Lucene search

K

MitreCVELIST:CVE-2007-3806

HistoryJul 17, 2007 - 12:00 a.m.

CVE-2007-3806

2007-07-1700:00:00

mitre

www.cve.org

7.5 High

AI Score

Confidence

High

0.017 Low

EPSS

Percentile

87.9%

The glob function in PHP 5.2.3 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via an invalid value of the flags parameter, probably related to memory corruption or an invalid read on win32 platforms, and possibly related to lack of initialization for a glob structure.

References

cvs.php.net/viewvc.cgi/php-src/ext/standard/dir.c?r1=1.166&r2=1.167

cvs.php.net/viewvc.cgi/php-src/ext/standard/dir.c?view=log

osvdb.org/36085

secunia.com/advisories/26085

secunia.com/advisories/26642

secunia.com/advisories/27102

secunia.com/advisories/30158

secunia.com/advisories/30288

www.debian.org/security/2008/dsa-1572

www.debian.org/security/2008/dsa-1578

www.exploit-db.com/exploits/4181

www.gentoo.org/security/en/glsa/glsa-200710-02.xml

www.php.net/ChangeLog-5.php#5.2.4

www.php.net/releases/5_2_4.php

www.securityfocus.com/bid/24922

www.securityfocus.com/bid/25498

www.vupen.com/english/advisories/2007/2547

exchange.xforce.ibmcloud.com/vulnerabilities/35437

7.5 High

AI Score

Confidence

High

0.017 Low

EPSS

Percentile

87.9%

Related for CVELIST:CVE-2007-3806

redhatcve1 seebug1 cve1 prion1 ubuntucve1 nvd1 openvas10 osv2 nessus5 debian2 freebsd1 gentoo1