CVE-2007-1864

Опубликовано: 09 мая 2007

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Buffer overflow in the bundled libxmlrpc library in PHP before 4.4.7, and 5.x before 5.2.2, has unknown impact and remote attack vectors.

Ссылки

http://lists.opensuse.org/opensuse-security-announce/2007-07/msg00006.html
Mailing List
Third Party Advisory
http://osvdb.org/34674
Broken Link
http://secunia.com/advisories/25187
Permissions Required
Third Party Advisory
http://secunia.com/advisories/25191
Permissions Required
Third Party Advisory
http://secunia.com/advisories/25255
Permissions Required
Third Party Advisory
http://secunia.com/advisories/25445
Permissions Required
Third Party Advisory
http://secunia.com/advisories/25660
Permissions Required
Third Party Advisory
http://secunia.com/advisories/25938
Permissions Required
Third Party Advisory
http://secunia.com/advisories/25945
Permissions Required
Third Party Advisory
http://secunia.com/advisories/26048
Permissions Required
Third Party Advisory
http://secunia.com/advisories/26102
Permissions Required
Third Party Advisory
http://secunia.com/advisories/27377
Permissions Required
Third Party Advisory
http://security.gentoo.org/glsa/glsa-200705-19.xml
Third Party Advisory
http://support.avaya.com/elmodocs2/security/ASA-2007-231.htm
Third Party Advisory
http://us2.php.net/releases/4_4_7.php
Patch
Vendor Advisory
http://us2.php.net/releases/5_2_2.php
Patch
Vendor Advisory
http://www.debian.org/security/2007/dsa-1330
Third Party Advisory
http://www.debian.org/security/2007/dsa-1331
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2007:102
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2007:103
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:php:php:*:*:*:*:*:*:*:*

Версия до 4.4.7 (исключая)

cpe:2.3:a:php:php:*:*:*:*:*:*:*:*

Версия от 5.1.0 (включая) до 5.1.6 (включая)

cpe:2.3:a:php:php:*:*:*:*:*:*:*:*

Версия от 5.2.0 (включая) до 5.2.2 (исключая)

Конфигурация 2

Одно из

cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*

Конфигурация 3

Одно из

cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*

Конфигурация 4

Одно из

cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*

EPSS

Процентиль: 90%

0.05482

Низкий

7.5 High

CVSS2

Дефекты

CWE-119

Связанные уязвимости

CVE-2007-1864

ubuntu

около 18 лет назад

Buffer overflow in the bundled libxmlrpc library in PHP before 4.4.7, and 5.x before 5.2.2, has unknown impact and remote attack vectors.

CVE-2007-1864

redhat

больше 18 лет назад

Buffer overflow in the bundled libxmlrpc library in PHP before 4.4.7, and 5.x before 5.2.2, has unknown impact and remote attack vectors.

CVE-2007-1864

debian

около 18 лет назад

Buffer overflow in the bundled libxmlrpc library in PHP before 4.4.7, ...

GHSA-c645-h8hj-wvjj

github

больше 3 лет назад

Buffer overflow in the bundled libxmlrpc library in PHP before 4.4.7, and 5.x before 5.2.2, has unknown impact and remote attack vectors.

ELSA-2007-0348

oracle-oval

около 18 лет назад

ELSA-2007-0348: Important: php security update (IMPORTANT)

EPSS

Процентиль: 90%

0.05482

Низкий

7.5 High

CVSS2

Дефекты

CWE-119