Lucene search

Redhat.comRH:CVE-2007-2844

HistoryOct 30, 2015 - 9:26 a.m.

CVE-2007-2844

2015-10-3009:26:48

redhat.com

access.redhat.com

7.5 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.03 Low

EPSS

Percentile

90.9%

JSON

PHP 4.x and 5.x before 5.2.1, when running on multi-threaded systems, does not ensure thread safety for libc crypt function calls using protection schemes such as a mutex, which creates race conditions that allow remote attackers to overwrite internal program memory and gain system access.

References

bugzilla.redhat.com/show_bug.cgi?id=241641

nvd.nist.gov/vuln/detail/CVE-2007-2844

www.cve.org/CVERecord?id=CVE-2007-2844

7.5 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.03 Low

EPSS

Percentile

90.9%

JSON

Related for RH:CVE-2007-2844