CVE-2007-0906

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Multiple buffer overflows in PHP before 5.2.1 allow attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors in the (1) session, (2) zip, (3) imap, and (4) sqlite extensions; (5) stream filters; and the (6) str_replace, (7) mail, (8) ibase_delete_user, (9) ibase_add_user, and (10) ibase_modify_user functions. NOTE: vector 6 might actually be an integer overflow (CVE-2007-1885). NOTE: as of 20070411, vector (3) might involve the imap_mail_compose function (CVE-2007-1825).

References

ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc

http://lists.opensuse.org/opensuse-security-announce/2007-07/msg00006.html

http://lists.suse.com/archive/suse-security-announce/2007-Mar/0003.html

http://osvdb.org/34706

http://osvdb.org/34707

http://osvdb.org/34708

http://osvdb.org/34709

http://osvdb.org/34710

http://osvdb.org/34711

http://osvdb.org/34712

http://osvdb.org/34713

http://osvdb.org/34714

http://osvdb.org/34715

http://rhn.redhat.com/errata/RHSA-2007-0089.html

http://secunia.com/advisories/24089

http://secunia.com/advisories/24195

http://secunia.com/advisories/24217

http://secunia.com/advisories/24236

http://secunia.com/advisories/24248

http://secunia.com/advisories/24284

http://secunia.com/advisories/24295

http://secunia.com/advisories/24322

http://secunia.com/advisories/24419

http://secunia.com/advisories/24421

http://secunia.com/advisories/24432

http://secunia.com/advisories/24514

http://secunia.com/advisories/24606

http://secunia.com/advisories/24642

http://secunia.com/advisories/24945

http://secunia.com/advisories/26048

http://security.gentoo.org/glsa/glsa-200703-21.xml

http://support.avaya.com/elmodocs2/security/ASA-2007-101.htm

http://support.avaya.com/elmodocs2/security/ASA-2007-136.htm

http://www.mandriva.com/security/advisories?name=MDKSA-2007:048

http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.010.html

http://www.osvdb.org/32776

http://www.php.net/ChangeLog-5.php#5.2.1

http://www.php.net/releases/5_2_1.php

http://www.redhat.com/support/errata/RHSA-2007-0076.html

http://www.redhat.com/support/errata/RHSA-2007-0081.html

http://www.redhat.com/support/errata/RHSA-2007-0082.html

http://www.redhat.com/support/errata/RHSA-2007-0088.html

http://www.securityfocus.com/archive/1/461462/100/0/threaded

http://www.securityfocus.com/archive/1/466166/100/0/threaded

http://www.securityfocus.com/bid/22496

http://www.securitytracker.com/id?1017671

http://www.trustix.org/errata/2007/0009/

http://www.ubuntu.com/usn/usn-424-1

http://www.ubuntu.com/usn/usn-424-2

http://www.us.debian.org/security/2007/dsa-1264

http://www.vupen.com/english/advisories/2007/0546

https://issues.rpath.com/browse/RPL-1088

https://issues.rpath.com/browse/RPL-1268

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8992

Details

Source: MITRE

Published: 2007-02-13

Updated: 2018-10-30

Type: CWE-119

Risk Information

CVSS v2

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:php:php:3.0:*:*:*:*:*:*:*

cpe:2.3:a:php:php:3.0.1:*:*:*:*:*:*:*

cpe:2.3:a:php:php:3.0.2:*:*:*:*:*:*:*

cpe:2.3:a:php:php:3.0.3:*:*:*:*:*:*:*

cpe:2.3:a:php:php:3.0.4:*:*:*:*:*:*:*

cpe:2.3:a:php:php:3.0.5:*:*:*:*:*:*:*

cpe:2.3:a:php:php:3.0.6:*:*:*:*:*:*:*

cpe:2.3:a:php:php:3.0.7:*:*:*:*:*:*:*

cpe:2.3:a:php:php:3.0.8:*:*:*:*:*:*:*

cpe:2.3:a:php:php:3.0.9:*:*:*:*:*:*:*

cpe:2.3:a:php:php:3.0.10:*:*:*:*:*:*:*

cpe:2.3:a:php:php:3.0.11:*:*:*:*:*:*:*

cpe:2.3:a:php:php:3.0.12:*:*:*:*:*:*:*

cpe:2.3:a:php:php:3.0.13:*:*:*:*:*:*:*

cpe:2.3:a:php:php:3.0.14:*:*:*:*:*:*:*

cpe:2.3:a:php:php:3.0.15:*:*:*:*:*:*:*

cpe:2.3:a:php:php:3.0.16:*:*:*:*:*:*:*

cpe:2.3:a:php:php:3.0.17:*:*:*:*:*:*:*

cpe:2.3:a:php:php:3.0.18:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.0:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.0.1:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.0.1:patch1:*:*:*:*:*:*

cpe:2.3:a:php:php:4.0.1:patch2:*:*:*:*:*:*

cpe:2.3:a:php:php:4.0.2:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.0.3:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.0.3:patch1:*:*:*:*:*:*

cpe:2.3:a:php:php:4.0.4:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.0.5:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.0.6:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.0.7:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.0.7:rc1:*:*:*:*:*:*

cpe:2.3:a:php:php:4.0.7:rc2:*:*:*:*:*:*

cpe:2.3:a:php:php:4.0.7:rc3:*:*:*:*:*:*

cpe:2.3:a:php:php:4.1.0:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.1.1:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.1.2:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.2:*:dev:*:*:*:*:*

cpe:2.3:a:php:php:4.2.0:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.2.1:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.2.2:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.2.3:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.3.0:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.3.1:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.3.2:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.3.3:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.3.4:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.3.5:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.3.6:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.3.7:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.3.8:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.3.9:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.3.10:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.3.11:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.4.0:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.4.1:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.4.2:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.4.3:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.4.4:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.0:rc1:*:*:*:*:*:*

cpe:2.3:a:php:php:5.0:rc2:*:*:*:*:*:*

cpe:2.3:a:php:php:5.0:rc3:*:*:*:*:*:*

cpe:2.3:a:php:php:5.0.0:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.0.1:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.0.2:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.0.3:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.0.4:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.0.5:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.1.0:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.1.1:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.1.2:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.1.3:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.1.4:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.1.5:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.1.6:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:o:trustix:secure_linux:2.2:*:*:*:*:*:*:*

cpe:2.3:o:trustix:secure_linux:3.0:*:*:*:*:*:*:*

Tenable Plugins

View all (21 total)

IDNameProductFamilySeverity
67451Oracle Linux 3 / 4 : php (ELSA-2007-0076)NessusOracle Linux Local Security Checks
critical
29552SuSE 10 Security Update : PHP5 (ZYPP Patch Number 3754)NessusSuSE Local Security Checks
high
29377SuSE 10 Security Update : PHP5 (ZYPP Patch Number 2684)NessusSuSE Local Security Checks
critical
28017Ubuntu 5.10 / 6.06 LTS / 6.10 : php5 regression (USN-424-2)NessusUbuntu Local Security Checks
critical
28016Ubuntu 5.10 / 6.06 LTS / 6.10 : php5 vulnerabilities (USN-424-1)NessusUbuntu Local Security Checks
critical
27392openSUSE 10 Security Update : php5 (php5-3753)NessusSuSE Local Security Checks
high
27391openSUSE 10 Security Update : php5 (php5-3745)NessusSuSE Local Security Checks
high
27390openSUSE 10 Security Update : php5 (php5-2687)NessusSuSE Local Security Checks
critical
25317RHEL 5 : php (RHSA-2007:0082)NessusRed Hat Local Security Checks
critical
24907PHP < 5.2.1 Multiple VulnerabilitiesNessusCGI abuses
high
24906PHP < 4.4.5 Multiple VulnerabilitiesNessusCGI abuses
high
24887GLSA-200703-21 : PHP: Multiple vulnerabilitiesNessusGentoo Local Security Checks
critical
24793Debian DSA-1264-1 : php4 - several vulnerabilitiesNessusDebian Local Security Checks
critical
24697RHEL 2.1 : php (RHSA-2007:0081)NessusRed Hat Local Security Checks
critical
24695Mandrake Linux Security Advisory : php (MDKSA-2007:048)NessusMandriva Local Security Checks
critical
24691Slackware 10.2 / 11.0 : php (SSA:2007-053-01)NessusSlackware Local Security Checks
critical
24677RHEL 3 / 4 : php (RHSA-2007:0076)NessusRed Hat Local Security Checks
critical
24673CentOS 3 / 4 : php (CESA-2007:0076)NessusCentOS Local Security Checks
critical
24365FreeBSD : php -- multiple vulnerabilities (7fcf1727-be71-11db-b2ec-000c6ec775d9)NessusFreeBSD Local Security Checks
critical
3857PHP < 4.4.5 / 5.2.1 Multiple VulnerabilitiesNessus Network MonitorWeb Servers
medium
801112PHP < 4.4.5 / 5.2.1 Multiple VulnerabilitiesLog Correlation EngineWeb Servers
high