Lucene search
HistoryApr 06, 2007 - 1:19 a.m.
CVE-2007-1890
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.8
Confidence
Low
EPSS
0.008
Percentile
82.0%
Integer overflow in the msg_receive function in PHP 4 before 4.4.5 and PHP 5 before 5.2.1, on FreeBSD and possibly other platforms, allows context-dependent attackers to execute arbitrary code via certain maxsize values, as demonstrated by 0xffffffff.
Affected configurations
Node
phpphpMatch4.0.0
ORphpphpMatch4.0.1
ORphpphpMatch4.0.1patch1
ORphpphpMatch4.0.1patch2
ORphpphpMatch4.0.2
ORphpphpMatch4.0.3
ORphpphpMatch4.0.3patch1
ORphpphpMatch4.0.4
ORphpphpMatch4.0.4patch1
ORphpphpMatch4.0.5
ORphpphpMatch4.0.6
ORphpphpMatch4.0.7
ORphpphpMatch4.0.7rc1
ORphpphpMatch4.0.7rc2
ORphpphpMatch4.0.7rc3
ORphpphpMatch4.1.0
ORphpphpMatch4.1.1
ORphpphpMatch4.1.2
ORphpphpMatch4.2dev
ORphpphpMatch4.2.0
ORphpphpMatch4.2.1
ORphpphpMatch4.2.2
ORphpphpMatch4.2.3
ORphpphpMatch4.3.0
ORphpphpMatch4.3.1
ORphpphpMatch4.3.2
ORphpphpMatch4.3.3
ORphpphpMatch4.3.4
ORphpphpMatch4.3.5
ORphpphpMatch4.3.6
ORphpphpMatch4.3.7
ORphpphpMatch4.3.8
ORphpphpMatch4.3.9
ORphpphpMatch4.3.10
ORphpphpMatch4.3.11
ORphpphpMatch4.4.0
ORphpphpMatch4.4.1
ORphpphpMatch4.4.2
ORphpphpMatch4.4.3
ORphpphpMatch4.4.4
ORphpphpMatch5.0rc1
ORphpphpMatch5.0rc2
ORphpphpMatch5.0rc3
ORphpphpMatch5.0.0
ORphpphpMatch5.0.0beta1
ORphpphpMatch5.0.0beta2
ORphpphpMatch5.0.0beta3
ORphpphpMatch5.0.0beta4
ORphpphpMatch5.0.0rc1
ORphpphpMatch5.0.0rc2
ORphpphpMatch5.0.0rc3
ORphpphpMatch5.0.1
ORphpphpMatch5.0.2
ORphpphpMatch5.0.3
ORphpphpMatch5.0.4
ORphpphpMatch5.0.5
ORphpphpMatch5.1.0
ORphpphpMatch5.1.1
ORphpphpMatch5.1.2
ORphpphpMatch5.1.3
ORphpphpMatch5.1.4
ORphpphpMatch5.1.5
ORphpphpMatch5.1.6
ORphpphpMatch5.2.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| php | php | 4.0.0 | cpe:2.3:a:php:php:4.0.0:*:*:*:*:*:*:* |
| php | php | 4.0.1 | cpe:2.3:a:php:php:4.0.1:*:*:*:*:*:*:* |
| php | php | 4.0.1 | cpe:2.3:a:php:php:4.0.1:patch1:*:*:*:*:*:* |
| php | php | 4.0.1 | cpe:2.3:a:php:php:4.0.1:patch2:*:*:*:*:*:* |
| php | php | 4.0.2 | cpe:2.3:a:php:php:4.0.2:*:*:*:*:*:*:* |
| php | php | 4.0.3 | cpe:2.3:a:php:php:4.0.3:*:*:*:*:*:*:* |
| php | php | 4.0.3 | cpe:2.3:a:php:php:4.0.3:patch1:*:*:*:*:*:* |
| php | php | 4.0.4 | cpe:2.3:a:php:php:4.0.4:*:*:*:*:*:*:* |
| php | php | 4.0.4 | cpe:2.3:a:php:php:4.0.4:patch1:*:*:*:*:*:* |
| php | php | 4.0.5 | cpe:2.3:a:php:php:4.0.5:*:*:*:*:*:*:* |
Related
exploitdb
exploitdb
PHP 5.1.6 - 'Msg_Receive()' Memory Allocation Integer Overflow
2007-03-31 00:00:00
cvelist
cvelist
CVE-2007-1890
2007-04-06 01:00:00
cve
cve
CVE-2007-1890
2007-04-06 01:19:00
prion
prion
Integer overflow
2007-04-06 01:19:00
ubuntucve
ubuntucve
CVE-2007-1890
2007-04-06 00:00:00
redhatcve
redhatcve
CVE-2007-1890
2015-10-30 09:37:00
securityvulns
securityvulns
PHP msg_receive() integer overflow
2007-04-08 00:00:00
nessus
nessus
PHP < 4.4.5 Multiple Vulnerabilities
2007-04-02 00:00:00
PHP < 5.2.1 Multiple Vulnerabilities
2007-04-02 00:00:00
openvas
openvas
PHP < 4.4.5 Multiple Vulnerabilities
2012-06-21 00:00:00
PHP < 4.4.5 Multiple Vulnerabilities
2020-08-17 00:00:00
PHP < 5.2.1 Multiple Vulnerabilities
2012-06-21 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.8
Confidence
Low
EPSS
0.008
Percentile
82.0%
Related for NVD:CVE-2007-1890