CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:N/I:N/A:C
EPSS
Percentile
92.4%
Announcement-ID: PMASA-2007-3
Date: 2007-03-02
PHP Executor Deep Recursion Stack Overflow
Stefan Esser from the Hardened-PHP Project is publishing the Month of PHP Bugs. One of these PHP bugs can be triggered by phpMyAdmin which uses a recursive function in its normal operation.
We consider this vulnerability to be serious.
All versions prior to 2.10.0.2.
Upgrade to phpMyAdmin 2.10.0.2 or newer. Note that upgrading phpMyAdmin does not protect a server against an attacker that targets other vulnerable PHP applications.
<http://www.php-security.org/MOPB/MOPB-02-2007.html>
Assigned CVE ids: CVE-2007-1325
The following commits have been made to fix this issue:
For further information and in case of questions, please contact the phpMyAdmin team. Our website is phpmyadmin.net.