PhpMyAdminPHPMYADMIN:PMASA-2007-3PHP Executor Deep Recursion Stack Overflow
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:N/I:N/A:C
EPSS
Percentile
92.4%
PMASA-2007-3
Announcement-ID: PMASA-2007-3
Date: 2007-03-02
Summary
PHP Executor Deep Recursion Stack Overflow
Description
Stefan Esser from the Hardened-PHP Project is publishing the Month of PHP Bugs. One of these PHP bugs can be triggered by phpMyAdmin which uses a recursive function in its normal operation.
Severity
We consider this vulnerability to be serious.
Affected Versions
All versions prior to 2.10.0.2.
Solution
Upgrade to phpMyAdmin 2.10.0.2 or newer. Note that upgrading phpMyAdmin does not protect a server against an attacker that targets other vulnerable PHP applications.
References
<http://www.php-security.org/MOPB/MOPB-02-2007.html>
Assigned CVE ids: CVE-2007-1325
Patches
The following commits have been made to fix this issue:
More information
For further information and in case of questions, please contact the phpMyAdmin team. Our website is phpmyadmin.net.
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:N/I:N/A:C
EPSS
Percentile
92.4%