Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2007-6039
HistoryNov 20, 2007 - 12:00 a.m.

CVE-2007-6039

2007-11-2000:00:00
ubuntu.com
ubuntu.com
4

0.001 Low

EPSS

Percentile

43.2%

JSON

PHP 5.2.5 and earlier allows context-dependent attackers to cause a denial
of service (application crash) via a long string in (1) the domain
parameter to the dgettext function, the message parameter to the (2)
dcgettext or (3) gettext function, the msgid1 parameter to the (4)
dngettext or (5) ngettext function, or (6) the classname parameter to the
stream_wrapper_register function. NOTE: this might not be a vulnerability
in most web server environments that support multiple threads, unless this
issue can be demonstrated for code execution.

Notes

Author Note
jdstrand arguments to functions in question should be under control of the script author, so not security-sensitive also shouldn’t affect multi-threaded environments

Related

cve 1
prion 1
redhatcve 1
cvelist 1
openvas 2
nessus 1
cve
cve
CVE-2007-6039
2007-11-20 19:46:00
prion
prion
Design/Logic Flaw
2007-11-20 19:46:00
redhatcve
redhatcve
CVE-2007-6039
2015-10-30 09:51:00
cvelist
cvelist
CVE-2007-6039
2007-11-20 19:00:00
openvas
openvas
PHP < 5.2.6 Multiple Vulnerabilities
2012-06-21 00:00:00
PHP < 5.2.6 Multiple Vulnerabilities
2020-08-17 00:00:00
nessus
nessus
PHP < 5.2.6 Multiple Vulnerabilities
2008-05-02 00:00:00

0.001 Low

EPSS

Percentile

43.2%

JSON
Related for UB:CVE-2007-6039
cve1prion1redhatcve1cvelist1openvas2nessus1