Lucene search

PRIOn knowledge basePRION:CVE-2007-0906

HistoryFeb 13, 2007 - 11:28 p.m.

Integer overflow

2007-02-1323:28:00

PRIOn knowledge base

www.prio-n.com

7.9 High

AI Score

Confidence

High

0.043 Low

EPSS

Percentile

92.4%

JSON

Multiple buffer overflows in PHP before 5.2.1 allow attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors in the (1) session, (2) zip, (3) imap, and (4) sqlite extensions; (5) stream filters; and the (6) str_replace, (7) mail, (8) ibase_delete_user, (9) ibase_add_user, and (10) ibase_modify_user functions. NOTE: vector 6 might actually be an integer overflow (CVE-2007-1885). NOTE: as of 20070411, vector (3) might involve the imap_mail_compose function (CVE-2007-1825).

CPENameOperatorVersion
phpeq4.3.9
phpeq3.0
phpeq3.0.5
phpeq3.0.11
phpeq5.1.5
phpeq5.1.2
phpeq4.2.0
phpeq5.1.1
phpeq3.0.1
phpeq3.0.2

Name	Operator	Version
php	eq	4.3.9
php	eq	3.0
php	eq	3.0.5
php	eq	3.0.11
php	eq	5.1.5
php	eq	5.1.2
php	eq	4.2.0
php	eq	5.1.1
php	eq	3.0.1
php	eq	3.0.2

Rows per page:

1-10 of 771

References

ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc

lists.opensuse.org/opensuse-security-announce/2007-07/msg00006.html

lists.suse.com/archive/suse-security-announce/2007-Mar/0003.html

osvdb.org/34706

osvdb.org/34707

osvdb.org/34708

osvdb.org/34709

osvdb.org/34710

osvdb.org/34711

osvdb.org/34712

osvdb.org/34713

osvdb.org/34714

osvdb.org/34715

rhn.redhat.com/errata/RHSA-2007-0089.html

secunia.com/advisories/24089

secunia.com/advisories/24195

secunia.com/advisories/24217

secunia.com/advisories/24236

secunia.com/advisories/24248

secunia.com/advisories/24284

secunia.com/advisories/24295

secunia.com/advisories/24322

secunia.com/advisories/24419

secunia.com/advisories/24421

secunia.com/advisories/24432

secunia.com/advisories/24514

secunia.com/advisories/24606

secunia.com/advisories/24642

secunia.com/advisories/24945

secunia.com/advisories/26048

security.gentoo.org/glsa/glsa-200703-21.xml

support.avaya.com/elmodocs2/security/ASA-2007-101.htm

support.avaya.com/elmodocs2/security/ASA-2007-136.htm

www.mandriva.com/security/advisories?name=MDKSA-2007:048

www.openpkg.com/security/advisories/OpenPKG-SA-2007.010.html

www.osvdb.org/32776

www.php.net/ChangeLog-5.php

www.php.net/releases/5_2_1.php

www.redhat.com/support/errata/RHSA-2007-0076.html

www.redhat.com/support/errata/RHSA-2007-0081.html

www.redhat.com/support/errata/RHSA-2007-0082.html

www.redhat.com/support/errata/RHSA-2007-0088.html

www.securityfocus.com/archive/1/461462/100/0/threaded

www.securityfocus.com/archive/1/466166/100/0/threaded

www.securityfocus.com/bid/22496

www.securitytracker.com/id?1017671

www.trustix.org/errata/2007/0009/

www.ubuntu.com/usn/usn-424-1

www.ubuntu.com/usn/usn-424-2

www.us.debian.org/security/2007/dsa-1264

www.vupen.com/english/advisories/2007/0546

issues.rpath.com/browse/RPL-1088

issues.rpath.com/browse/RPL-1268

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8992