Lucene search
Redhat.comRH:CVE-2007-1460HistoryOct 30, 2015 - 9:48 a.m.
CVE-2007-1460
2015-10-3009:48:00
redhat.com
access.redhat.com
6
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
7.3 High
AI Score
Confidence
Low
0.009 Low
EPSS
Percentile
82.5%
The zip:// URL wrapper provided by the PECL zip extension in PHP before 4.4.7, and 5.2.0 and 5.2.1, does not implement safemode or open_basedir checks, which allows remote attackers to read ZIP archives located outside of the intended directories.
Related
nvd
nvd
CVE-2007-1460
2007-03-14 18:19:00
cvelist
cvelist
CVE-2007-1460
2007-03-14 18:00:00
prion
prion
Code injection
2007-03-14 18:19:00
ubuntucve
ubuntucve
CVE-2007-1460
2007-03-14 00:00:00
cve
cve
CVE-2007-1460
2007-03-14 18:19:00
securityvulns
securityvulns
PHP zip:// URL buffer overflow
2007-03-10 00:00:00
suse
suse
remote code execution in php4,php5
2007-05-23 13:16:49
nessus
nessus
openSUSE 10 Security Update : apache2-mod_php5 (apache2-mod_php5-3289)
2007-10-17 00:00:00
PHP < 4.4.7 / 5.2.2 Multiple Vulnerabilities
2007-05-04 00:00:00
Mac OS X Multiple Vulnerabilities (Security Update 2007-007)
2007-08-02 00:00:00
openvas
openvas
SuSE Update for php4,php5 SUSE-SA:2007:032
2009-01-28 00:00:00
seebug
seebug
Mac OS X 2007-007更新修复多个安全漏洞
2007-08-02 00:00:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
7.3 High
AI Score
Confidence
Low
0.009 Low
EPSS
Percentile
82.5%
Related for RH:CVE-2007-1460