Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2007-2509
HistoryMay 09, 2007 - 12:19 a.m.

CVE-2007-2509

2007-05-0900:19:00
CWE-20
[email protected]
web.nvd.nist.gov
9

CVSS2

2.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

AI Score

7.7

Confidence

High

EPSS

0.026

Percentile

90.4%

JSON

CRLF injection vulnerability in the ftp_putcmd function in PHP before 4.4.7, and 5.x before 5.2.2 allows remote attackers to inject arbitrary FTP commands via CRLF sequences in the parameters to earlier FTP commands.

Affected configurations

Nvd
Node
phpphpMatch4.0.0
OR
phpphpMatch4.0.1
OR
phpphpMatch4.0.1patch1
OR
phpphpMatch4.0.1patch2
OR
phpphpMatch4.0.2
OR
phpphpMatch4.0.3
OR
phpphpMatch4.0.3patch1
OR
phpphpMatch4.0.4
OR
phpphpMatch4.0.4patch1
OR
phpphpMatch4.0.5
OR
phpphpMatch4.0.6
OR
phpphpMatch4.0.7
OR
phpphpMatch4.0.7rc1
OR
phpphpMatch4.0.7rc2
OR
phpphpMatch4.0.7rc3
OR
phpphpMatch4.1.0
OR
phpphpMatch4.1.1
OR
phpphpMatch4.1.2
OR
phpphpMatch4.2.0
OR
phpphpMatch4.2.1
OR
phpphpMatch4.2.2
OR
phpphpMatch4.2.3
OR
phpphpMatch4.3.0
OR
phpphpMatch4.3.1
OR
phpphpMatch4.3.2
OR
phpphpMatch4.3.3
OR
phpphpMatch4.3.4
OR
phpphpMatch4.3.5
OR
phpphpMatch4.3.6
OR
phpphpMatch4.3.7
OR
phpphpMatch4.3.8
OR
phpphpMatch4.3.9
OR
phpphpMatch4.3.10
OR
phpphpMatch4.3.11
OR
phpphpMatch4.4.0
OR
phpphpMatch4.4.1
OR
phpphpMatch4.4.2
OR
phpphpMatch4.4.3
OR
phpphpMatch4.4.4
OR
phpphpMatch4.4.5
OR
phpphpMatch4.4.6
OR
phpphpMatch5.0rc1
OR
phpphpMatch5.0rc2
OR
phpphpMatch5.0rc3
OR
phpphpMatch5.0.0
OR
phpphpMatch5.0.1
OR
phpphpMatch5.0.2
OR
phpphpMatch5.0.3
OR
phpphpMatch5.0.4
OR
phpphpMatch5.0.5
OR
phpphpMatch5.1.0
OR
phpphpMatch5.1.1
OR
phpphpMatch5.1.2
OR
phpphpMatch5.1.3
OR
phpphpMatch5.1.4
OR
phpphpMatch5.1.5
OR
phpphpMatch5.1.6
OR
phpphpMatch5.2.0
OR
phpphpMatch5.2.1
VendorProductVersionCPE
phpphp4.0.0cpe:2.3:a:php:php:4.0.0:*:*:*:*:*:*:*
phpphp4.0.1cpe:2.3:a:php:php:4.0.1:*:*:*:*:*:*:*
phpphp4.0.1cpe:2.3:a:php:php:4.0.1:patch1:*:*:*:*:*:*
phpphp4.0.1cpe:2.3:a:php:php:4.0.1:patch2:*:*:*:*:*:*
phpphp4.0.2cpe:2.3:a:php:php:4.0.2:*:*:*:*:*:*:*
phpphp4.0.3cpe:2.3:a:php:php:4.0.3:*:*:*:*:*:*:*
phpphp4.0.3cpe:2.3:a:php:php:4.0.3:patch1:*:*:*:*:*:*
phpphp4.0.4cpe:2.3:a:php:php:4.0.4:*:*:*:*:*:*:*
phpphp4.0.4cpe:2.3:a:php:php:4.0.4:patch1:*:*:*:*:*:*
phpphp4.0.5cpe:2.3:a:php:php:4.0.5:*:*:*:*:*:*:*
Rows per page:
1-10 of 591

References

Related

prion 1
openvas 17
cve 1
ubuntucve 1
securityvulns 1
veracode 1
cvelist 1
nessus 23
debian 2
redhat 5
oraclelinux 3
centos 4
osv 1
fedora 2
ubuntu 1
f5 2
suse 1
gentoo 1
prion
prion
Crlf injection
2007-05-09 00:19:00
openvas
openvas
Debian: Security Advisory (DSA-1296-1)
2008-01-17 00:00:00
Debian Security Advisory DSA 1296-1 (php4)
2008-01-17 00:00:00
Debian Security Advisory DSA 1295-1 (php5)
2008-01-17 00:00:00
cve
cve
CVE-2007-2509
2007-05-09 00:19:00
ubuntucve
ubuntucve
CVE-2007-2509
2007-05-09 00:00:00
securityvulns
securityvulns
PHP FTP commans injection
2007-03-24 00:00:00
veracode
veracode
CRLF Injection
2020-04-10 00:17:46
cvelist
cvelist
CVE-2007-2509
2007-05-09 00:00:00
nessus
nessus
Debian DSA-1296-1 : php4 - missing input sanitising
2007-05-25 00:00:00
RHEL 4 : php (RHSA-2007:0349)
2007-05-10 00:00:00
Debian DSA-1295-1 : php5 - several vulnerabilities
2007-05-25 00:00:00
debian
debian
[SECURITY] [DSA 1296-1] New php4 packages fix privilege escalation
2007-05-21 17:42:19
[SECURITY] [DSA 1295-1] New php5 packages fix several vulnerabilities
2007-05-19 10:39:36
redhat
redhat
(RHSA-2007:0349) Important: php security update
2007-05-09 00:00:00
(RHSA-2007:0348) Important: php security update
2007-05-08 00:00:00
(RHSA-2007:0355) Important: php security update
2007-05-10 00:00:00
oraclelinux
oraclelinux
Important: php security update
2007-05-09 00:00:00
Moderate: php security update
2007-09-26 00:00:00
Important: php security update
2007-06-26 00:00:00
centos
centos
php security update
2007-05-09 15:32:48
php security update
2007-05-10 14:34:11
php security update
2007-10-24 03:08:58
osv
osv
php5
2007-05-19 00:00:00
fedora
fedora
[SECURITY] Fedora Core 6 Update: php-5.1.6-3.6.fc6
2007-05-14 17:11:53
[SECURITY] Fedora Core 5 Update: php-5.1.6-1.6
2007-05-24 05:24:12
ubuntu
ubuntu
PHP vulnerabilities
2007-05-22 00:00:00
f5
f5
K7859 : Multiple PHP vulnerabilities
2013-03-19 00:00:00
SOL7859 - Multiple PHP vulnerabilities
2007-09-16 00:00:00
suse
suse
remote denial of service in php4,php5
2007-07-12 16:26:43
gentoo
gentoo
PHP: Multiple vulnerabilities
2007-05-26 00:00:00

CVSS2

2.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

AI Score

7.7

Confidence

High

EPSS

0.026

Percentile

90.4%

JSON
Related for NVD:CVE-2007-2509
prion1openvas17cve1ubuntucve1securityvulns1veracode1cvelist1nessus23debian2redhat5oraclelinux3centos4osv1fedora2ubuntu1f52suse1gentoo1