Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2007-4782
HistorySep 10, 2007 - 9:17 p.m.

CVE-2007-4782

2007-09-1021:17:00
CWE-94
mitre
web.nvd.nist.gov
50
php
cve-2007-4782
denial of service
glob function
fnmatch function

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

9.5

Confidence

High

EPSS

0.022

Percentile

89.6%

JSON

PHP before 5.2.3 allows context-dependent attackers to cause a denial of service (application crash) via (1) a long string in the pattern parameter to the glob function; or (2) a long string in the string parameter to the fnmatch function, accompanied by a pattern parameter value with undefined characteristics, as demonstrated by a “*[1]e” value. NOTE: this might not be a vulnerability in most web server environments that support multiple threads, unless these issues can be demonstrated for code execution.

Affected configurations

Nvd
Node
phpphpRange5.2.3
VendorProductVersionCPE
phpphpcpe:/a:php:php::::

References

Related

veracode 1
cvelist 2
ubuntucve 2
prion 2
nvd 2
nessus 18
f5 2
cve 1
debiancve 1
centos 2
oraclelinux 2
openvas 24
redhat 4
fedora 1
ubuntu 1
suse 1
gentoo 1
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:22:29
cvelist
cvelist
CVE-2007-4782
2007-09-10 21:00:00
CVE-2011-1071
2011-04-08 15:00:00
ubuntucve
ubuntucve
CVE-2007-4782
2007-09-10 00:00:00
CVE-2011-1071
2011-04-08 00:00:00
prion
prion
Remote code execution
2007-09-10 21:17:00
Design/Logic Flaw
2011-04-08 15:17:00
nvd
nvd
CVE-2007-4782
2007-09-10 21:17:00
CVE-2011-1071
2011-04-08 15:17:27
nessus
nessus
F5 Networks BIG-IP : GNU C Library vulnerability (SOL15885)
2014-11-28 00:00:00
Scientific Linux Security Update : php on SL4.x i386/x86_64
2012-08-01 00:00:00
CentOS 4 : php (CESA-2008:0545)
2010-01-06 00:00:00
f5
f5
SOL15885 - GNU C Library vulnerability CVE-2011-1071
2014-11-27 00:00:00
K15885 : GNU C Library vulnerability CVE-2011-1071
2015-06-13 00:00:00
cve
cve
CVE-2011-1071
2011-04-08 15:17:27
debiancve
debiancve
CVE-2011-1071
2011-04-08 15:17:27
centos
centos
php security update
2008-07-16 16:10:52
php security update
2008-07-16 16:15:51
oraclelinux
oraclelinux
php security update
2008-07-16 00:00:00
php security and bug fix update
2008-07-16 00:00:00
openvas
openvas
CentOS Update for php CESA-2008:0544 centos3 i386
2009-02-27 00:00:00
CentOS Update for php CESA-2008:0544 centos3 i386
2009-02-27 00:00:00
RedHat Update for php RHSA-2008:0544-01
2009-03-06 00:00:00
redhat
redhat
(RHSA-2008:0545) Moderate: php security and bug fix update
2008-07-16 00:00:00
(RHSA-2008:0582) Moderate: php security update
2008-07-22 00:00:00
(RHSA-2008:0544) Moderate: php security update
2008-07-16 00:00:00
fedora
fedora
[SECURITY] Fedora 8 Update: php-5.2.6-2.fc8
2008-06-20 19:08:56
ubuntu
ubuntu
PHP vulnerabilities
2008-07-23 00:00:00
suse
suse
remote code execution in php4, php5
2008-01-29 14:18:48
gentoo
gentoo
PHP: Multiple vulnerabilities
2007-10-07 00:00:00

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

9.5

Confidence

High

EPSS

0.022

Percentile

89.6%

JSON
Related for CVE-2007-4782
veracode1cvelist2ubuntucve2prion2nvd2nessus18f52cve1debiancve1centos2oraclelinux2openvas24redhat4fedora1ubuntu1suse1gentoo1