4 matches found
CVE-2007-2728
The soap extension in PHP calls phprandr with an uninitialized seed variable, which has unknown impact and attack vectors, a related issue to the mcryptcreateiv issue covered by CVE-2007-2727. Note: The PHP team argue that this is not a valid security issue...
CVE-2007-2727
The mcryptcreateiv function in ext/mcrypt/mcrypt.c in PHP before 4.4.7, 5.2.1, and possibly 5.0.x and other PHP 5 versions, calls phprandr with an uninitialized seed variable and therefore always generates the same initialization vector IV, which might allow context-dependent attackers to decrypt...
CVE-2007-2728
The soap extension in PHP calls phprandr with an uninitialized seed variable, which has unknown impact and attack vectors, a related issue to the mcryptcreateiv issue covered by CVE-2007-2727. Note: The PHP team argue that this is not a valid security issue...
CVE-2007-2728
CVE-2007-2728 concerns the PHP soap extension calling php_rand_r with an uninitialized seed variable. The impact and attack vectors are not clearly defined in the provided documents; it is noted as related to CVE-2007-2727 and the PHP team argued it is not a valid security issue. No exploitation ...