Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2007-1700

Опубликовано: 27 мар. 2007
Источник: debian
EPSS Низкий

Описание

The session extension in PHP 4 before 4.4.5, and PHP 5 before 5.2.1, calculates the reference count for the session variables without considering the internal pointer from the session globals, which allows context-dependent attackers to execute arbitrary code via a crafted string in the session_register after unsetting HTTP_SESSION_VARS and _SESSION, which destroys the session data Hashtable.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
php5fixed5.2.0-9package
php4fixed6:4.4.4-9package
php5fixed5.2.0-8+etch1etchpackage
php4fixed6:4.4.4-8+etch1etchpackage
php4fixed4:4.3.10-21sargepackage

Примечания

  • This was fixed as a side-effect of previous security fixes, noting the

  • status as of DSA-1286 as fixed version. likewise the oldstable

  • version was fixed.

EPSS

Процентиль: 87%
0.03308
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2007-1700

ubuntu
больше 18 лет назад

The session extension in PHP 4 before 4.4.5, and PHP 5 before 5.2.1, calculates the reference count for the session variables without considering the internal pointer from the session globals, which allows context-dependent attackers to execute arbitrary code via a crafted string in the session_register after unsetting HTTP_SESSION_VARS and _SESSION, which destroys the session data Hashtable.

nvd логотип

CVE-2007-1700

nvd
больше 18 лет назад

The session extension in PHP 4 before 4.4.5, and PHP 5 before 5.2.1, calculates the reference count for the session variables without considering the internal pointer from the session globals, which allows context-dependent attackers to execute arbitrary code via a crafted string in the session_register after unsetting HTTP_SESSION_VARS and _SESSION, which destroys the session data Hashtable.

github логотип

GHSA-2966-gh5h-j633

github
около 3 лет назад

The session extension in PHP 4 before 4.4.5, and PHP 5 before 5.2.1, calculates the reference count for the session variables without considering the internal pointer from the session globals, which allows context-dependent attackers to execute arbitrary code via a crafted string in the session_register after unsetting HTTP_SESSION_VARS and _SESSION, which destroys the session data Hashtable.

EPSS

Процентиль: 87%
0.03308
Низкий