CVE-2007-1285

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The Zend Engine in PHP 4.x before 4.4.7, and 5.x before 5.2.2, allows remote attackers to cause a denial of service (stack exhaustion and PHP crash) via deeply nested arrays, which trigger deep recursion in the variable destruction routines.

References

http://lists.opensuse.org/opensuse-security-announce/2007-07/msg00006.html

http://rhn.redhat.com/errata/RHSA-2007-0154.html

http://rhn.redhat.com/errata/RHSA-2007-0155.html

http://rhn.redhat.com/errata/RHSA-2007-0163.html

http://secunia.com/advisories/24909

http://secunia.com/advisories/24910

http://secunia.com/advisories/24924

http://secunia.com/advisories/24941

http://secunia.com/advisories/24945

http://secunia.com/advisories/25445

http://secunia.com/advisories/26048

http://secunia.com/advisories/26642

http://secunia.com/advisories/27864

http://secunia.com/advisories/28936

http://security.gentoo.org/glsa/glsa-200705-19.xml

http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.335136

http://us2.php.net/releases/4_4_7.php

http://us2.php.net/releases/5_2_2.php

http://www.mandriva.com/security/advisories?name=MDKSA-2007:087

http://www.mandriva.com/security/advisories?name=MDKSA-2007:088

http://www.mandriva.com/security/advisories?name=MDKSA-2007:089

http://www.mandriva.com/security/advisories?name=MDKSA-2007:090

http://www.osvdb.org/32769

http://www.php.net/ChangeLog-4.php

http://www.php.net/ChangeLog-5.php#5.2.4

http://www.php.net/releases/4_4_8.php

http://www.php.net/releases/5_2_4.php

http://www.php-security.org/MOPB/MOPB-03-2007.html

http://www.redhat.com/support/errata/RHSA-2007-0082.html

http://www.redhat.com/support/errata/RHSA-2007-0162.html

http://www.securityfocus.com/archive/1/466166/100/0/threaded

http://www.securityfocus.com/bid/22764

http://www.securitytracker.com/id?1017771

http://www.ubuntu.com/usn/usn-549-2

https://issues.rpath.com/browse/RPL-1268

https://launchpad.net/bugs/173043

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11017

https://usn.ubuntu.com/549-1/

Details

Source: MITRE

Published: 2007-03-06

Updated: 2018-10-30

Type: CWE-119

Risk Information

CVSS v2

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:php:php:4.0.0:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.0.1:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.0.1:patch1:*:*:*:*:*:*

cpe:2.3:a:php:php:4.0.1:patch2:*:*:*:*:*:*

cpe:2.3:a:php:php:4.0.2:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.0.3:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.0.3:patch1:*:*:*:*:*:*

cpe:2.3:a:php:php:4.0.4:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.0.4:patch1:*:*:*:*:*:*

cpe:2.3:a:php:php:4.0.5:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.0.6:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.0.7:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.0.7:rc1:*:*:*:*:*:*

cpe:2.3:a:php:php:4.0.7:rc2:*:*:*:*:*:*

cpe:2.3:a:php:php:4.0.7:rc3:*:*:*:*:*:*

cpe:2.3:a:php:php:4.0.7:rc4:*:*:*:*:*:*

cpe:2.3:a:php:php:4.1.0:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.1.1:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.1.2:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.2.0:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.2.1:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.2.2:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.2.3:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.3.0:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.3.1:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.3.2:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.3.3:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.3.4:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.3.5:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.3.6:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.3.7:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.3.8:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.3.9:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.3.10:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.3.11:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.4.0:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.4.1:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.4.2:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.4.3:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.4.4:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.4.5:*:*:*:*:*:*:*

cpe:2.3:a:php:php:4.4.6:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.0.1:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.0.2:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.0.3:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.0.4:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.0.5:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.1.0:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.1.1:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.1.2:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.1.3:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.1.4:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.1.5:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.1.6:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*

cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*

cpe:2.3:a:zend:engine:*:*:*:*:*:*:*:*

Tenable Plugins

View all (17 total)

IDNameProductFamilySeverity
78215F5 Networks BIG-IP : Multiple PHP vulnerabilities (SOL7859)NessusF5 Networks Local Security Checks
high
67471Oracle Linux 3 / 4 : php (ELSA-2007-0155)NessusOracle Linux Local Security Checks
high
37164Mandrake Linux Security Advisory : php (MDKSA-2007:090)NessusMandriva Local Security Checks
high
31101Slackware 10.2 / 11.0 : php (SSA:2008-045-03)NessusSlackware Local Security Checks
high
29552SuSE 10 Security Update : PHP5 (ZYPP Patch Number 3754)NessusSuSE Local Security Checks
high
29213Ubuntu 7.10 : php5 regression (USN-549-2)NessusUbuntu Local Security Checks
high
28372Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : php5 vulnerabilities (USN-549-1)NessusUbuntu Local Security Checks
high
27392openSUSE 10 Security Update : php5 (php5-3753)NessusSuSE Local Security Checks
high
27391openSUSE 10 Security Update : php5 (php5-3745)NessusSuSE Local Security Checks
high
25340GLSA-200705-19 : PHP: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
25317RHEL 5 : php (RHSA-2007:0082)NessusRed Hat Local Security Checks
critical
3982PHP 4.x < 4.4.7 / 5.x < 5.2.2 Multiple VulnerabilitiesNessus Network MonitorWeb Servers
high
25159PHP < 4.4.7 / 5.2.2 Multiple VulnerabilitiesNessusCGI abuses
high
25113Mandrake Linux Security Advisory : php (MDKSA-2007:089)NessusMandriva Local Security Checks
high
25068RHEL 3 / 4 : php (RHSA-2007:0155)NessusRed Hat Local Security Checks
high
25067RHEL 2.1 : php (RHSA-2007:0154)NessusRed Hat Local Security Checks
medium
25043CentOS 3 / 4 : php (CESA-2007:0155)NessusCentOS Local Security Checks
high