full_product_name": { "name": "php-mysql-0:4.1.2-2.17.ia64 as a component of Red Hat Enterprise Linux ES version 2.1", "product_id": "2.1ES:php-mysql-0:4.1.2-2.17.ia64" }, "product_reference": "php-mysql-0:4.1.2-2.17.ia64", "relates_to_product_reference": "2.1ES" }, { "category": "default_component_of", "full_product_name": { "name": "php-odbc-0:4.1.2-2.17.i386 as a component of Red Hat Enterprise Linux ES version 2.1", "product_id": "2.1ES:php-odbc-0:4.1.2-2.17.i386" }, "product_reference": "php-odbc-0:4.1.2-2.17.i386", "relates_to_product_reference": "2.1ES" }, { "category": "default_component_of", "full_product_name": { "name": "php-odbc-0:4.1.2-2.17.ia64 as a component of Red Hat Enterprise Linux ES version 2.1", "product_id": "2.1ES:php-odbc-0:4.1.2-2.17.ia64" }, "product_reference": "php-odbc-0:4.1.2-2.17.ia64", "relates_to_product_reference": "2.1ES" }, { "category": "default_component_of", "full_product_name": { "name": "php-pgsql-0:4.1.2-2.17.i386 as a component of Red Hat Enterprise Linux ES version 2.1", "product_id": "2.1ES:php-pgsql-0:4.1.2-2.17.i386" }, "product_reference": "php-pgsql-0:4.1.2-2.17.i386", "relates_to_product_reference": "2.1ES" }, { "category": "default_component_of", "full_product_name": { "name": "php-pgsql-0:4.1.2-2.17.ia64 as a component of Red Hat Enterprise Linux ES version 2.1", "product_id": "2.1ES:php-pgsql-0:4.1.2-2.17.ia64" }, "product_reference": "php-pgsql-0:4.1.2-2.17.ia64", "relates_to_product_reference": "2.1ES" }, { "category": "default_component_of", "full_product_name": { "name": "php-0:4.1.2-2.17.i386 as a component of Red Hat Enterprise Linux WS version 2.1", "product_id": "2.1WS:php-0:4.1.2-2.17.i386" }, "product_reference": "php-0:4.1.2-2.17.i386", "relates_to_product_reference": "2.1WS" }, { "category": "default_component_of", "full_product_name": { "name": "php-0:4.1.2-2.17.ia64 as a component of Red Hat Enterprise Linux WS version 2.1", "product_id": "2.1WS:php-0:4.1.2-2.17.ia64" }, "product_reference": "php-0:4.1.2-2.17.ia64", "relates_to_product_reference": "2.1WS" }, { "category": "default_component_of", "full_product_name": { "name": "php-0:4.1.2-2.17.src as a component of Red Hat Enterprise Linux WS version 2.1", "product_id": "2.1WS:php-0:4.1.2-2.17.src" }, "product_reference": "php-0:4.1.2-2.17.src", "relates_to_product_reference": "2.1WS" }, { "category": "default_component_of", "full_product_name": { "name": "php-devel-0:4.1.2-2.17.i386 as a component of Red Hat Enterprise Linux WS version 2.1", "product_id": "2.1WS:php-devel-0:4.1.2-2.17.i386" }, "product_reference": "php-devel-0:4.1.2-2.17.i386", "relates_to_product_reference": "2.1WS" }, { "category": "default_component_of", "full_product_name": { "name": "php-devel-0:4.1.2-2.17.ia64 as a component of Red Hat Enterprise Linux WS version 2.1", "product_id": "2.1WS:php-devel-0:4.1.2-2.17.ia64" }, "product_reference": "php-devel-0:4.1.2-2.17.ia64", "relates_to_product_reference": "2.1WS" }, { "category": "default_component_of", "full_product_name": { "name": "php-imap-0:4.1.2-2.17.i386 as a component of Red Hat Enterprise Linux WS version 2.1", "product_id": "2.1WS:php-imap-0:4.1.2-2.17.i386" }, "product_reference": "php-imap-0:4.1.2-2.17.i386", "relates_to_product_reference": "2.1WS" }, { "category": "default_component_of", "full_product_name": { "name": "php-imap-0:4.1.2-2.17.ia64 as a component of Red Hat Enterprise Linux WS version 2.1", "product_id": "2.1WS:php-imap-0:4.1.2-2.17.ia64" }, "product_reference": "php-imap-0:4.1.2-2.17.ia64", "relates_to_product_reference": "2.1WS" }, { "category": "default_component_of", "full_product_name": { "name": "php-ldap-0:4.1.2-2.17.i386 as a component of Red Hat Enterprise Linux WS version 2.1", "product_id": "2.1WS:php-ldap-0:4.1.2-2.17.i386" }, "product_reference": "php-ldap-0:4.1.2-2.17.i386", "relates_to_product_reference": "2.1WS" }, { "category": "default_component_of", "full_product_name": { "name": "php-ldap-0:4.1.2-2.17.ia64 as a component of Red Hat Enterprise Linux WS version 2.1", "product_id": "2.1WS:php-ldap-0:4.1.2-2.17.ia64" }, "product_reference": "php-ldap-0:4.1.2-2.17.ia64", "relates_to_product_reference": "2.1WS" }, { "category": "default_component_of", "full_product_name": { "name": "php-manual-0:4.1.2-2.17.i386 as a component of Red Hat Enterprise Linux WS version 2.1", "product_id": "2.1WS:php-manual-0:4.1.2-2.17.i386" }, "product_reference": "php-manual-0:4.1.2-2.17.i386", "relates_to_product_reference": "2.1WS" }, { "category": "default_component_of", "full_product_name": { "name": "php-manual-0:4.1.2-2.17.ia64 as a component of Red Hat Enterprise Linux WS version 2.1", "product_id": "2.1WS:php-manual-0:4.1.2-2.17.ia64" }, "product_reference": "php-manual-0:4.1.2-2.17.ia64", "relates_to_product_reference": "2.1WS" }, { "category": "default_component_of", "full_product_name": { "name": "php-mysql-0:4.1.2-2.17.i386 as a component of Red Hat Enterprise Linux WS version 2.1", "product_id": "2.1WS:php-mysql-0:4.1.2-2.17.i386" }, "product_reference": "php-mysql-0:4.1.2-2.17.i386", "relates_to_product_reference": "2.1WS" }, { "category": "default_component_of", "full_product_name": { "name": "php-mysql-0:4.1.2-2.17.ia64 as a component of Red Hat Enterprise Linux WS version 2.1", "product_id": "2.1WS:php-mysql-0:4.1.2-2.17.ia64" }, "product_reference": "php-mysql-0:4.1.2-2.17.ia64", "relates_to_product_reference": "2.1WS" }, { "category": "default_component_of", "full_product_name": { "name": "php-odbc-0:4.1.2-2.17.i386 as a component of Red Hat Enterprise Linux WS version 2.1", "product_id": "2.1WS:php-odbc-0:4.1.2-2.17.i386" }, "product_reference": "php-odbc-0:4.1.2-2.17.i386", "relates_to_product_reference": "2.1WS" }, { "category": "default_component_of", "full_product_name": { "name": "php-odbc-0:4.1.2-2.17.ia64 as a component of Red Hat Enterprise Linux WS version 2.1", "product_id": "2.1WS:php-odbc-0:4.1.2-2.17.ia64" }, "product_reference": "php-odbc-0:4.1.2-2.17.ia64", "relates_to_product_reference": "2.1WS" }, { "category": "default_component_of", "full_product_name": { "name": "php-pgsql-0:4.1.2-2.17.i386 as a component of Red Hat Enterprise Linux WS version 2.1", "product_id": "2.1WS:php-pgsql-0:4.1.2-2.17.i386" }, "product_reference": "php-pgsql-0:4.1.2-2.17.i386", "relates_to_product_reference": "2.1WS" }, { "category": "default_component_of", "full_product_name": { "name": "php-pgsql-0:4.1.2-2.17.ia64 as a component of Red Hat Enterprise Linux WS version 2.1", "product_id": "2.1WS:php-pgsql-0:4.1.2-2.17.ia64" }, "product_reference": "php-pgsql-0:4.1.2-2.17.ia64", "relates_to_product_reference": "2.1WS" } ] }, "vulnerabilities": [ { "cve": "CVE-2007-1285", "discovery_date": "2007-03-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618296" } ], "notes": [ { "category": "description", "text": "The Zend Engine in PHP 4.x before 4.4.7, and 5.x before 5.2.2, allows remote attackers to cause a denial of service (stack exhaustion and PHP crash) via deeply nested arrays, which trigger deep recursion in the variable destruction routines.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "2.1AS:php-0:4.1.2-2.17.i386", "2.1AS:php-0:4.1.2-2.17.ia64", "2.1AS:php-0:4.1.2-2.17.src", "2.1AS:php-devel-0:4.1.2-2.17.i386", "2.1AS:php-devel-0:4.1.2-2.17.ia64", "2.1AS:php-imap-0:4.1.2-2.17.i386", "2.1AS:php-imap-0:4.1.2-2.17.ia64", "2.1AS:php-ldap-0:4.1.2-2.17.i386", "2.1AS:php-ldap-0:4.1.2-2.17.ia64", "2.1AS:php-manual-0:4.1.2-2.17.i386", "2.1AS:php-manual-0:4.1.2-2.17.ia64", "2.1AS:php-mysql-0:4.1.2-2.17.i386", "2.1AS:php-mysql-0:4.1.2-2.17.ia64", "2.1AS:php-odbc-0:4.1.2-2.17.i386", "2.1AS:php-odbc-0:4.1.2-2.17.ia64", "2.1AS:php-pgsql-0:4.1.2-2.17.i386", "2.1AS:php-pgsql-0:4.1.2-2.17.ia64", "2.1AW:php-0:4.1.2-2.17.i386", "2.1AW:php-0:4.1.2-2.17.ia64", "2.1AW:php-0:4.1.2-2.17.src", "2.1AW:php-devel-0:4.1.2-2.17.i386", "2.1AW:php-devel-0:4.1.2-2.17.ia64", "2.1AW:php-imap-0:4.1.2-2.17.i386", "2.1AW:php-imap-0:4.1.2-2.17.ia64", "2.1AW:php-ldap-0:4.1.2-2.17.i386", "2.1AW:php-ldap-0:4.1.2-2.17.ia64", "2.1AW:php-manual-0:4.1.2-2.17.i386", "2.1AW:php-manual-0:4.1.2-2.17.ia64", "2.1AW:php-mysql-0:4.1.2-2.17.i386", "2.1AW:php-mysql-0:4.1.2-2.17.ia64", "2.1AW:php-odbc-0:4.1.2-2.17.i386", "2.1AW:php-odbc-0:4.1.2-2.17.ia64", "2.1AW:php-pgsql-0:4.1.2-2.17.i386", "2.1AW:php-pgsql-0:4.1.2-2.17.ia64", "2.1ES:php-0:4.1.2-2.17.i386", "2.1ES:php-0:4.1.2-2.17.ia64", "2.1ES:php-0:4.1.2-2.17.src", "2.1ES:php-devel-0:4.1.2-2.17.i386", "2.1ES:php-devel-0:4.1.2-2.17.ia64", "2.1ES:php-imap-0:4.1.2-2.17.i386", "2.1ES:php-imap-0:4.1.2-2.17.ia64", "2.1ES:php-ldap-0:4.1.2-2.17.i386", "2.1ES:php-ldap-0:4.1.2-2.17.ia64", "2.1ES:php-manual-0:4.1.2-2.17.i386", "2.1ES:php-manual-0:4.1.2-2.17.ia64", "2.1ES:php-mysql-0:4.1.2-2.17.i386", "2.1ES:php-mysql-0:4.1.2-2.17.ia64", "2.1ES:php-odbc-0:4.1.2-2.17.i386", "2.1ES:php-odbc-0:4.1.2-2.17.ia64", "2.1ES:php-pgsql-0:4.1.2-2.17.i386", "2.1ES:php-pgsql-0:4.1.2-2.17.ia64", "2.1WS:php-0:4.1.2-2.17.i386", "2.1WS:php-0:4.1.2-2.17.ia64", "2.1WS:php-0:4.1.2-2.17.src", "2.1WS:php-devel-0:4.1.2-2.17.i386", "2.1WS:php-devel-0:4.1.2-2.17.ia64", "2.1WS:php-imap-0:4.1.2-2.17.i386", "2.1WS:php-imap-0:4.1.2-2.17.ia64", "2.1WS:php-ldap-0:4.1.2-2.17.i386", "2.1WS:php-ldap-0:4.1.2-2.17.ia64", "2.1WS:php-manual-0:4.1.2-2.17.i386", "2.1WS:php-manual-0:4.1.2-2.17.ia64", "2.1WS:php-mysql-0:4.1.2-2.17.i386", "2.1WS:php-mysql-0:4.1.2-2.17.ia64", "2.1WS:php-odbc-0:4.1.2-2.17.i386", "2.1WS:php-odbc-0:4.1.2-2.17.ia64", "2.1WS:php-pgsql-0:4.1.2-2.17.i386", "2.1WS:php-pgsql-0:4.1.2-2.17.ia64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2007-1285" }, { "category": "external", "summary": "RHBZ#1618296", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618296" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2007-1285", "url": "https://www.cve.org/CVERecord?id=CVE-2007-1285" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2007-1285", "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-1285" } ], "release_date": "2007-03-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2007-04-16T15:38:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied. \n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", "product_ids": [ "2.1AS:php-0:4.1.2-2.17.i386", "2.1AS:php-0:4.1.2-2.17.ia64", "2.1AS:php-0:4.1.2-2.17.src", "2.1AS:php-devel-0:4.1.2-2.17.i386", "2.1AS:php-devel-0:4.1.2-2.17.ia64", "2.1AS:php-imap-0:4.1.2-2.17.i386", "2.1AS:php-imap-0:4.1.2-2.17.ia64", "2.1AS:php-ldap-0:4.1.2-2.17.i386", "2.1AS:php-ldap-0:4.1.2-2.17.ia64", "2.1AS:php-manual-0:4.1.2-2.17.i386", "2.1AS:php-manual-0:4.1.2-2.17.ia64", "2.1AS:php-mysql-0:4.1.2-2.17.i386", "2.1AS:php-mysql-0:4.1.2-2.17.ia64", "2.1AS:php-odbc-0:4.1.2-2.17.i386", "2.1AS:php-odbc-0:4.1.2-2.17.ia64", "2.1AS:php-pgsql-0:4.1.2-2.17.i386", "2.1AS:php-pgsql-0:4.1.2-2.17.ia64", "2.1AW:php-0:4.1.2-2.17.i386", "2.1AW:php-0:4.1.2-2.17.ia64", "2.1AW:php-0:4.1.2-2.17.src", "2.1AW:php-devel-0:4.1.2-2.17.i386", "2.1AW:php-devel-0:4.1.2-2.17.ia64", "2.1AW:php-imap-0:4.1.2-2.17.i386", "2.1AW:php-imap-0:4.1.2-2.17.ia64", "2.1AW:php-ldap-0:4.1.2-2.17.i386", "2.1AW:php-ldap-0:4.1.2-2.17.ia64", "2.1AW:php-manual-0:4.1.2-2.17.i386", "2.1AW:php-manual-0:4.1.2-2.17.ia64", "2.1AW:php-mysql-0:4.1.2-2.17.i386", "2.1AW:php-mysql-0:4.1.2-2.17.ia64", "2.1AW:php-odbc-0:4.1.2-2.17.i386", "2.1AW:php-odbc-0:4.1.2-2.17.ia64", "2.1AW:php-pgsql-0:4.1.2-2.17.i386", "2.1AW:php-pgsql-0:4.1.2-2.17.ia64", "2.1ES:php-0:4.1.2-2.17.i386", "2.1ES:php-0:4.1.2-2.17.ia64", "2.1ES:php-0:4.1.2-2.17.src", "2.1ES:php-devel-0:4.1.2-2.17.i386", "2.1ES:php-devel-0:4.1.2-2.17.ia64", "2.1ES:php-imap-0:4.1.2-2.17.i386", "2.1ES:php-imap-0:4.1.2-2.17.ia64", "2.1ES:php-ldap-0:4.1.2-2.17.i386", "2.1ES:php-ldap-0:4.1.2-2.17.ia64", "2.1ES:php-manual-0:4.1.2-2.17.i386", "2.1ES:php-manual-0:4.1.2-2.17.ia64", "2.1ES:php-mysql-0:4.1.2-2.17.i386", "2.1ES:php-mysql-0:4.1.2-2.17.ia64", "2.1ES:php-odbc-0:4.1.2-2.17.i386", "2.1ES:php-odbc-0:4.1.2-2.17.ia64", "2.1ES:php-pgsql-0:4.1.2-2.17.i386", "2.1ES:php-pgsql-0:4.1.2-2.17.ia64", "2.1WS:php-0:4.1.2-2.17.i386", "2.1WS:php-0:4.1.2-2.17.ia64", "2.1WS:php-0:4.1.2-2.17.src", "2.1WS:php-devel-0:4.1.2-2.17.i386", "2.1WS:php-devel-0:4.1.2-2.17.ia64", "2.1WS:php-imap-0:4.1.2-2.17.i386", "2.1WS:php-imap-0:4.1.2-2.17.ia64", "2.1WS:php-ldap-0:4.1.2-2.17.i386", "2.1WS:php-ldap-0:4.1.2-2.17.ia64", "2.1WS:php-manual-0:4.1.2-2.17.i386", "2.1WS:php-manual-0:4.1.2-2.17.ia64", "2.1WS:php-mysql-0:4.1.2-2.17.i386", "2.1WS:php-mysql-0:4.1.2-2.17.ia64", "2.1WS:php-odbc-0:4.1.2-2.17.i386", "2.1WS:php-odbc-0:4.1.2-2.17.ia64", "2.1WS:php-pgsql-0:4.1.2-2.17.i386", "2.1WS:php-pgsql-0:4.1.2-2.17.ia64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2007:0154" } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "security flaw" }, { "cve": "CVE-2007-1286", "discovery_date": "2007-03-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618297" } ], "notes": [ { "category": "description", "text": "Integer overflow in PHP 4.4.4 and earlier allows remote context-dependent attackers to execute arbitrary code via a long string to the unserialize function, which triggers the overflow in the ZVAL reference counter.", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "2.1AS:php-0:4.1.2-2.17.i386", "2.1AS:php-0:4.1.2-2.17.ia64", "2.1AS:php-0:4.1.2-2.17.src", "2.1AS:php-devel-0:4.1.2-2.17.i386", "2.1AS:php-devel-0:4.1.2-2.17.ia64", "2.1AS:php-imap-0:4.1.2-2.17.i386", "2.1AS:php-imap-0:4.1.2-2.17.ia64", "2.1AS:php-ldap-0:4.1.2-2.17.i386", "2.1AS:php-ldap-0:4.1.2-2.17.ia64", "2.1AS:php-manual-0:4.1.2-2.17.i386", "2.1AS:php-manual-0:4.1.2-2.17.ia64", "2.1AS:php-mysql-0:4.1.2-2.17.i386", "2.1AS:php-mysql-0:4.1.2-2.17.ia64", "2.1AS:php-odbc-0:4.1.2-2.17.i386", "2.1AS:php-odbc-0:4.1.2-2.17.ia64", "2.1AS:php-pgsql-0:4.1.2-2.17.i386", "2.1AS:php-pgsql-0:4.1.2-2.17.ia64", "2.1AW:php-0:4.1.2-2.17.i386", "2.1AW:php-0:4.1.2-2.17.ia64", "2.1AW:php-0:4.1.2-2.17.src", "2.1AW:php-devel-0:4.1.2-2.17.i386", "2.1AW:php-devel-0:4.1.2-2.17.ia64", "2.1AW:php-imap-0:4.1.2-2.17.i386", "2.1AW:php-imap-0:4.1.2-2.17.ia64", "2.1AW:php-ldap-0:4.1.2-2.17.i386", "2.1AW:php-ldap-0:4.1.2-2.17.ia64", "2.1AW:php-manual-0:4.1.2-2.17.i386", "2.1AW:php-manual-0:4.1.2-2.17.ia64", "2.1AW:php-mysql-0:4.1.2-2.17.i386", "2.1AW:php-mysql-0:4.1.2-2.17.ia64", "2.1AW:php-odbc-0:4.1.2-2.17.i386", "2.1AW:php-odbc-0:4.1.2-2.17.ia64", "2.1AW:php-pgsql-0:4.1.2-2.17.i386", "2.1AW:php-pgsql-0:4.1.2-2.17.ia64", "2.1ES:php-0:4.1.2-2.17.i386", "2.1ES:php-0:4.1.2-2.17.ia64", "2.1ES:php-0:4.1.2-2.17.src", "2.1ES:php-devel-0:4.1.2-2.17.i386", "2.1ES:php-devel-0:4.1.2-2.17.ia64", "2.1ES:php-imap-0:4.1.2-2.17.i386", "2.1ES:php-imap-0:4.1.2-2.17.ia64", "2.1ES:php-ldap-0:4.1.2-2.17.i386", "2.1ES:php-ldap-0:4.1.2-2.17.ia64", "2.1ES:php-manual-0:4.1.2-2.17.i386", "2.1ES:php-manual-0:4.1.2-2.17.ia64", "2.1ES:php-mysql-0:4.1.2-2.17.i386", "2.1ES:php-mysql-0:4.1.2-2.17.ia64", "2.1ES:php-odbc-0:4.1.2-2.17.i386", "2.1ES:php-odbc-0:4.1.2-2.17.ia64", "2.1ES:php-pgsql-0:4.1.2-2.17.i386", "2.1ES:php-pgsql-0:4.1.2-2.17.ia64", "2.1WS:php-0:4.1.2-2.17.i386", "2.1WS:php-0:4.1.2-2.17.ia64", "2.1WS:php-0:4.1.2-2.17.src", "2.1WS:php-devel-0:4.1.2-2.17.i386", "2.1WS:php-devel-0:4.1.2-2.17.ia64", "2.1WS:php-imap-0:4.1.2-2.17.i386", "2.1WS:php-imap-0:4.1.2-2.17.ia64", "2.1WS:php-ldap-0:4.1.2-2.17.i386", "2.1WS:php-ldap-0:4.1.2-2.17.ia64", "2.1WS:php-manual-0:4.1.2-2.17.i386", "2.1WS:php-manual-0:4.1.2-2.17.ia64", "2.1WS:php-mysql-0:4.1.2-2.17.i386", "2.1WS:php-mysql-0:4.1.2-2.17.ia64", "2.1WS:php-odbc-0:4.1.2-2.17.i386", "2.1WS:php-odbc-0:4.1.2-2.17.ia64", "2.1WS:php-pgsql-0:4.1.2-2.17.i386", "2.1WS:php-pgsql-0:4.1.2-2.17.ia64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2007-1286" }, { "category": "external", "summary": "RHBZ#1618297", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618297" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2007-1286", "url": "https://www.cve.org/CVERecord?id=CVE-2007-1286" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2007-1286", "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-1286" } ], "release_date": "2007-03-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2007-04-16T15:38:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied. \n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", "product_ids": [ "2.1AS:php-0:4.1.2-2.17.i386", "2.1AS:php-0:4.1.2-2.17.ia64", "2.1AS:php-0:4.1.2-2.17.src", "2.1AS:php-devel-0:4.1.2-2.17.i386", "2.1AS:php-devel-0:4.1.2-2.17.ia64", "2.1AS:php-imap-0:4.1.2-2.17.i386", "2.1AS:php-imap-0:4.1.2-2.17.ia64", "2.1AS:php-ldap-0:4.1.2-2.17.i386", "2.1AS:php-ldap-0:4.1.2-2.17.ia64", "2.1AS:php-manual-0:4.1.2-2.17.i386", "2.1AS:php-manual-0:4.1.2-2.17.ia64", "2.1AS:php-mysql-0:4.1.2-2.17.i386", "2.1AS:php-mysql-0:4.1.2-2.17.ia64", "2.1AS:php-odbc-0:4.1.2-2.17.i386", "2.1AS:php-odbc-0:4.1.2-2.17.ia64", "2.1AS:php-pgsql-0:4.1.2-2.17.i386", "2.1AS:php-pgsql-0:4.1.2-2.17.ia64", "2.1AW:php-0:4.1.2-2.17.i386", "2.1AW:php-0:4.1.2-2.17.ia64", "2.1AW:php-0:4.1.2-2.17.src", "2.1AW:php-devel-0:4.1.2-2.17.i386", "2.1AW:php-devel-0:4.1.2-2.17.ia64", "2.1AW:php-imap-0:4.1.2-2.17.i386", "2.1AW:php-imap-0:4.1.2-2.17.ia64", "2.1AW:php-ldap-0:4.1.2-2.17.i386", "2.1AW:php-ldap-0:4.1.2-2.17.ia64", "2.1AW:php-manual-0:4.1.2-2.17.i386", "2.1AW:php-manual-0:4.1.2-2.17.ia64", "2.1AW:php-mysql-0:4.1.2-2.17.i386", "2.1AW:php-mysql-0:4.1.2-2.17.ia64", "2.1AW:php-odbc-0:4.1.2-2.17.i386", "2.1AW:php-odbc-0:4.1.2-2.17.ia64", "2.1AW:php-pgsql-0:4.1.2-2.17.i386", "2.1AW:php-pgsql-0:4.1.2-2.17.ia64", "2.1ES:php-0:4.1.2-2.17.i386", "2.1ES:php-0:4.1.2-2.17.ia64", "2.1ES:php-0:4.1.2-2.17.src", "2.1ES:php-devel-0:4.1.2-2.17.i386", "2.1ES:php-devel-0:4.1.2-2.17.ia64", "2.1ES:php-imap-0:4.1.2-2.17.i386", "2.1ES:php-imap-0:4.1.2-2.17.ia64", "2.1ES:php-ldap-0:4.1.2-2.17.i386", "2.1ES:php-ldap-0:4.1.2-2.17.ia64", "2.1ES:php-manual-0:4.1.2-2.17.i386", "2.1ES:php-manual-0:4.1.2-2.17.ia64", "2.1ES:php-mysql-0:4.1.2-2.17.i386", "2.1ES:php-mysql-0:4.1.2-2.17.ia64", "2.1ES:php-odbc-0:4.1.2-2.17.i386", "2.1ES:php-odbc-0:4.1.2-2.17.ia64", "2.1ES:php-pgsql-0:4.1.2-2.17.i386", "2.1ES:php-pgsql-0:4.1.2-2.17.ia64", "2.1WS:php-0:4.1.2-2.17.i386", "2.1WS:php-0:4.1.2-2.17.ia64", "2.1WS:php-0:4.1.2-2.17.src", "2.1WS:php-devel-0:4.1.2-2.17.i386", "2.1WS:php-devel-0:4.1.2-2.17.ia64", "2.1WS:php-imap-0:4.1.2-2.17.i386", "2.1WS:php-imap-0:4.1.2-2.17.ia64", "2.1WS:php-ldap-0:4.1.2-2.17.i386", "2.1WS:php-ldap-0:4.1.2-2.17.ia64", "2.1WS:php-manual-0:4.1.2-2.17.i386", "2.1WS:php-manual-0:4.1.2-2.17.ia64", "2.1WS:php-mysql-0:4.1.2-2.17.i386", "2.1WS:php-mysql-0:4.1.2-2.17.ia64", "2.1WS:php-odbc-0:4.1.2-2.17.i386", "2.1WS:php-odbc-0:4.1.2-2.17.ia64", "2.1WS:php-pgsql-0:4.1.2-2.17.i386", "2.1WS:php-pgsql-0:4.1.2-2.17.ia64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2007:0154" } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "security flaw" }, { "cve": "CVE-2007-1711", "discovery_date": "2007-03-25T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1618304" } ], "notes": [ { "category": "description", "text": "Double free vulnerability in the unserializer in PHP 4.4.5 and 4.4.6 allows context-dependent attackers to execute arbitrary code by overwriting variables pointing to (1) the GLOBALS array or (2) the session data in _SESSION. NOTE: this issue was introduced when attempting to patch CVE-2007-1701 (MOPB-31-2007).", "title": "Vulnerability description" }, { "category": "summary", "text": "security flaw", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "2.1AS:php-0:4.1.2-2.17.i386", "2.1AS:php-0:4.1.2-2.17.ia64", "2.1AS:php-0:4.1.2-2.17.src", "2.1AS:php-devel-0:4.1.2-2.17.i386", "2.1AS:php-devel-0:4.1.2-2.17.ia64", "2.1AS:php-imap-0:4.1.2-2.17.i386", "2.1AS:php-imap-0:4.1.2-2.17.ia64", "2.1AS:php-ldap-0:4.1.2-2.17.i386", "2.1AS:php-ldap-0:4.1.2-2.17.ia64", "2.1AS:php-manual-0:4.1.2-2.17.i386", "2.1AS:php-manual-0:4.1.2-2.17.ia64", "2.1AS:php-mysql-0:4.1.2-2.17.i386", "2.1AS:php-mysql-0:4.1.2-2.17.ia64", "2.1AS:php-odbc-0:4.1.2-2.17.i386", "2.1AS:php-odbc-0:4.1.2-2.17.ia64", "2.1AS:php-pgsql-0:4.1.2-2.17.i386", "2.1AS:php-pgsql-0:4.1.2-2.17.ia64", "2.1AW:php-0:4.1.2-2.17.i386", "2.1AW:php-0:4.1.2-2.17.ia64", "2.1AW:php-0:4.1.2-2.17.src", "2.1AW:php-devel-0:4.1.2-2.17.i386", "2.1AW:php-devel-0:4.1.2-2.17.ia64", "2.1AW:php-imap-0:4.1.2-2.17.i386", "2.1AW:php-imap-0:4.1.2-2.17.ia64", "2.1AW:php-ldap-0:4.1.2-2.17.i386", "2.1AW:php-ldap-0:4.1.2-2.17.ia64", "2.1AW:php-manual-0:4.1.2-2.17.i386", "2.1AW:php-manual-0:4.1.2-2.17.ia64", "2.1AW:php-mysql-0:4.1.2-2.17.i386", "2.1AW:php-mysql-0:4.1.2-2.17.ia64", "2.1AW:php-odbc-0:4.1.2-2.17.i386", "2.1AW:php-odbc-0:4.1.2-2.17.ia64", "2.1AW:php-pgsql-0:4.1.2-2.17.i386", "2.1AW:php-pgsql-0:4.1.2-2.17.ia64", "2.1ES:php-0:4.1.2-2.17.i386", "2.1ES:php-0:4.1.2-2.17.ia64", "2.1ES:php-0:4.1.2-2.17.src", "2.1ES:php-devel-0:4.1.2-2.17.i386", "2.1ES:php-devel-0:4.1.2-2.17.ia64", "2.1ES:php-imap-0:4.1.2-2.17.i386", "2.1ES:php-imap-0:4.1.2-2.17.ia64", "2.1ES:php-ldap-0:4.1.2-2.17.i386", "2.1ES:php-ldap-0:4.1.2-2.17.ia64", "2.1ES:php-manual-0:4.1.2-2.17.i386", "2.1ES:php-manual-0:4.1.2-2.17.ia64", "2.1ES:php-mysql-0:4.1.2-2.17.i386", "2.1ES:php-mysql-0:4.1.2-2.17.ia64", "2.1ES:php-odbc-0:4.1.2-2.17.i386", "2.1ES:php-odbc-0:4.1.2-2.17.ia64", "2.1ES:php-pgsql-0:4.1.2-2.17.i386", "2.1ES:php-pgsql-0:4.1.2-2.17.ia64", "2.1WS:php-0:4.1.2-2.17.i386", "2.1WS:php-0:4.1.2-2.17.ia64", "2.1WS:php-0:4.1.2-2.17.src", "2.1WS:php-devel-0:4.1.2-2.17.i386", "2.1WS:php-devel-0:4.1.2-2.17.ia64", "2.1WS:php-imap-0:4.1.2-2.17.i386", "2.1WS:php-imap-0:4.1.2-2.17.ia64", "2.1WS:php-ldap-0:4.1.2-2.17.i386", "2.1WS:php-ldap-0:4.1.2-2.17.ia64", "2.1WS:php-manual-0:4.1.2-2.17.i386", "2.1WS:php-manual-0:4.1.2-2.17.ia64", "2.1WS:php-mysql-0:4.1.2-2.17.i386", "2.1WS:php-mysql-0:4.1.2-2.17.ia64", "2.1WS:php-odbc-0:4.1.2-2.17.i386", "2.1WS:php-odbc-0:4.1.2-2.17.ia64", "2.1WS:php-pgsql-0:4.1.2-2.17.i386", "2.1WS:php-pgsql-0:4.1.2-2.17.ia64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2007-1711" }, { "category": "external", "summary": "RHBZ#1618304", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618304" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2007-1711", "url": "https://www.cve.org/CVERecord?id=CVE-2007-1711" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2007-1711", "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-1711" } ], "release_date": "2007-03-25T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2007-04-16T15:38:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied. \n\nThis update is available via Red Hat Network. Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188", "product_ids": [ "2.1AS:php-0:4.1.2-2.17.i386", "2.1AS:php-0:4.1.2-2.17.ia64", "2.1AS:php-0:4.1.2-2.17.src", "2.1AS:php-devel-0:4.1.2-2.17.i386", "2.1AS:php-devel-0:4.1.2-2.17.ia64", "2.1AS:php-imap-0:4.1.2-2.17.i386", "2.1AS:php-imap-0:4.1.2-2.17.ia64", "2.1AS:php-ldap-0:4.1.2-2.17.i386", "2.1AS:php-ldap-0:4.1.2-2.17.ia64", "2.1AS:php-manual-0:4.1.2-2.17.i386", "2.1AS:php-manual-0:4.1.2-2.17.ia64", "2.1AS:php-mysql-0:4.1.2-2.17.i386", "2.1AS:php-mysql-0:4.1.2-2.17.ia64", "2.1AS:php-odbc-0:4.1.2-2.17.i386", "2.1AS:php-odbc-0:4.1.2-2.17.ia64", "2.1AS:php-pgsql-0:4.1.2-2.17.i386", "2.1AS:php-pgsql-0:4.1.2-2.17.ia64", "2.1AW:php-0:4.1.2-2.17.i386", "2.1AW:php-0:4.1.2-2.17.ia64", "2.1AW:php-0:4.1.2-2.17.src", "2.1AW:php-devel-0:4.1.2-2.17.i386", "2.1AW:php-devel-0:4.1.2-2.17.ia64", "2.1AW:php-imap-0:4.1.2-2.17.i386", "2.1AW:php-imap-0:4.1.2-2.17.ia64", "2.1AW:php-ldap-0:4.1.2-2.17.i386", "2.1AW:php-ldap-0:4.1.2-2.17.ia64", "2.1AW:php-manual-0:4.1.2-2.17.i386", "2.1AW:php-manual-0:4.1.2-2.17.ia64", "2.1AW:php-mysql-0:4.1.2-2.17.i386", "2.1AW:php-mysql-0:4.1.2-2.17.ia64", "2.1AW:php-odbc-0:4.1.2-2.17.i386", "2.1AW:php-odbc-0:4.1.2-2.17.ia64", "2.1AW:php-pgsql-0:4.1.2-2.17.i386", "2.1AW:php-pgsql-0:4.1.2-2.17.ia64", "2.1ES:php-0:4.1.2-2.17.i386", "2.1ES:php-0:4.1.2-2.17.ia64", "2.1ES:php-0:4.1.2-2.17.src", "2.1ES:php-devel-0:4.1.2-2.17.i386", "2.1ES:php-devel-0:4.1.2-2.17.ia64", "2.1ES:php-imap-0:4.1.2-2.17.i386", "2.1ES:php-imap-0:4.1.2-2.17.ia64", "2.1ES:php-ldap-0:4.1.2-2.17.i386", "2.1ES:php-ldap-0:4.1.2-2.17.ia64", "2.1ES:php-manual-0:4.1.2-2.17.i386", "2.1ES:php-manual-0:4.1.2-2.17.ia64", "2.1ES:php-mysql-0:4.1.2-2.17.i386", "2.1ES:php-mysql-0:4.1.2-2.17.ia64", "2.1ES:php-odbc-0:4.1.2-2.17.i386", "2.1ES:php-odbc-0:4.1.2-2.17.ia64", "2.1ES:php-pgsql-0:4.1.2-2.17.i386", "2.1ES:php-pgsql-0:4.1.2-2.17.ia64", "2.1WS:php-0:4.1.2-2.17.i386", "2.1WS:php-0:4.1.2-2.17.ia64", "2.1WS:php-0:4.1.2-2.17.src", "2.1WS:php-devel-0:4.1.2-2.17.i386", "2.1WS:php-devel-0:4.1.2-2.17.ia64", "2.1WS:php-imap-0:4.1.2-2.17.i386", "2.1WS:php-imap-0:4.1.2-2.17.ia64", "2.1WS:php-ldap-0:4.1.2-2.17.i386", "2.1WS:php-ldap-0:4.1.2-2.17.ia64", "2.1WS:php-manual-0:4.1.2-2.17.i386", "2.1WS:php-manual-0:4.1.2-2.17.ia64", "2.1WS:php-mysql-0:4.1.2-2.17.i386", "2.1WS:php-mysql-0:4.1.2-2.17.ia64", "2.1WS:php-odbc-0:4.1.2-2.17.i386", "2.1WS:php-odbc-0:4.1.2-2.17.ia64", "2.1WS:php-pgsql-0:4.1.2-2.17.i386", "2.1WS:php-pgsql-0:4.1.2-2.17.ia64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2007:0154" } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "security flaw" } ] }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.