Lucene search

[email protected]CVE-2007-1381

HistoryMar 10, 2007 - 12:19 a.m.

CVE-2007-1381

2007-03-1000:19:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2007-1381

php 5

wddx_deserialize

buffer overflow

nvd

security vulnerability

7.8 High

AI Score

Confidence

Low

7.6 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.012 Low

EPSS

Percentile

85.2%

JSON

The wddx_deserialize function in wddx.c 1.119.2.10.2.12 and 1.119.2.10.2.13 in PHP 5, as modified in CVS on 20070224 and fixed on 20070304, calls strlcpy where strlcat was intended and uses improper arguments, which allows context-dependent attackers to execute arbitrary code via a WDDX packet with a malformed overlap of a STRING element, which triggers a buffer overflow.

CPENameOperatorVersion
php:phpphpeq5.0.0

CPE	Name	Operator	Version
php:php	php	eq	5.0.0

References

cvs.php.net/viewvc.cgi/php-src/ext/wddx/wddx.c?r1=1.119.2.10.2.13&r2=1.119.2.10.2.14

cvs.php.net/viewvc.cgi/php-src/ext/wddx/wddx.c?revision=1.119.2.10.2.14&view=markup

www.osvdb.org/32775

www.php-security.org/MOPB/MOPB-09-2007.html

7.8 High

AI Score

Confidence

Low

7.6 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.012 Low

EPSS

Percentile

85.2%

JSON

Related for CVE-2007-1381

prion1 ubuntucve1 redhatcve1 securityvulns1 openvas2 nessus1