Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2007-4782
HistorySep 10, 2007 - 9:17 p.m.

CVE-2007-4782

2007-09-1021:17:00
CWE-94
[email protected]
web.nvd.nist.gov
37
php
cve-2007-4782
denial of service
glob function
fnmatch function

6.8 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.013 Low

EPSS

Percentile

85.8%

JSON

PHP before 5.2.3 allows context-dependent attackers to cause a denial of service (application crash) via (1) a long string in the pattern parameter to the glob function; or (2) a long string in the string parameter to the fnmatch function, accompanied by a pattern parameter value with undefined characteristics, as demonstrated by a “*[1]e” value. NOTE: this might not be a vulnerability in most web server environments that support multiple threads, unless these issues can be demonstrated for code execution.

CPENameOperatorVersion
php:phpphple5.2.3

References

Related

veracode 1
prion 2
ubuntucve 2
f5 2
debiancve 1
cve 1
nessus 18
centos 2
oraclelinux 2
redhat 4
openvas 24
fedora 1
ubuntu 1
suse 1
gentoo 1
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:22:29
prion
prion
Remote code execution
2007-09-10 21:17:00
Design/Logic Flaw
2011-04-08 15:17:00
ubuntucve
ubuntucve
CVE-2007-4782
2007-09-10 00:00:00
CVE-2011-1071
2011-04-08 00:00:00
f5
f5
K15885 : GNU C Library vulnerability CVE-2011-1071
2015-06-13 00:00:00
SOL15885 - GNU C Library vulnerability CVE-2011-1071
2014-11-27 00:00:00
debiancve
debiancve
CVE-2011-1071
2011-04-08 15:17:00
cve
cve
CVE-2011-1071
2011-04-08 15:17:00
nessus
nessus
F5 Networks BIG-IP : GNU C Library vulnerability (SOL15885)
2014-11-28 00:00:00
Scientific Linux Security Update : php on SL5.x i386/x86_64
2012-08-01 00:00:00
Scientific Linux Security Update : php on SL4.x i386/x86_64
2012-08-01 00:00:00
centos
centos
php security update
2008-07-16 16:15:51
php security update
2008-07-16 16:10:52
oraclelinux
oraclelinux
php security and bug fix update
2008-07-16 00:00:00
php security update
2008-07-16 00:00:00
redhat
redhat
(RHSA-2008:0544) Moderate: php security update
2008-07-16 00:00:00
(RHSA-2008:0582) Moderate: php security update
2008-07-22 00:00:00
(RHSA-2008:0545) Moderate: php security and bug fix update
2008-07-16 00:00:00
openvas
openvas
CentOS Update for php CESA-2008:0544 centos3 x86_64
2009-02-27 00:00:00
RedHat Update for php RHSA-2008:0545-01
2009-03-06 00:00:00
RedHat Update for php RHSA-2008:0544-01
2009-03-06 00:00:00
fedora
fedora
[SECURITY] Fedora 8 Update: php-5.2.6-2.fc8
2008-06-20 19:08:56
ubuntu
ubuntu
PHP vulnerabilities
2008-07-23 00:00:00
suse
suse
remote code execution in php4, php5
2008-01-29 14:18:48
gentoo
gentoo
PHP: Multiple vulnerabilities
2007-10-07 00:00:00

6.8 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.013 Low

EPSS

Percentile

85.8%

JSON
Related for CVE-2007-4782
veracode1prion2ubuntucve2f52debiancve1cve1nessus18centos2oraclelinux2redhat4openvas24fedora1ubuntu1suse1gentoo1