Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2015/10/30 9:47 a.m.20 views

CVE-2007-1461

The compress.bzip2:// URL wrapper provided by the bz2 extension in PHP before 4.4.7, and 5.x before 5.2.2, does not implement safemode or openbasedir checks, which allows remote attackers to read bzip2 archives located outside of the intended directories...

7.8CVSS7.3AI score0.02202EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2007/10/17 12:0 a.m.43 views

openSUSE 10 Security Update : apache2-mod_php5 (apache2-mod_php5-3289)

This Update fixes numerous vulnerabilities in PHP. Most of them were made public during the 'Month of PHP Bugs'. The vulnerabilities potentially lead to crashes, information leaks or even execution of malicious code. CVE-2007-1380, CVE-2007-0988, CVE-2007-1375, CVE-2007-1454 CVE-2007-1453,...

7.8CVSS5.5AI score0.10028EPSS
Exploits12References18
Tenable Nessus
Tenable Nessus
added 2007/08/02 12:0 a.m.83 views

Mac OS X Multiple Vulnerabilities (Security Update 2007-007)

The remote host is running a version of Mac OS X 10.4 or 10.3 which does not have the security update 2007-007 applied. This update contains several security fixes for the following programs : - bzip2 - CFNetwork - CoreAudio - cscope - gnuzip - iChat - Kerberos - mDNSResponder - PDFKit - PHP -...

10CVSS8AI score0.90768EPSS
Exploits56References45
CVE
CVE
added 2007/03/14 6:0 p.m.83 views

CVE-2007-1461

The CVE-2007-1461 issue concerns the PHP bz2 extension’s compress.bzip2:// wrapper, which before PHP 4.4.7 and before PHP 5.2.2 does not enforce safemode or open_basedir restrictions, enabling remote attackers to read bzip2 archives outside the intended directories. Affected versions: PHP 4.x pri...

7.8CVSS7.4AI score0.02202EPSS
Exploits1References11Affected Software1
Rows per page
Query Builder