Lucene search
MitreCVE-2007-5984HistoryNov 15, 2007 - 12:46 a.m.
CVE-2007-5984
2007-11-1500:46:00
CWE-20
mitre
web.nvd.nist.gov
20
cve-2007-5984
url.php
justin hagstrom
autoindex
php script
denial of service
cpu
memory consumption
nvd
CVSS2
7.8
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
AI Score
6.7
Confidence
High
EPSS
0.082
Percentile
94.4%
classes/Url.php in Justin Hagstrom AutoIndex PHP Script before 2.2.4 allows remote attackers to cause a denial of service (CPU and memory consumption) via a %00 sequence in the dir parameter to index.php, which triggers an erroneous “recursive calculation.”
Affected configurations
Node
justin_hagstromautoindex_php_scriptMatch2.0.0
ORjustin_hagstromautoindex_php_scriptMatch2.0.1
ORjustin_hagstromautoindex_php_scriptMatch2.0.2
ORjustin_hagstromautoindex_php_scriptMatch2.0.3
ORjustin_hagstromautoindex_php_scriptMatch2.0.4
ORjustin_hagstromautoindex_php_scriptMatch2.0.5
ORjustin_hagstromautoindex_php_scriptMatch2.0.6
ORjustin_hagstromautoindex_php_scriptMatch2.0.7
ORjustin_hagstromautoindex_php_scriptMatch2.1.0
ORjustin_hagstromautoindex_php_scriptMatch2.1.1
ORjustin_hagstromautoindex_php_scriptMatch2.1.2
ORjustin_hagstromautoindex_php_scriptMatch2.2.0
ORjustin_hagstromautoindex_php_scriptMatch2.2.1
ORjustin_hagstromautoindex_php_scriptMatch2.2.2
ORjustin_hagstromautoindex_php_scriptMatch2.2.3
| Vendor | Product | Version | CPE |
|---|---|---|---|
| justin_hagstrom | autoindex_php_script | 2.0.0 | cpe:2.3:a:justin_hagstrom:autoindex_php_script:2.0.0:*:*:*:*:*:*:* |
| justin_hagstrom | autoindex_php_script | 2.0.1 | cpe:2.3:a:justin_hagstrom:autoindex_php_script:2.0.1:*:*:*:*:*:*:* |
| justin_hagstrom | autoindex_php_script | 2.0.2 | cpe:2.3:a:justin_hagstrom:autoindex_php_script:2.0.2:*:*:*:*:*:*:* |
| justin_hagstrom | autoindex_php_script | 2.0.3 | cpe:2.3:a:justin_hagstrom:autoindex_php_script:2.0.3:*:*:*:*:*:*:* |
| justin_hagstrom | autoindex_php_script | 2.0.4 | cpe:2.3:a:justin_hagstrom:autoindex_php_script:2.0.4:*:*:*:*:*:*:* |
| justin_hagstrom | autoindex_php_script | 2.0.5 | cpe:2.3:a:justin_hagstrom:autoindex_php_script:2.0.5:*:*:*:*:*:*:* |
| justin_hagstrom | autoindex_php_script | 2.0.6 | cpe:2.3:a:justin_hagstrom:autoindex_php_script:2.0.6:*:*:*:*:*:*:* |
| justin_hagstrom | autoindex_php_script | 2.0.7 | cpe:2.3:a:justin_hagstrom:autoindex_php_script:2.0.7:*:*:*:*:*:*:* |
| justin_hagstrom | autoindex_php_script | 2.1.0 | cpe:2.3:a:justin_hagstrom:autoindex_php_script:2.1.0:*:*:*:*:*:*:* |
| justin_hagstrom | autoindex_php_script | 2.1.1 | cpe:2.3:a:justin_hagstrom:autoindex_php_script:2.1.1:*:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2007-5984
2007-11-15 00:46:00
cvelist
cvelist
CVE-2007-5984
2007-11-15 00:00:00
prion
prion
Design/Logic Flaw
2007-11-15 00:46:00
exploitdb
exploitdb
AutoIndex PHP Script 2.2.2/2.2.3 - 'index.php' Denial of Service
2007-11-12 00:00:00
CVSS2
7.8
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
AI Score
6.7
Confidence
High
EPSS
0.082
Percentile
94.4%
Related for CVE-2007-5984