Lucene search
HistoryOct 03, 2022 - 4:14 p.m.
CVE-2007-1452
cve-2007-1452
php
web security
input filtering
application vulnerability
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
6.5 Medium
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
66.2%
The FDF support (ext/fdf) in PHP 5.2.0 and earlier does not implement the input filtering hooks for ext/filter, which allows remote attackers to bypass web site filters via an application/vnd.fdf formatted POST.
Affected configurations
Node
phpphpMatch5.0rc1
ORphpphpMatch5.0rc2
ORphpphpMatch5.0rc3
ORphpphpMatch5.0.0
ORphpphpMatch5.0.1
ORphpphpMatch5.0.2
ORphpphpMatch5.0.3
ORphpphpMatch5.0.4
ORphpphpMatch5.0.5
ORphpphpMatch5.1.0
ORphpphpMatch5.1.1
ORphpphpMatch5.1.2
ORphpphpMatch5.1.3
ORphpphpMatch5.1.4
ORphpphpMatch5.1.5
ORphpphpMatch5.1.6
ORphpphpMatch5.2.0
Related
cvelist
cvelist
CVE-2007-1452
2022-10-03 16:14:26
redhatcve
redhatcve
CVE-2007-1452
2015-10-30 10:20:05
nvd
nvd
CVE-2007-1452
2007-03-14 18:19:00
prion
prion
Input validation
2007-03-14 18:19:00
ubuntucve
ubuntucve
CVE-2007-1452
2007-03-14 00:00:00
securityvulns
securityvulns
PHP CDFP extension cpdf_open information leak
2007-03-10 00:00:00
openvas
openvas
PHP < 5.2.1 Multiple Vulnerabilities
2012-06-21 00:00:00
PHP < 5.2.1 Multiple Vulnerabilities
2020-08-17 00:00:00
nessus
nessus
PHP < 5.2.1 Multiple Vulnerabilities
2007-04-02 00:00:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
6.5 Medium
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
66.2%
Related for CVE-2007-1452