Lucene search
GoogleOSV:DSA-1295-1HistoryMay 19, 2007 - 12:00 a.m.
php5
2007-05-1900:00:00
Google
osv.dev
9
0.02 Low
EPSS
Percentile
89.0%
Several remote vulnerabilities have been discovered in PHP, a
server-side, HTML-embedded scripting language, which may lead to the
execution of arbitrary code. The Common Vulnerabilities and Exposures
project identifies the following problems:
- CVE-2007-2509
It was discovered that missing input sanitising inside the ftp
extension permits an attacker to execute arbitrary FTP commands.
This requires the attacker to already have access to the FTP
server. - CVE-2007-2510
It was discovered that a buffer overflow in the SOAP extension permits
the execution of arbitrary code.
The oldstable distribution (sarge) doesn’t include php5.
For the stable distribution (etch) these problems have been fixed
in version 5.2.0-8+etch4.
For the unstable distribution (sid) these problems have been fixed in
version 5.2.2-1.
We recommend that you upgrade your PHP packages. Packages for the Sparc
architectures are not yet available, due to problems on the build host. They
will be provided later.
| CPE | Name | Operator | Version |
|---|---|---|---|
| php5 | eq | 5.2.0-8+etch3 | |
| php5 | eq | 5.2.0-8+etch1 |
References
Related
openvas
openvas
Debian: Security Advisory (DSA-1295-1)
2008-01-17 00:00:00
Debian Security Advisory DSA 1295-1 (php5)
2008-01-17 00:00:00
Fedora Update for php FEDORA-2007-503
2009-02-27 00:00:00
nessus
nessus
Debian DSA-1295-1 : php5 - several vulnerabilities
2007-05-25 00:00:00
CentOS 5 : php (CESA-2007:0348)
2007-05-11 00:00:00
Fedora Core 5 : php-5.1.6-1.6 (2007-526)
2007-05-25 00:00:00
debian
debian
[SECURITY] [DSA 1295-1] New php5 packages fix several vulnerabilities
2007-05-19 10:39:36
[SECURITY] [DSA 1296-1] New php4 packages fix privilege escalation
2007-05-21 17:42:19
fedora
fedora
[SECURITY] Fedora Core 6 Update: php-5.1.6-3.6.fc6
2007-05-14 17:11:53
[SECURITY] Fedora Core 5 Update: php-5.1.6-1.6
2007-05-24 05:24:12
redhat
redhat
(RHSA-2007:0348) Important: php security update
2007-05-08 00:00:00
(RHSA-2007:0355) Important: php security update
2007-05-10 00:00:00
(RHSA-2007:0349) Important: php security update
2007-05-09 00:00:00
centos
centos
php security update
2007-05-10 14:34:11
php security update
2007-05-09 15:32:48
php security update
2007-10-24 03:08:58
ubuntu
ubuntu
PHP vulnerabilities
2007-05-22 00:00:00
ubuntucve
ubuntucve
CVE-2007-2509
2007-05-09 00:00:00
CVE-2007-2510
2007-05-09 00:00:00
cve
cve
CVE-2007-2509
2007-05-09 00:19:00
CVE-2007-2510
2007-05-09 00:19:00
prion
prion
Buffer overflow
2007-05-09 00:19:00
Crlf injection
2007-05-09 00:19:00
securityvulns
securityvulns
PHP SOAP extension buffer overflow
2007-05-19 00:00:00
PHP FTP commans injection
2007-03-24 00:00:00
nvd
nvd
CVE-2007-2510
2007-05-09 00:19:00
CVE-2007-2509
2007-05-09 00:19:00
cvelist
cvelist
CVE-2007-2510
2007-05-09 00:00:00
CVE-2007-2509
2007-05-09 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:17:47
CRLF Injection
2020-04-10 00:17:46
oraclelinux
oraclelinux
Important: php security update
2007-05-09 00:00:00
Important: php security update
2007-06-26 00:00:00
Moderate: php security update
2007-09-26 00:00:00
suse
suse
remote denial of service in php4,php5
2007-07-12 16:26:43
gentoo
gentoo
PHP: Multiple vulnerabilities
2007-05-26 00:00:00
f5
f5
K7859 : Multiple PHP vulnerabilities
2013-03-19 00:00:00
SOL7859 - Multiple PHP vulnerabilities
2007-09-16 00:00:00