Lucene search
Redhat.comRH:CVE-2007-1461HistoryOct 30, 2015 - 9:47 a.m.
CVE-2007-1461
2015-10-3009:47:55
redhat.com
access.redhat.com
3
7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:C/I:N/A:N
7.3 High
AI Score
Confidence
Low
0.009 Low
EPSS
Percentile
82.5%
The compress.bzip2:// URL wrapper provided by the bz2 extension in PHP before 4.4.7, and 5.x before 5.2.2, does not implement safemode or open_basedir checks, which allows remote attackers to read bzip2 archives located outside of the intended directories.
Related
securityvulns
securityvulns
PHP compress.bzip2:// URL safe mode protection bypass
2007-03-17 00:00:00
cve
cve
CVE-2007-1461
2007-03-14 18:19:00
nvd
nvd
CVE-2007-1461
2007-03-14 18:19:00
prion
prion
Code injection
2007-03-14 18:19:00
ubuntucve
ubuntucve
CVE-2007-1461
2007-03-14 00:00:00
cvelist
cvelist
CVE-2007-1461
2007-03-14 18:00:00
nessus
nessus
SuSE 10 Security Update : PHP5 (ZYPP Patch Number 3290)
2007-12-13 00:00:00
openSUSE 10 Security Update : apache2-mod_php5 (apache2-mod_php5-3289)
2007-10-17 00:00:00
PHP < 4.4.7 / 5.2.2 Multiple Vulnerabilities
2007-05-04 00:00:00
openvas
openvas
SLES9: Security update for PHP4
2009-10-10 00:00:00
SLES9: Security update for PHP4
2009-10-10 00:00:00
SuSE Update for php4,php5 SUSE-SA:2007:032
2009-01-28 00:00:00
suse
suse
remote code execution in php4,php5
2007-05-23 13:16:49
seebug
seebug
Mac OS X 2007-007更新修复多个安全漏洞
2007-08-02 00:00:00
7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:C/I:N/A:N
7.3 High
AI Score
Confidence
Low
0.009 Low
EPSS
Percentile
82.5%
Related for RH:CVE-2007-1461