CVE-2007-0975

2007-02-1601:00:00

mitre

www.cve.org

6.5 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

70.1%

JSON

Variable extraction vulnerability in Ian Bezanson Apache Stats before 0.0.3 beta allows attackers to overwrite critical variables, with unknown impact, when the extract function is used on the _REQUEST superglobal array.

References

sourceforge.net/forum/forum.php?forum_id=660919

superb-east.dl.sourceforge.net/sourceforge/apachestats/apacheStats_0.0.3Beta.tar.bz2

www.vupen.com/english/advisories/2007/0598