CVE-2007-1709

MEDIUM

Description

Buffer overflow in the confirm_phpdoc_compiled function in the phpDOC extension (PECL phpDOC) in PHP 5.2.1 allows context-dependent attackers to execute arbitrary code via a long argument string.

References

http://retrogod.altervista.org/php521_phpdoc_bof.html

http://securityreason.com/securityalert/2512

http://www.securityfocus.com/archive/1/463843/100/0/threaded

http://www.securityfocus.com/bid/23124

https://exchange.xforce.ibmcloud.com/vulnerabilities/33236

https://www.exploit-db.com/exploits/3576

Details

Source: MITRE

Published: 2007-03-27

Updated: 2018-10-16

Type: CWE-119

Risk Information

CVSS v2.0

Base Score: 4.3

Vector: AV:L/AC:L/Au:S/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 3.1

Severity: MEDIUM