Lucene search
MitreCVE-2007-5447HistoryOct 14, 2007 - 6:17 p.m.
CVE-2007-5447
2007-10-1418:17:00
CWE-264
mitre
web.nvd.nist.gov
31
cve-2007-5447
ioncube loader
php
security
file reading
bypass restrictions
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
AI Score
9.7
Confidence
High
EPSS
0.005
Percentile
76.6%
ioncube_loader_win_5.2.dll in the ionCube Loader 6.5 extension for PHP 5.2.4 does not follow safe_mode and disable_functions restrictions, which allows context-dependent attackers to bypass intended limitations, as demonstrated by reading arbitrary files via the ioncube_read_file function.
Affected configurations
Node
ioncubephp_encoderMatch6.5
ORphpphpMatch5.2.4
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ioncube | php_encoder | 6.5 | cpe:2.3:a:ioncube:php_encoder:6.5:*:*:*:*:*:*:* |
| php | php | 5.2.4 | cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:* |
Related
exploitdb
exploitdb
nvd
nvd
CVE-2007-5447
2007-10-14 18:17:00
cvelist
cvelist
CVE-2007-5447
2007-10-14 18:00:00
prion
prion
Design/Logic Flaw
2007-10-14 18:17:00
openvas
openvas
PHP < 5.2.5 Multiple Vulnerabilities
2020-08-17 00:00:00
PHP < 5.2.5 Multiple Vulnerabilities
2012-06-21 00:00:00
nessus
nessus
PHP < 5.2.5 Multiple Vulnerabilities
2007-11-12 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
AI Score
9.7
Confidence
High
EPSS
0.005
Percentile
76.6%
Related for CVE-2007-5447