CVE-2007-0906

CVSS V2 High 7.5 CVSS V3 None

Description

Multiple buffer overflows in PHP before 5.2.1 allow attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors in the (1) session, (2) zip, (3) imap, and (4) sqlite extensions; (5) stream filters; and the (6) str_replace, (7) mail, (8) ibase_delete_user, (9) ibase_add_user, and (10) ibase_modify_user functions. NOTE: vector 6 might actually be an integer overflow (CVE-2007-1885). NOTE: as of 20070411, vector (3) might involve the imap_mail_compose function (CVE-2007-1825).

Overview

CVE ID
CVE-2007-0906

Assigner
cve@mitre.org

Vulnerability Status
Modified

Published Version
2007-02-13T23:28:00

Last Modified Date
2018-10-30T16:25:35

Weakness Enumerations

CWE	URL
CWE-119	http://cwe.mitre.org/data/definitions/119.html

CPE Configuration (Product)

CPE	Vulnerable	Operator
cpe:2.3:a:php:php:3.0:::::::*	1	OR
cpe:2.3:a:php:php:3.0.1:::::::*	1	OR
cpe:2.3:a:php:php:3.0.2:::::::*	1	OR
cpe:2.3:a:php:php:3.0.3:::::::*	1	OR
cpe:2.3:a:php:php:3.0.4:::::::*	1	OR
cpe:2.3:a:php:php:3.0.5:::::::*	1	OR
cpe:2.3:a:php:php:3.0.6:::::::*	1	OR
cpe:2.3:a:php:php:3.0.7:::::::*	1	OR
cpe:2.3:a:php:php:3.0.8:::::::*	1	OR
cpe:2.3:a:php:php:3.0.9:::::::*	1	OR
cpe:2.3:a:php:php:3.0.10:::::::*	1	OR
cpe:2.3:a:php:php:3.0.11:::::::*	1	OR
cpe:2.3:a:php:php:3.0.12:::::::*	1	OR
cpe:2.3:a:php:php:3.0.13:::::::*	1	OR
cpe:2.3:a:php:php:3.0.14:::::::*	1	OR
cpe:2.3:a:php:php:3.0.15:::::::*	1	OR
cpe:2.3:a:php:php:3.0.16:::::::*	1	OR
cpe:2.3:a:php:php:3.0.17:::::::*	1	OR
cpe:2.3:a:php:php:3.0.18:::::::*	1	OR
cpe:2.3:a:php:php:4.0:::::::*	1	OR
cpe:2.3:a:php:php:4.0.1:::::::*	1	OR
cpe:2.3:a:php:php:4.0.1:patch1::::::	1	OR
cpe:2.3:a:php:php:4.0.1:patch2::::::	1	OR
cpe:2.3:a:php:php:4.0.2:::::::*	1	OR
cpe:2.3:a:php:php:4.0.3:::::::*	1	OR
cpe:2.3:a:php:php:4.0.3:patch1::::::	1	OR
cpe:2.3:a:php:php:4.0.4:::::::*	1	OR
cpe:2.3:a:php:php:4.0.5:::::::*	1	OR
cpe:2.3:a:php:php:4.0.6:::::::*	1	OR
cpe:2.3:a:php:php:4.0.7:::::::*	1	OR
cpe:2.3:a:php:php:4.0.7:rc1::::::	1	OR
cpe:2.3:a:php:php:4.0.7:rc2::::::	1	OR
cpe:2.3:a:php:php:4.0.7:rc3::::::	1	OR
cpe:2.3:a:php:php:4.1.0:::::::*	1	OR
cpe:2.3:a:php:php:4.1.1:::::::*	1	OR
cpe:2.3:a:php:php:4.1.2:::::::*	1	OR
cpe:2.3:a:php:php:4.2::dev:::::	1	OR
cpe:2.3:a:php:php:4.2.0:::::::*	1	OR
cpe:2.3:a:php:php:4.2.1:::::::*	1	OR
cpe:2.3:a:php:php:4.2.2:::::::*	1	OR
cpe:2.3:a:php:php:4.2.3:::::::*	1	OR
cpe:2.3:a:php:php:4.3.0:::::::*	1	OR
cpe:2.3:a:php:php:4.3.1:::::::*	1	OR
cpe:2.3:a:php:php:4.3.2:::::::*	1	OR
cpe:2.3:a:php:php:4.3.3:::::::*	1	OR
cpe:2.3:a:php:php:4.3.4:::::::*	1	OR
cpe:2.3:a:php:php:4.3.5:::::::*	1	OR
cpe:2.3:a:php:php:4.3.6:::::::*	1	OR
cpe:2.3:a:php:php:4.3.7:::::::*	1	OR
cpe:2.3:a:php:php:4.3.8:::::::*	1	OR
cpe:2.3:a:php:php:4.3.9:::::::*	1	OR
cpe:2.3:a:php:php:4.3.10:::::::*	1	OR
cpe:2.3:a:php:php:4.3.11:::::::*	1	OR
cpe:2.3:a:php:php:4.4.0:::::::*	1	OR
cpe:2.3:a:php:php:4.4.1:::::::*	1	OR
cpe:2.3:a:php:php:4.4.2:::::::*	1	OR
cpe:2.3:a:php:php:4.4.3:::::::*	1	OR
cpe:2.3:a:php:php:4.4.4:::::::*	1	OR
cpe:2.3:a:php:php:5.0:rc1::::::	1	OR
cpe:2.3:a:php:php:5.0:rc2::::::	1	OR
cpe:2.3:a:php:php:5.0:rc3::::::	1	OR
cpe:2.3:a:php:php:5.0.0:::::::*	1	OR
cpe:2.3:a:php:php:5.0.1:::::::*	1	OR
cpe:2.3:a:php:php:5.0.2:::::::*	1	OR
cpe:2.3:a:php:php:5.0.3:::::::*	1	OR
cpe:2.3:a:php:php:5.0.4:::::::*	1	OR
cpe:2.3:a:php:php:5.0.5:::::::*	1	OR
cpe:2.3:a:php:php:5.1.0:::::::*	1	OR
cpe:2.3:a:php:php:5.1.1:::::::*	1	OR
cpe:2.3:a:php:php:5.1.2:::::::*	1	OR
cpe:2.3:a:php:php:5.1.3:::::::*	1	OR
cpe:2.3:a:php:php:5.1.4:::::::*	1	OR
cpe:2.3:a:php:php:5.1.5:::::::*	1	OR
cpe:2.3:a:php:php:5.1.6:::::::*	1	OR
cpe:2.3:a:php:php:5.2.0:::::::*	1	OR
cpe:2.3:o:trustix:secure_linux:2.2:::::::*	1	OR
cpe:2.3:o:trustix:secure_linux:3.0:::::::*	1	OR

CVSS Version 2

Version
2.0

Vector String
AV:N/AC:L/Au:N/C:P/I:P/A:P

Access Vector
NETWORK

Access Compatibility
LOW

Authentication
NONE

Confidentiality Impact
PARTIAL

Integrity Impact
PARTIAL

Availability Impact
PARTIAL

Base Score
7.5

Severity
HIGH

Exploitability Score
10

Impact Score
6.4

References

Reference URL	Reference Tags
http://www.php.net/ChangeLog-5.php#5.2.1
http://www.php.net/releases/5_2_1.php
http://www.securityfocus.com/bid/22496	Patch
http://secunia.com/advisories/24089	Vendor Advisory
https://issues.rpath.com/browse/RPL-1088
http://support.avaya.com/elmodocs2/security/ASA-2007-101.htm
http://www.us.debian.org/security/2007/dsa-1264
http://security.gentoo.org/glsa/glsa-200703-21.xml
http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.010.html
http://www.redhat.com/support/errata/RHSA-2007-0076.html
http://www.redhat.com/support/errata/RHSA-2007-0081.html	Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2007-0089.html	Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2007-0088.html	Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2007-0082.html	Vendor Advisory
http://lists.suse.com/archive/suse-security-announce/2007-Mar/0003.html
http://www.ubuntu.com/usn/usn-424-1
http://www.ubuntu.com/usn/usn-424-2
http://www.osvdb.org/32776
http://www.securitytracker.com/id?1017671
http://secunia.com/advisories/24195	Vendor Advisory
http://secunia.com/advisories/24217	Vendor Advisory
http://secunia.com/advisories/24248	Vendor Advisory
http://secunia.com/advisories/24236	Vendor Advisory
http://secunia.com/advisories/24295	Vendor Advisory
http://secunia.com/advisories/24322	Vendor Advisory
http://secunia.com/advisories/24432	Vendor Advisory
http://secunia.com/advisories/24421	Vendor Advisory
http://secunia.com/advisories/24514	Vendor Advisory
http://secunia.com/advisories/24606	Vendor Advisory
http://support.avaya.com/elmodocs2/security/ASA-2007-136.htm
http://secunia.com/advisories/24642	Vendor Advisory
https://issues.rpath.com/browse/RPL-1268
http://secunia.com/advisories/24945	Vendor Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2007:048
ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc
http://lists.opensuse.org/opensuse-security-announce/2007-07/msg00006.html
http://www.trustix.org/errata/2007/0009/
http://secunia.com/advisories/24284	Vendor Advisory
http://secunia.com/advisories/24419	Vendor Advisory
http://secunia.com/advisories/26048	Vendor Advisory
http://osvdb.org/34709
http://osvdb.org/34708
http://osvdb.org/34715
http://osvdb.org/34706
http://osvdb.org/34713
http://osvdb.org/34707
http://osvdb.org/34710
http://osvdb.org/34714
http://osvdb.org/34711
http://osvdb.org/34712
http://www.vupen.com/english/advisories/2007/0546
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8992
http://www.securityfocus.com/archive/1/466166/100/0/threaded
http://www.securityfocus.com/archive/1/461462/100/0/threaded

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2007-0906
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0906

History

Created	Old Value	New Value	Data Type	Notes
2022-05-10 18:01:17				Added to TrackCVE