CVE-2007-4670medium
New! CVE Severity Now Using CVSS v3
The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
Description
Unspecified vulnerability in PHP before 5.2.4 has unknown impact and attack vectors, related to an "Improved fix for MOPB-03-2007," probably a variant of CVE-2007-1285.
References
http://rhn.redhat.com/errata/RHSA-2007-0889.html
http://secunia.com/advisories/26822
http://secunia.com/advisories/26838
http://secunia.com/advisories/26871
http://secunia.com/advisories/26895
http://secunia.com/advisories/26930
http://secunia.com/advisories/26967
http://secunia.com/advisories/27102
http://secunia.com/advisories/27351
http://secunia.com/advisories/27377
http://secunia.com/advisories/27545
http://secunia.com/advisories/27864
http://support.avaya.com/elmodocs2/security/ASA-2007-449.htm
http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2007:187
http://www.php.net/ChangeLog-5.php#5.2.4
http://www.php.net/releases/5_2_4.php
http://www.redhat.com/support/errata/RHSA-2007-0888.html
http://www.redhat.com/support/errata/RHSA-2007-0890.html
http://www.redhat.com/support/errata/RHSA-2007-0891.html
http://www.trustix.org/errata/2007/0026/
http://www.ubuntu.com/usn/usn-549-2
https://issues.rpath.com/browse/RPL-1693
https://issues.rpath.com/browse/RPL-1702
https://launchpad.net/bugs/173043
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11028
https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00354.html
Details
Source: MITRE
Published: 2007-09-05
Updated: 2018-10-03
Type: NVD-CWE-noinfo
Risk Information
CVSS v2
Base Score: 5
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Impact Score: 2.9
Exploitability Score: 10
Severity: MEDIUM
Vulnerable Software
Configuration 1
OR
cpe:2.3:a:php:php:*:*:*:*:*:*:*:* versions up to 5.2.3 (inclusive)
Tenable Plugins
| ID | Name | Product | Family | Severity |
|---|---|---|---|---|
| 67570 | Oracle Linux 4 / 5 : php (ELSA-2007-0890) | Nessus | Oracle Linux Local Security Checks | high |
| 67569 | Oracle Linux 3 : php (ELSA-2007-0889) | Nessus | Oracle Linux Local Security Checks | high |
| 60257 | Scientific Linux Security Update : php on SL3.x i386/x86_64 | Nessus | Scientific Linux Local Security Checks | high |
| 60255 | Scientific Linux Security Update : php on SL5.x, SL4.x i386/x86_64 | Nessus | Scientific Linux Local Security Checks | high |
| 29213 | Ubuntu 7.10 : php5 regression (USN-549-2) | Nessus | Ubuntu Local Security Checks | high |
| 28372 | Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : php5 vulnerabilities (USN-549-1) | Nessus | Ubuntu Local Security Checks | high |
| 27564 | RHEL 2.1 : php (RHSA-2007:0888) | Nessus | Red Hat Local Security Checks | medium |
| 26942 | GLSA-200710-02 : PHP: Multiple vulnerabilities | Nessus | Gentoo Local Security Checks | high |
| 26204 | CentOS 3 : php (CESA-2007:0889) | Nessus | CentOS Local Security Checks | high |
| 26191 | RHEL 3 : php (RHSA-2007:0889) | Nessus | Red Hat Local Security Checks | high |
| 26115 | Fedora Core 6 : php-5.1.6-3.7.fc6 (2007-709) | Nessus | Fedora Local Security Checks | high |
| 26110 | RHEL 4 / 5 : php (RHSA-2007:0890) | Nessus | Red Hat Local Security Checks | high |
| 26107 | Mandrake Linux Security Advisory : php (MDKSA-2007:187) | Nessus | Mandriva Local Security Checks | critical |
| 26075 | CentOS 4 / 5 : php (CESA-2007:0890) | Nessus | CentOS Local Security Checks | high |
| 26038 | FreeBSD : php -- multiple vulnerabilities (71d903fc-602d-11dc-898c-001921ab2fa4) | Nessus | FreeBSD Local Security Checks | high |
| 3982 | PHP 4.x < 4.4.7 / 5.x < 5.2.2 Multiple Vulnerabilities | Nessus Network Monitor | Web Servers | high |
| 25159 | PHP < 4.4.7 / 5.2.2 Multiple Vulnerabilities | Nessus | CGI abuses | high |