Lucene search

PRIOn knowledge basePRION:CVE-2007-1883

HistoryApr 06, 2007 - 1:19 a.m.

Design/Logic Flaw

2007-04-0601:19:00

PRIOn knowledge base

www.prio-n.com

6.6 Medium

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

0.004 Low

EPSS

Percentile

72.9%

JSON

PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows context-dependent attackers to read arbitrary memory locations via an interruption that triggers a user space error handler that changes a parameter to an arbitrary pointer, as demonstrated via the iptcembed function, which calls certain convert_to_* functions with its input parameters.

CPENameOperatorVersion
phpeq4.3.9
phpeq5.1.5
phpeq5.1.2
phpeq4.2.0
phpeq5.1.1
phpeq4.4.4
phpeq5.0.0 beta1
phpeq4.1.0
phpeq5.1.6
phpeq4.3.4

Name	Operator	Version
php	eq	4.3.9
php	eq	5.1.5
php	eq	5.1.2
php	eq	4.2.0
php	eq	5.1.1
php	eq	4.4.4
php	eq	5.0.0 beta1
php	eq	4.1.0
php	eq	5.1.6
php	eq	4.3.4

Rows per page:

1-10 of 671

References

secunia.com/advisories/24542

secunia.com/advisories/27102

www.gentoo.org/security/en/glsa/glsa-200710-02.xml

www.php-security.org/MOPB/MOPB-37-2007.html

exchange.xforce.ibmcloud.com/vulnerabilities/33750

6.6 Medium

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

0.004 Low

EPSS

Percentile

72.9%

JSON

Related for PRION:CVE-2007-1883