Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatcveRedhat.comRH:CVE-2007-5653
HistoryOct 30, 2015 - 9:50 a.m.

CVE-2007-5653

2015-10-3009:50:21
redhat.com
access.redhat.com
9

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.3

Confidence

Low

EPSS

0.007

Percentile

81.3%

JSON

The Component Object Model (COM) functions in PHP 5.x on Windows do not follow safe_mode and disable_functions restrictions, which allows context-dependent attackers to bypass intended limitations, as demonstrated by executing objects with the kill bit set in the corresponding ActiveX control Compatibility Flags, executing programs via a function in compatUI.dll, invoking wscript.shell via wscript.exe, invoking Scripting.FileSystemObject via wshom.ocx, and adding users via a function in shgina.dll, related to the com_load_typelib function.

Related

cve 1
cvelist 1
nvd 1
prion 1
openvas 2
nessus 1
cve
cve
CVE-2007-5653
2007-10-23 21:47:00
cvelist
cvelist
CVE-2007-5653
2007-10-23 21:00:00
nvd
nvd
CVE-2007-5653
2007-10-23 21:47:00
prion
prion
Design/Logic Flaw
2007-10-23 21:47:00
openvas
openvas
PHP < 5.2.5 Multiple Vulnerabilities
2020-08-17 00:00:00
PHP < 5.2.5 Multiple Vulnerabilities
2012-06-21 00:00:00
nessus
nessus
PHP < 5.2.5 Multiple Vulnerabilities
2007-11-12 00:00:00

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.3

Confidence

Low

EPSS

0.007

Percentile

81.3%

JSON
Related for RH:CVE-2007-5653
cve1cvelist1nvd1prion1openvas2nessus1