Lucene search

[email protected]CVE-2007-5900

HistoryNov 20, 2007 - 6:46 p.m.

CVE-2007-5900

2007-11-2018:46:00

CWE-264

[email protected]

web.nvd.nist.gov

php

cve-2007-5900

configuration

security bypass

nvd

6.1 Medium

AI Score

Confidence

Low

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

14.3%

JSON

PHP before 5.2.5 allows local users to bypass protection mechanisms configured through php_admin_value or php_admin_flag in httpd.conf by using ini_set to modify arbitrary configuration variables, a different issue than CVE-2006-4625.

CPENameOperatorVersion
php:phpphple5.2.4

CPE	Name	Operator	Version
php:php	php	le	5.2.4

References

bugs.php.net/bug.php?id=41561

secunia.com/advisories/27648

secunia.com/advisories/27659

secunia.com/advisories/30040

securitytracker.com/id?1018934

wiki.rpath.com/wiki/Advisories:rPSA-2007-0242

www.php.net/ChangeLog-5.php#5.2.5

www.php.net/releases/5_2_5.php

www.securityfocus.com/archive/1/491693/100/0/threaded

issues.rpath.com/browse/RPL-1943

6.1 Medium

AI Score

Confidence

Low

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

14.3%

JSON

Related for CVE-2007-5900

ubuntucve2 prion1 securityvulns3 openvas14 packetstorm1 cve1 nessus9 suse1 ubuntu2