Lucene search
Ubuntu.comUB:CVE-2007-0908HistoryFeb 13, 2007 - 12:00 a.m.
CVE-2007-0908
2007-02-1300:00:00
ubuntu.com
ubuntu.com
8
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.013 Low
EPSS
Percentile
85.6%
The WDDX deserializer in the wddx extension in PHP 5 before 5.2.1 and PHP 4
before 4.4.5 does not properly initialize the key_length variable for a
numerical key, which allows context-dependent attackers to read stack
memory via a wddxPacket element that contains a variable with a string name
before a numerical variable.
Related
prion
prion
Design/Logic Flaw
2007-02-13 23:28:00
cve
cve
CVE-2007-0908
2007-02-13 23:28:00
veracode
veracode
Information Disclosure
2020-04-10 00:16:36
securityvulns
securityvulns
Multiple PHP vulnerabilities
2007-02-15 00:00:00
nessus
nessus
Ubuntu 5.10 / 6.06 LTS / 6.10 : php5 vulnerabilities (USN-424-1)
2007-11-10 00:00:00
Slackware 10.2 / 11.0 : php (SSA:2007-053-01)
2007-02-23 00:00:00
Fedora Core 5 : php-5.1.6-1.4 (2007-287)
2007-02-27 00:00:00
fedora
fedora
[SECURITY] Fedora Core 6 Update: php-5.1.6-3.4.fc6
2007-02-21 04:17:27
[SECURITY] Fedora Core 5 Update: php-5.1.6-1.4
2007-02-26 22:09:19
[SECURITY] Fedora Core 5 Update: php-5.1.6-1.5
2007-04-18 22:42:03
openvas
openvas
Ubuntu: Security Advisory (USN-424-2)
2009-03-23 00:00:00
Mandriva Update for php MDKSA-2007:048 (php)
2009-04-09 00:00:00
PHP <= 4.4.4 / 5.0 <= 5.2.0 Multiple Vulnerabilities
2010-04-23 00:00:00
ubuntu
ubuntu
PHP vulnerabilities
2007-02-22 00:00:00
PHP regression
2007-03-08 00:00:00
osv
osv
php4
2007-03-07 00:00:00
slackware
slackware
[slackware-security] php
2007-02-23 07:28:01
freebsd
freebsd
php -- multiple vulnerabilities
2007-02-09 00:00:00
debian
debian
[SECURITY] [DSA 1264-1] New php4 packages fix several vulnerabilities
2007-03-07 22:04:16
suse
suse
remote code execution in php4,php5
2007-03-15 12:12:23
redhat
redhat
(RHSA-2007:0081) Important: php security update
2007-02-21 00:00:00
(RHSA-2007:0076) Important: php security update
2007-02-19 00:00:00
(RHSA-2007:0088) Important: php security update
2007-02-22 00:00:00
oraclelinux
oraclelinux
Important: php security update
2007-02-19 00:00:00
Important: php security update
2007-06-26 00:00:00
centos
centos
php security update
2007-02-25 06:02:10
php security update
2007-02-19 21:40:07
gentoo
gentoo
PHP: Multiple vulnerabilities
2007-03-20 00:00:00
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.013 Low
EPSS
Percentile
85.6%
Related for UB:CVE-2007-0908