Lucene search
HistoryMar 24, 2007 - 12:19 a.m.
CVE-2007-1649
php
5.2.1
heap memory
attackers
serialized data
nvd
7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:C/I:N/A:N
9.3 High
AI Score
Confidence
High
0.008 Low
EPSS
Percentile
81.8%
PHP 5.2.1 allows context-dependent attackers to read portions of heap memory by executing certain scripts with a serialized data input string beginning with S:, which does not properly track the number of input bytes being processed.
Affected configurations
Node
phpphpMatch5.2.1
Related
prion
prion
Input validation
2007-03-24 00:19:00
openvas
openvas
PHP < 5.2.2 Security Vulnerability
2012-06-21 00:00:00
PHP < 5.2.2 'CVE-2007-1649' Vulnerability
2020-08-17 00:00:00
Mandriva Update for php MDVSA-2008:126 (php)
2009-04-09 00:00:00
ubuntucve
ubuntucve
CVE-2007-1649
2007-03-24 00:00:00
securityvulns
securityvulns
PHP unserialize() function information leak
2007-03-25 00:00:00
nvd
nvd
CVE-2007-1649
2007-03-24 00:19:00
cvelist
cvelist
CVE-2007-1649
2007-03-24 00:00:00
redhatcve
redhatcve
CVE-2007-1649
2015-10-30 10:22:12
nessus
nessus
PHP 5.x < 5.2.2 Multiple vulnerabilities
2012-01-11 00:00:00
Mandriva Linux Security Advisory : php (MDVSA-2008:126)
2009-04-23 00:00:00
7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:C/I:N/A:N
9.3 High
AI Score
Confidence
High
0.008 Low
EPSS
Percentile
81.8%
Related for CVE-2007-1649