Lucene search
Ubuntu.comUB:CVE-2007-5899HistoryNov 20, 2007 - 12:00 a.m.
CVE-2007-5899
2007-11-2000:00:00
ubuntu.com
ubuntu.com
10
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.012 Low
EPSS
Percentile
85.3%
The output_add_rewrite_var function in PHP before 5.2.5 rewrites local
forms in which the ACTION attribute references a non-local URL, which
allows remote attackers to obtain potentially sensitive information by
reading the requests for this URL, as demonstrated by a rewritten form
containing a local session ID.
Related
prion
prion
Design/Logic Flaw
2007-11-20 19:46:00
cve
cve
CVE-2007-5899
2007-11-20 19:46:00
veracode
veracode
Information Disclosure
2020-04-10 00:22:32
openvas
openvas
Fedora Update for php FEDORA-2008-3606
2009-02-17 00:00:00
Fedora Update for php FEDORA-2008-3606
2009-02-17 00:00:00
RedHat Update for php RHSA-2008:0545-01
2009-03-06 00:00:00
fedora
fedora
[SECURITY] Fedora 9 Update: php-5.2.6-2.fc9
2008-06-20 19:09:41
[SECURITY] Fedora 9 Update: php-5.2.6-2.fc9
2008-07-26 06:03:23
[SECURITY] Fedora 8 Update: php-5.2.6-2.fc8
2008-06-20 19:08:56
nessus
nessus
Fedora 9 : php-5.2.6-2.fc9 (2008-3606)
2008-06-24 00:00:00
RHEL 3 / 5 : php (RHSA-2008:0544)
2008-07-16 00:00:00
RHEL 4 : php (RHSA-2008:0545)
2008-07-16 00:00:00
securityvulns
securityvulns
rPSA-2007-0242-1 php5 php5-cgi php5-mysql php5-pear php5-pgsql php5-soap php5-xsl
2007-11-20 00:00:00
PHP multiple Denial of Service conditions
2007-11-20 00:00:00
PHP multiple security vulnerabilities
2008-01-04 00:00:00
redhat
redhat
(RHSA-2008:0582) Moderate: php security update
2008-07-22 00:00:00
(RHSA-2008:0545) Moderate: php security and bug fix update
2008-07-16 00:00:00
(RHSA-2008:0544) Moderate: php security update
2008-07-16 00:00:00
oraclelinux
oraclelinux
php security and bug fix update
2008-07-16 00:00:00
php security update
2008-07-16 00:00:00
centos
centos
php security update
2008-07-16 16:15:51
php security update
2008-07-16 16:10:52
php security update
2008-07-18 05:00:21
debian
debian
[SECURITY] [DSA 1444-2] New php5 packages fix regression
2008-01-23 21:29:45
[SECURITY] [DSA 1444-1] New php5 packages fix several vulnerabilities
2008-01-03 20:25:59
osv
osv
php5 several issues
2008-01-23 00:00:00
ubuntu
ubuntu
PHP vulnerabilities
2008-07-23 00:00:00
PHP vulnerabilities
2007-11-29 00:00:00
PHP regression
2007-12-03 00:00:00
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.012 Low
EPSS
Percentile
85.3%
Related for UB:CVE-2007-5899