Lucene search

[email protected]NVD:CVE-2007-1888

HistoryApr 06, 2007 - 1:19 a.m.

CVE-2007-1888

2007-04-0601:19:00

[email protected]

web.nvd.nist.gov

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.5

Confidence

Low

EPSS

0.015

Percentile

86.8%

JSON

Buffer overflow in the sqlite_decode_binary function in src/encode.c in SQLite 2, as used by PHP 4.x through 5.x and other applications, allows context-dependent attackers to execute arbitrary code via an empty value of the in parameter. NOTE: some PHP installations use a bundled version of sqlite without this vulnerability. The SQLite developer has argued that this issue could be due to a misuse of the sqlite_decode_binary() API.

Affected configurations

Nvd

Node

phpphpMatch4.0

phpphpMatch4.0beta_4_patch1

phpphpMatch4.0beta1

phpphpMatch4.0beta2

phpphpMatch4.0beta3

phpphpMatch4.0beta4

phpphpMatch4.0rc1

phpphpMatch4.0rc2

phpphpMatch4.0.0

phpphpMatch4.0.1

phpphpMatch4.0.1patch1

phpphpMatch4.0.1patch2

phpphpMatch4.0.2

phpphpMatch4.0.3

phpphpMatch4.0.3patch1

phpphpMatch4.0.4

phpphpMatch4.0.4patch1

phpphpMatch4.0.5

phpphpMatch4.0.6

phpphpMatch4.0.7

phpphpMatch4.0.7rc1

phpphpMatch4.0.7rc2

phpphpMatch4.0.7rc3

phpphpMatch4.1.0

phpphpMatch4.1.1

phpphpMatch4.1.2

phpphpMatch4.2dev

phpphpMatch4.2.0

phpphpMatch4.2.1

phpphpMatch4.2.2

phpphpMatch4.2.3

phpphpMatch4.3.0

phpphpMatch4.3.1

phpphpMatch4.3.2

phpphpMatch4.3.3

phpphpMatch4.3.4

phpphpMatch4.3.5

phpphpMatch4.3.6

phpphpMatch4.3.7

phpphpMatch4.3.8

phpphpMatch4.3.9

phpphpMatch4.3.10

phpphpMatch4.3.11

phpphpMatch4.4.0

phpphpMatch4.4.1

phpphpMatch4.4.2

phpphpMatch4.4.3

phpphpMatch4.4.4

phpphpMatch4.4.5

phpphpMatch4.4.6

phpphpMatch5.0rc1

phpphpMatch5.0rc2

phpphpMatch5.0rc3

phpphpMatch5.0.0

phpphpMatch5.0.0beta1

phpphpMatch5.0.0beta2

phpphpMatch5.0.0beta3

phpphpMatch5.0.0beta4

phpphpMatch5.0.0rc1

phpphpMatch5.0.0rc2

phpphpMatch5.0.0rc3

phpphpMatch5.0.1

phpphpMatch5.0.2

phpphpMatch5.0.3

phpphpMatch5.0.4

phpphpMatch5.0.5

phpphpMatch5.1.0

phpphpMatch5.1.1

phpphpMatch5.1.2

phpphpMatch5.1.3

phpphpMatch5.1.4

phpphpMatch5.1.5

phpphpMatch5.1.6

phpphpMatch5.2.0

phpphpMatch5.2.1

phpphpMatch5.4.0

VendorProductVersionCPE
phpphp4.0cpe:2.3:a:php:php:4.0:*:*:*:*:*:*:*
phpphp4.0cpe:2.3:a:php:php:4.0:beta_4_patch1:*:*:*:*:*:*
phpphp4.0cpe:2.3:a:php:php:4.0:beta1:*:*:*:*:*:*
phpphp4.0cpe:2.3:a:php:php:4.0:beta2:*:*:*:*:*:*
phpphp4.0cpe:2.3:a:php:php:4.0:beta3:*:*:*:*:*:*
phpphp4.0cpe:2.3:a:php:php:4.0:beta4:*:*:*:*:*:*
phpphp4.0cpe:2.3:a:php:php:4.0:rc1:*:*:*:*:*:*
phpphp4.0cpe:2.3:a:php:php:4.0:rc2:*:*:*:*:*:*
phpphp4.0.0cpe:2.3:a:php:php:4.0.0:*:*:*:*:*:*:*
phpphp4.0.1cpe:2.3:a:php:php:4.0.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
php	php	4.0	cpe:2.3:a:php:php:4.0:::::::*
php	php	4.0	cpe:2.3:a:php:php:4.0:beta_4_patch1::::::
php	php	4.0	cpe:2.3:a:php:php:4.0:beta1::::::
php	php	4.0	cpe:2.3:a:php:php:4.0:beta2::::::
php	php	4.0	cpe:2.3:a:php:php:4.0:beta3::::::
php	php	4.0	cpe:2.3:a:php:php:4.0:beta4::::::
php	php	4.0	cpe:2.3:a:php:php:4.0:rc1::::::
php	php	4.0	cpe:2.3:a:php:php:4.0:rc2::::::
php	php	4.0.0	cpe:2.3:a:php:php:4.0.0:::::::*
php	php	4.0.1	cpe:2.3:a:php:php:4.0.1:::::::*