Vulnerability CVE-2007-0905


Published: 2007-02-13   Modified: 2012-02-12

Description:
PHP before 5.2.1 allows attackers to bypass safe_mode and open_basedir restrictions via unspecified vectors in the session extension. NOTE: it is possible that this issue is a duplicate of CVE-2006-6383.

Type:

CWE-Other

Vendor: PHP
Product: PHP 
Version:
5.2.0
5.1.6
5.1.5
5.1.4
5.1.3
5.1.2
5.1.1
5.1.0
5.1
5.0.5
5.0.4
5.0.3
5.0.2
5.0.1
5.0.0
5.0
4.4.4
4.4.3
4.4.2
4.4.1
4.4.0
4.3.9
4.3.8
4.3.7
4.3.6
4.3.5
4.3.4
4.3.3
4.3.2
4.3.11
4.3.10
4.3.1
4.3.0
4.3
4.2.3
4.2.2
4.2.1
4.2.0
4.2
4.1.2
4.1.1
4.1.0
4.0.7
4.0.6
4.0.5
4.0.4
4.0.3
4.0.2
4.0.1
4.0
3.0.9
3.0.8
3.0.7
3.0.6
3.0.5
3.0.4
3.0.3
3.0.2
3.0.18
3.0.17
3.0.16
3.0.15
3.0.14
3.0.13
3.0.12
3.0.11
3.0.10
3.0.1
3.0
Vendor: Trustix
Product: Secure linux 
Version: 3.0; 2.2;

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.5/10
6.4/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial

 References:
http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.010.html
http://www.php.net/ChangeLog-5.php#5.2.1
http://www.php.net/releases/5_2_1.php
http://www.securityfocus.com/bid/22496
http://www.trustix.org/errata/2007/0009/
http://www.vupen.com/english/advisories/2007/0546

Related CVE
CVE-2007-0907
Buffer underflow in PHP before 5.2.1 allows attackers to cause a denial of service via unspecified vectors involving the sapi_header_op function.
CVE-2007-0909
Multiple format string vulnerabilities in PHP before 5.2.1 might allow attackers to execute arbitrary code via format string specifiers to (1) all of the *print functions on 64-bit systems, and (2) the odbc_result_all function.
CVE-2007-0910
Unspecified vulnerability in PHP before 5.2.1 allows attackers to "clobber" certain super-global variables via unspecified vectors.
CVE-2007-0906
Multiple buffer overflows in PHP before 5.2.1 allow attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors in the (1) session, (2) zip, (3) imap, and (4) sqlite extensions; (5) stream filters; and the (6) s...
CVE-2005-3625
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and ...
CVE-2005-3626
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.
CVE-2005-3624
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to int...
CVE-2005-3233
Multiple interpretation error in unspecified versions of Trustix Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opene...

Copyright 2019, cxsecurity.com

 

Back to Top