Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2007-4889
HistorySep 14, 2007 - 1:17 a.m.

CVE-2007-4889

2007-09-1401:17:00
[email protected]
web.nvd.nist.gov
37
cve-2007-4889
nvd
mysql
php
remote attackers
safe_mode
open_basedir
load_file
into dumpfile
into outfile
security vulnerability

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

9.4

Confidence

High

EPSS

0.058

Percentile

93.4%

JSON

The MySQL extension in PHP 5.2.4 and earlier allows remote attackers to bypass safe_mode and open_basedir restrictions via the MySQL (1) LOAD_FILE, (2) INTO DUMPFILE, and (3) INTO OUTFILE functions, a different issue than CVE-2007-3997.

Affected configurations

NVD
Node
phpmysql_extension
OR
phpphpRange5.2.4
VendorProductVersionCPE
phpphpcpe:/a:php:php::::
phpmysql_extensioncpe:/a:php:mysql_extension::::

Related

prion 2
ubuntucve 2
nvd 2
cvelist 2
redhatcve 2
seebug 3
cve 1
exploitpack 1
f5 2
nessus 4
openvas 9
oraclelinux 1
freebsd 1
gentoo 1
prion
prion
Design/Logic Flaw
2007-09-14 01:17:00
Design/Logic Flaw
2007-09-04 18:17:00
ubuntucve
ubuntucve
CVE-2007-4889
2007-09-14 00:00:00
CVE-2007-3997
2007-09-04 00:00:00
nvd
nvd
CVE-2007-4889
2007-09-14 01:17:00
CVE-2007-3997
2007-09-04 18:17:00
cvelist
cvelist
CVE-2007-4889
2007-09-14 01:00:00
CVE-2007-3997
2007-09-04 18:00:00
redhatcve
redhatcve
CVE-2007-4889
2015-10-30 09:54:31
CVE-2007-3997
2015-10-30 10:13:33
seebug
seebug
PHP <= 4.4.7 / 5.2.3 MySQL/MySQLi Safe Mode Bypass Vulnerability
2014-07-01 00:00:00
PHP MySQL/MySQLi扩展绕过安全限制漏洞
2007-09-05 00:00:00
PHP &lt;= 4.4.7 / 5.2.3 MySQL/MySQLi Safe Mode Bypass Vulnerability
2007-09-10 00:00:00
cve
cve
CVE-2007-3997
2007-09-04 18:17:00
exploitpack
exploitpack
PHP 4.4.75.2.3 - MySQLMySQLi Safe_Mode Bypass
2007-09-10 00:00:00
f5
f5
K31530542 : PHP vulnerabilities CVE-2007-1777, CVE-2007-3997, CVE-2007-4657, CVE-2008-3658, and CVE-2008-3659
2016-10-20 00:00:00
SOL31530542 - PHP vulnerabilities CVE-2007-1777, CVE-2007-3997, CVE-2007-4657, CVE-2008-3658, and CVE-2008-3659
2016-10-20 00:00:00
nessus
nessus
PHP < 5.2.5 Multiple Vulnerabilities
2007-11-12 00:00:00
PHP < 4.4.8 Multiple Vulnerabilities
2008-01-03 00:00:00
FreeBSD : php -- multiple vulnerabilities (71d903fc-602d-11dc-898c-001921ab2fa4)
2007-09-14 00:00:00
openvas
openvas
PHP < 5.2.5 Multiple Vulnerabilities
2020-08-17 00:00:00
PHP < 5.2.5 Multiple Vulnerabilities
2012-06-21 00:00:00
PHP < 4.4.8 Multiple Vulnerabilities
2012-06-21 00:00:00
oraclelinux
oraclelinux
Moderate: php security update
2007-09-20 00:00:00
freebsd
freebsd
php -- multiple vulnerabilities
2007-08-30 00:00:00
gentoo
gentoo
PHP: Multiple vulnerabilities
2007-10-07 00:00:00

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

9.4

Confidence

High

EPSS

0.058

Percentile

93.4%

JSON
Related for CVE-2007-4889
prion2ubuntucve2nvd2cvelist2redhatcve2seebug3cve1exploitpack1f52nessus4openvas9oraclelinux1freebsd1gentoo1