Lucene search

K

[email protected]CVE-2007-0909

HistoryFeb 13, 2007 - 11:28 p.m.

CVE-2007-0909

2007-02-1323:28:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

61

cve-2007-0909

php

format string vulnerabilities

arbitrary code execution

7.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.022 Low

EPSS

Percentile

89.2%

Multiple format string vulnerabilities in PHP before 5.2.1 might allow attackers to execute arbitrary code via format string specifiers to (1) all of the *print functions on 64-bit systems, and (2) the odbc_result_all function.

CPENameOperatorVersion
php:phpphpeq4.3.9
php:phpphpeq3.0
php:phpphpeq3.0.5
php:phpphpeq3.0.11
php:phpphpeq5.1.5
php:phpphpeq5.1.2
php:phpphpeq4.2.0
php:phpphpeq5.1.1
php:phpphpeq3.0.1
php:phpphpeq3.0.2

Rows per page:

1-10 of 691

References

ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc

lists.suse.com/archive/suse-security-announce/2007-Mar/0003.html

osvdb.org/32764

osvdb.org/32765

rhn.redhat.com/errata/RHSA-2007-0089.html

secunia.com/advisories/24089

secunia.com/advisories/24195

secunia.com/advisories/24217

secunia.com/advisories/24236

secunia.com/advisories/24248

secunia.com/advisories/24284

secunia.com/advisories/24295

secunia.com/advisories/24322

secunia.com/advisories/24419

secunia.com/advisories/24421

secunia.com/advisories/24432

secunia.com/advisories/24514

secunia.com/advisories/24606

secunia.com/advisories/24642

security.gentoo.org/glsa/glsa-200703-21.xml

support.avaya.com/elmodocs2/security/ASA-2007-101.htm

support.avaya.com/elmodocs2/security/ASA-2007-136.htm

www.mandriva.com/security/advisories?name=MDKSA-2007:048

www.openpkg.com/security/advisories/OpenPKG-SA-2007.010.html

www.php.net/ChangeLog-5.php#5.2.1

www.php.net/releases/5_2_1.php

www.redhat.com/support/errata/RHSA-2007-0076.html

www.redhat.com/support/errata/RHSA-2007-0081.html

www.redhat.com/support/errata/RHSA-2007-0082.html

www.redhat.com/support/errata/RHSA-2007-0088.html

www.securityfocus.com/archive/1/461462/100/0/threaded

www.securityfocus.com/bid/22496

www.securitytracker.com/id?1017671

www.trustix.org/errata/2007/0009/

www.ubuntu.com/usn/usn-424-1

www.ubuntu.com/usn/usn-424-2

www.us.debian.org/security/2007/dsa-1264

www.vupen.com/english/advisories/2007/0546

issues.rpath.com/browse/RPL-1088

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9722

7.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.022 Low

EPSS

Percentile

89.2%

Related for CVE-2007-0909

prion1 veracode1 ubuntucve1 securityvulns1 nessus18 fedora4 openvas19 ubuntu2 osv1 slackware1 freebsd1 debian1 suse1 redhat4 oraclelinux2 centos2 gentoo1