Lucene search
Ubuntu.comUB:CVE-2007-1380HistoryMar 10, 2007 - 12:00 a.m.
CVE-2007-1380
2007-03-1000:00:00
ubuntu.com
ubuntu.com
7
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.018 Low
EPSS
Percentile
87.9%
The php_binary serialization handler in the session extension in PHP before
4.4.5, and 5.x before 5.2.1, allows context-dependent attackers to obtain
sensitive information (memory contents) via a serialized variable entry
with a large length value, which triggers a buffer over-read.
Related
cve
cve
CVE-2007-1380
2007-03-10 00:19:00
prion
prion
Buffer overflow
2007-03-10 00:19:00
openvas
openvas
PHP PHP_Binary Heap Information Leak Vulnerability
2010-04-23 00:00:00
Debian Security Advisory DSA 1282-1 (php4)
2008-01-17 00:00:00
Debian: Security Advisory (DSA-1282-1)
2008-01-17 00:00:00
securityvulns
securityvulns
PHP php_binary / WDDX information leak
2007-03-06 00:00:00
debian
debian
[SECURITY] [DSA 1282-1] New php4 packages fix several vulnerabilities
2007-04-26 18:23:29
[SECURITY] [DSA 1283-1] New php5 packages fix several vulnerabilities
2007-04-29 20:16:06
nessus
nessus
Debian DSA-1282-1 : php4 - several vulnerabilities
2007-04-30 00:00:00
Mandrake Linux Security Advisory : php (MDKSA-2007:048)
2007-02-23 00:00:00
Oracle Linux 3 / 4 : php (ELSA-2007-0076)
2013-07-12 00:00:00
suse
suse
remote code execution in php4,php5
2007-03-15 12:12:23
remote code execution in php4,php5
2007-05-23 13:16:49
redhat
redhat
(RHSA-2007:0076) Important: php security update
2007-02-19 00:00:00
(RHSA-2007:0088) Important: php security update
2007-02-22 00:00:00
(RHSA-2007:0081) Important: php security update
2007-02-21 00:00:00
centos
centos
php security update
2007-02-19 21:40:07
php security update
2007-02-25 06:02:10
oraclelinux
oraclelinux
Important: php security update
2007-02-19 00:00:00
ubuntu
ubuntu
PHP vulnerabilities
2007-04-27 00:00:00
gentoo
gentoo
PHP: Multiple vulnerabilities
2007-03-20 00:00:00
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.018 Low
EPSS
Percentile
87.9%
Related for UB:CVE-2007-1380