CVE-2007-0975

critical

Description

Variable extraction vulnerability in Ian Bezanson Apache Stats before 0.0.3 beta allows attackers to overwrite critical variables, with unknown impact, when the extract function is used on the _REQUEST superglobal array.

References

http://www.vupen.com/english/advisories/2007/0598

http://superb-east.dl.sourceforge.net/sourceforge/apachestats/apacheStats_0.0.3Beta.tar.bz2

http://sourceforge.net/forum/forum.php?forum_id=660919

Details

Source: Mitre, NVD

Published: 2007-02-16

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Severity: Medium

CVSS v3

Base Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Severity: Critical

EPSS

EPSS: 0.00376

Detections

Analytics