Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
freebsdFreeBSD392B5B1D-9471-11DC-9DB7-001C2514716C
HistoryNov 08, 2007 - 12:00 a.m.

php -- multiple security vulnerabilities

2007-11-0800:00:00
vuxml.freebsd.org
23

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

EPSS

0.039

Percentile

92.1%

JSON

PHP project reports:

Security Enhancements and Fixes in PHP 5.2.5:

Fixed dl() to only accept filenames. Reported by Laurent
Gaffie.
Fixed dl() to limit argument size to MAXPATHLEN (CVE-2007-4887).
Reported by Laurent Gaffie.
Fixed htmlentities/htmlspecialchars not to accept partial
multibyte sequences. Reported by Rasmus Lerdorf
Fixed possible triggering of buffer overflows inside glibc
implementations of the fnmatch(), setlocale() and glob()
functions. Reported by Laurent Gaffie.
Fixed “mail.force_extra_parameters” php.ini directive not to be
modifiable in .htaccess due to the security implications. Reported
by SecurityReason.
Fixed bug #42869 (automatic session id insertion adds sessions
id to non-local forms).
Fixed bug #41561 (Values set with php_admin_* in httpd.conf can
be overwritten with ini_set()).

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchphp5< 5.2.5UNKNOWN

Related

redhatcve 1
cvelist 1
nessus 5
ubuntucve 1
openvas 12
seebug 1
slackware 1
nvd 1
prion 1
cve 1
securityvulns 2
gentoo 1
redhatcve
redhatcve
CVE-2007-4887
2015-10-30 10:15:25
cvelist
cvelist
CVE-2007-4887
2007-09-14 00:00:00
nessus
nessus
FreeBSD : php -- multiple security vulnerabilities (392b5b1d-9471-11dc-9db7-001c2514716c)
2007-11-20 00:00:00
Slackware 10.1 / 10.2 / 11.0 / 12.0 / current : php (SSA:2007-314-01)
2007-11-12 00:00:00
PHP < 5.2.5 Multiple Vulnerabilities
2007-11-12 00:00:00
ubuntucve
ubuntucve
CVE-2007-4887
2007-09-14 00:00:00
openvas
openvas
FreeBSD Ports: php5
2008-09-04 00:00:00
Slackware Advisory SSA:2007-314-01 php
2012-09-11 00:00:00
FreeBSD Ports: php5
2008-09-04 00:00:00
seebug
seebug
PHP 5.2.5之前版本多个安全漏洞
2007-11-14 00:00:00
slackware
slackware
[slackware-security] php
2007-11-11 00:06:23
nvd
nvd
CVE-2007-4887
2007-09-14 00:17:00
prion
prion
Design/Logic Flaw
2007-09-14 00:17:00
cve
cve
CVE-2007-4887
2007-09-14 00:17:00
securityvulns
securityvulns
rPSA-2007-0242-1 php5 php5-cgi php5-mysql php5-pear php5-pgsql php5-soap php5-xsl
2007-11-20 00:00:00
PHP multiple Denial of Service conditions
2007-11-20 00:00:00
gentoo
gentoo
PHP: Multiple vulnerabilities
2007-10-07 00:00:00

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

EPSS

0.039

Percentile

92.1%

JSON
Related for 392B5B1D-9471-11DC-9DB7-001C2514716C
redhatcve1cvelist1nessus5ubuntucve1openvas12seebug1slackware1nvd1prion1cve1securityvulns2gentoo1