Lucene search

PRIOn knowledge basePRION:CVE-2007-1777

HistoryMar 30, 2007 - 1:19 a.m.

Integer overflow

2007-03-3001:19:00

PRIOn knowledge base

www.prio-n.com

8.1 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.223 Low

EPSS

Percentile

96.4%

JSON

Integer overflow in the zip_read_entry function in PHP 4 before 4.4.5 allows remote attackers to execute arbitrary code via a ZIP archive that contains an entry with a length value of 0xffffffff, which is incremented before use in an emalloc call, triggering a heap overflow.

CPENameOperatorVersion
phpeq4.3.9
phpeq3.0
phpeq3.0.5
phpeq3.0.11
phpeq4.2.0
phpeq3.0.1
phpeq3.0.2
phpeq4.4.4
phpeq4.1.0
phpeq4.3.4

Name	Operator	Version
php	eq	4.3.9
php	eq	3.0
php	eq	3.0.5
php	eq	3.0.11
php	eq	4.2.0
php	eq	3.0.1
php	eq	3.0.2
php	eq	4.4.4
php	eq	4.1.0
php	eq	4.3.4

Rows per page:

1-10 of 591

References

secunia.com/advisories/25025

secunia.com/advisories/25062

www.debian.org/security/2007/dsa-1282

www.debian.org/security/2007/dsa-1283

www.mandriva.com/security/advisories?name=MDVSA-2008:130

www.php-security.org/MOPB/MOPB-35-2007.html

www.securityfocus.com/bid/23169

exchange.xforce.ibmcloud.com/vulnerabilities/33652

8.1 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.223 Low

EPSS

Percentile

96.4%

JSON

Related for PRION:CVE-2007-1777