cvelistv5 - cve-2007-3997

CVE-2007-3997 (GCVE-0-2007-3997)

Vulnerability from cvelistv5 – Published: 2007-09-04 18:00 – Updated: 2024-08-07 14:37

Summary

The (1) MySQL and (2) MySQLi extensions in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, allow remote attackers to bypass safe_mode and open_basedir restrictions via MySQL LOCAL INFILE operations, as demonstrated by a query with LOAD DATA LOCAL INFILE.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://secunia.com/advisories/26822	third-party-advisoryx_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2008/0059	vdb-entryx_refsource_VUPEN
	http://www.gentoo.org/security/en/glsa/glsa-20071…	vendor-advisoryx_refsource_GENTOO
	http://www.php.net/releases/4_4_8.php	x_refsource_CONFIRM
	http://www.php.net/ChangeLog-5.php#5.2.4	x_refsource_CONFIRM
	http://www.trustix.org/errata/2007/0026/	vendor-advisoryx_refsource_TRUSTIX
	https://issues.rpath.com/browse/RPL-1693	x_refsource_CONFIRM
	http://securityreason.com/securityalert/3102	third-party-advisoryx_refsource_SREASON
	http://secweb.se/en/advisories/php-mysql-safe-mod…	x_refsource_MISC
	https://issues.rpath.com/browse/RPL-1702	x_refsource_CONFIRM
	http://secunia.com/advisories/26838	third-party-advisoryx_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://secunia.com/advisories/27377	third-party-advisoryx_refsource_SECUNIA
	https://www.exploit-db.com/exploits/4392	exploitx_refsource_EXPLOIT-DB
	http://www.php.net/ChangeLog-4.php	x_refsource_CONFIRM
	http://secunia.com/advisories/27102	third-party-advisoryx_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2007/3023	vdb-entryx_refsource_VUPEN
	http://www.php.net/releases/5_2_4.php	x_refsource_CONFIRM
	http://secunia.com/advisories/28318	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/26642	third-party-advisoryx_refsource_SECUNIA

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T14:37:06.033Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "php-localinfile-mysql-security-bypass(39402)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39402"
          },
          {
            "name": "26822",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26822"
          },
          {
            "name": "ADV-2008-0059",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/0059"
          },
          {
            "name": "GLSA-200710-02",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.php.net/releases/4_4_8.php"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.php.net/ChangeLog-5.php#5.2.4"
          },
          {
            "name": "2007-0026",
            "tags": [
              "vendor-advisory",
              "x_refsource_TRUSTIX",
              "x_transferred"
            ],
            "url": "http://www.trustix.org/errata/2007/0026/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-1693"
          },
          {
            "name": "3102",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/3102"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://secweb.se/en/advisories/php-mysql-safe-mode-bypass-vulnerability/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-1702"
          },
          {
            "name": "26838",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26838"
          },
          {
            "name": "php-local-infile-security-bypass(36384)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36384"
          },
          {
            "name": "27377",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27377"
          },
          {
            "name": "4392",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/4392"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.php.net/ChangeLog-4.php"
          },
          {
            "name": "27102",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27102"
          },
          {
            "name": "ADV-2007-3023",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/3023"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.php.net/releases/5_2_4.php"
          },
          {
            "name": "28318",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28318"
          },
          {
            "name": "26642",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26642"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-08-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The (1) MySQL and (2) MySQLi extensions in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, allow remote attackers to bypass safe_mode and open_basedir restrictions via MySQL LOCAL INFILE operations, as demonstrated by a query with LOAD DATA LOCAL INFILE."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-28T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "php-localinfile-mysql-security-bypass(39402)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39402"
        },
        {
          "name": "26822",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26822"
        },
        {
          "name": "ADV-2008-0059",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/0059"
        },
        {
          "name": "GLSA-200710-02",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.php.net/releases/4_4_8.php"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.php.net/ChangeLog-5.php#5.2.4"
        },
        {
          "name": "2007-0026",
          "tags": [
            "vendor-advisory",
            "x_refsource_TRUSTIX"
          ],
          "url": "http://www.trustix.org/errata/2007/0026/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-1693"
        },
        {
          "name": "3102",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/3102"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://secweb.se/en/advisories/php-mysql-safe-mode-bypass-vulnerability/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-1702"
        },
        {
          "name": "26838",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26838"
        },
        {
          "name": "php-local-infile-security-bypass(36384)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36384"
        },
        {
          "name": "27377",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27377"
        },
        {
          "name": "4392",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/4392"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.php.net/ChangeLog-4.php"
        },
        {
          "name": "27102",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27102"
        },
        {
          "name": "ADV-2007-3023",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/3023"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.php.net/releases/5_2_4.php"
        },
        {
          "name": "28318",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28318"
        },
        {
          "name": "26642",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26642"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-3997",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The (1) MySQL and (2) MySQLi extensions in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, allow remote attackers to bypass safe_mode and open_basedir restrictions via MySQL LOCAL INFILE operations, as demonstrated by a query with LOAD DATA LOCAL INFILE."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "php-localinfile-mysql-security-bypass(39402)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39402"
            },
            {
              "name": "26822",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/26822"
            },
            {
              "name": "ADV-2008-0059",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/0059"
            },
            {
              "name": "GLSA-200710-02",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml"
            },
            {
              "name": "http://www.php.net/releases/4_4_8.php",
              "refsource": "CONFIRM",
              "url": "http://www.php.net/releases/4_4_8.php"
            },
            {
              "name": "http://www.php.net/ChangeLog-5.php#5.2.4",
              "refsource": "CONFIRM",
              "url": "http://www.php.net/ChangeLog-5.php#5.2.4"
            },
            {
              "name": "2007-0026",
              "refsource": "TRUSTIX",
              "url": "http://www.trustix.org/errata/2007/0026/"
            },
            {
              "name": "https://issues.rpath.com/browse/RPL-1693",
              "refsource": "CONFIRM",
              "url": "https://issues.rpath.com/browse/RPL-1693"
            },
            {
              "name": "3102",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/3102"
            },
            {
              "name": "http://secweb.se/en/advisories/php-mysql-safe-mode-bypass-vulnerability/",
              "refsource": "MISC",
              "url": "http://secweb.se/en/advisories/php-mysql-safe-mode-bypass-vulnerability/"
            },
            {
              "name": "https://issues.rpath.com/browse/RPL-1702",
              "refsource": "CONFIRM",
              "url": "https://issues.rpath.com/browse/RPL-1702"
            },
            {
              "name": "26838",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/26838"
            },
            {
              "name": "php-local-infile-security-bypass(36384)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36384"
            },
            {
              "name": "27377",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27377"
            },
            {
              "name": "4392",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/4392"
            },
            {
              "name": "http://www.php.net/ChangeLog-4.php",
              "refsource": "CONFIRM",
              "url": "http://www.php.net/ChangeLog-4.php"
            },
            {
              "name": "27102",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27102"
            },
            {
              "name": "ADV-2007-3023",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/3023"
            },
            {
              "name": "http://www.php.net/releases/5_2_4.php",
              "refsource": "CONFIRM",
              "url": "http://www.php.net/releases/5_2_4.php"
            },
            {
              "name": "28318",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28318"
            },
            {
              "name": "26642",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/26642"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-3997",
    "datePublished": "2007-09-04T18:00:00",
    "dateReserved": "2007-07-25T00:00:00",
    "dateUpdated": "2024-08-07T14:37:06.033Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.0.0\", \"versionEndExcluding\": \"4.4.8\", \"matchCriteriaId\": \"F6C219FD-2507-491C-B38F-777D1A626FEC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"5.0.0\", \"versionEndExcluding\": \"5.2.4\", \"matchCriteriaId\": \"EABE00F5-DB5A-480D-8D77-73C04DBAB2A0\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The (1) MySQL and (2) MySQLi extensions in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, allow remote attackers to bypass safe_mode and open_basedir restrictions via MySQL LOCAL INFILE operations, as demonstrated by a query with LOAD DATA LOCAL INFILE.\"}, {\"lang\": \"es\", \"value\": \"Las extensiones (1) MySQL y (2) MySQLi en PHP 4 anterior a 4.4.8, y PHP 5 anterior a  5.2.4, permite a atacantes remotos evitar las restricciones safe_mode y open_basedir a trav\\u00e9s de operaciones MySQL LOCAL INFILE, como se demostr\\u00f3 con un consulta con LOAD DATA LOCAL INFILE.\"}]",
      "id": "CVE-2007-3997",
      "lastModified": "2024-11-21T00:34:32.943",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2007-09-04T18:17:00.000",
      "references": "[{\"url\": \"http://secunia.com/advisories/26642\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/26822\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/26838\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/27102\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/27377\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28318\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://securityreason.com/securityalert/3102\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"http://secweb.se/en/advisories/php-mysql-safe-mode-bypass-vulnerability/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.php.net/ChangeLog-4.php\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.php.net/ChangeLog-5.php#5.2.4\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.php.net/releases/4_4_8.php\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.php.net/releases/5_2_4.php\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.trustix.org/errata/2007/0026/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2007/3023\", \"source\": \"cve@mitre.org\", \"tags\": [\"Permissions Required\", \"Third Party Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/0059\", \"source\": \"cve@mitre.org\", \"tags\": [\"Permissions Required\", \"Third Party Advisory\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/36384\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/39402\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://issues.rpath.com/browse/RPL-1693\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"https://issues.rpath.com/browse/RPL-1702\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"https://www.exploit-db.com/exploits/4392\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://secunia.com/advisories/26642\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/26822\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/26838\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/27102\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/27377\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/28318\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://securityreason.com/securityalert/3102\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"http://secweb.se/en/advisories/php-mysql-safe-mode-bypass-vulnerability/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.php.net/ChangeLog-4.php\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.php.net/ChangeLog-5.php#5.2.4\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.php.net/releases/4_4_8.php\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.php.net/releases/5_2_4.php\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.trustix.org/errata/2007/0026/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2007/3023\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Permissions Required\", \"Third Party Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/0059\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Permissions Required\", \"Third Party Advisory\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/36384\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/39402\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://issues.rpath.com/browse/RPL-1693\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"https://issues.rpath.com/browse/RPL-1702\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"https://www.exploit-db.com/exploits/4392\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vendorComments": "[{\"organization\": \"Mandriva\", \"comment\": \"Due to the nature of safe_mode and open_basedir restrictions, and in alignment with the PHP group\\u2019s stance on these features, Mandriva does not consider this a security issue.\", \"lastModified\": \"2007-09-18T00:00:00\"}, {\"organization\": \"Red Hat\", \"comment\": \"We do not consider these to be security issues.  For more details see http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=169857#c1\\nand http://www.php.net/security-note.php\\n\", \"lastModified\": \"2007-09-05T00:00:00\"}]",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-264\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2007-3997\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2007-09-04T18:17:00.000\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The (1) MySQL and (2) MySQLi extensions in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, allow remote attackers to bypass safe_mode and open_basedir restrictions via MySQL LOCAL INFILE operations, as demonstrated by a query with LOAD DATA LOCAL INFILE.\"},{\"lang\":\"es\",\"value\":\"Las extensiones (1) MySQL y (2) MySQLi en PHP 4 anterior a 4.4.8, y PHP 5 anterior a  5.2.4, permite a atacantes remotos evitar las restricciones safe_mode y open_basedir a trav\u00e9s de operaciones MySQL LOCAL INFILE, como se demostr\u00f3 con un consulta con LOAD DATA LOCAL INFILE.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-264\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.0.0\",\"versionEndExcluding\":\"4.4.8\",\"matchCriteriaId\":\"F6C219FD-2507-491C-B38F-777D1A626FEC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.0.0\",\"versionEndExcluding\":\"5.2.4\",\"matchCriteriaId\":\"EABE00F5-DB5A-480D-8D77-73C04DBAB2A0\"}]}]}],\"references\":[{\"url\":\"http://secunia.com/advisories/26642\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/26822\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/26838\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/27102\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/27377\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/28318\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://securityreason.com/securityalert/3102\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"http://secweb.se/en/advisories/php-mysql-safe-mode-bypass-vulnerability/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.php.net/ChangeLog-4.php\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.php.net/ChangeLog-5.php#5.2.4\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.php.net/releases/4_4_8.php\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.php.net/releases/5_2_4.php\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.trustix.org/errata/2007/0026/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.vupen.com/english/advisories/2007/3023\",\"source\":\"cve@mitre.org\",\"tags\":[\"Permissions Required\",\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/0059\",\"source\":\"cve@mitre.org\",\"tags\":[\"Permissions Required\",\"Third Party Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/36384\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/39402\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://issues.rpath.com/browse/RPL-1693\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://issues.rpath.com/browse/RPL-1702\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://www.exploit-db.com/exploits/4392\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://secunia.com/advisories/26642\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/26822\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/26838\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/27102\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/27377\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/28318\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://securityreason.com/securityalert/3102\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"http://secweb.se/en/advisories/php-mysql-safe-mode-bypass-vulnerability/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.php.net/ChangeLog-4.php\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.php.net/ChangeLog-5.php#5.2.4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.php.net/releases/4_4_8.php\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.php.net/releases/5_2_4.php\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.trustix.org/errata/2007/0026/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.vupen.com/english/advisories/2007/3023\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Permissions Required\",\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/0059\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Permissions Required\",\"Third Party Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/36384\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/39402\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://issues.rpath.com/browse/RPL-1693\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://issues.rpath.com/browse/RPL-1702\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://www.exploit-db.com/exploits/4392\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]}],\"vendorComments\":[{\"organization\":\"Mandriva\",\"comment\":\"Due to the nature of safe_mode and open_basedir restrictions, and in alignment with the PHP group\u2019s stance on these features, Mandriva does not consider this a security issue.\",\"lastModified\":\"2007-09-18T00:00:00\"},{\"organization\":\"Red Hat\",\"comment\":\"We do not consider these to be security issues.  For more details see http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=169857#c1\\nand http://www.php.net/security-note.php\\n\",\"lastModified\":\"2007-09-05T00:00:00\"}]}}"
  }
}

CERTA-2007-AVI-388

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités sont présentes dans PHP et permettent à un utilisateur distant d'exécuter du code arbitraire ou de contourner la politique de sécurité du site mis en œuvre avec PHP.

Description

Plusieurs failles sont présentes dans PHP :

une erreur d'impact non précisé par l'éditeur a été identifiée dans la fonction money_format() ;
une seconde dans la fonction zend_alter_ini_entry() permet de déclencher une interruption arbitraire ;
plusieurs failles de type débordement de mémoire dans la mise en œuvre de la bibliothèque de fonctions GD par PHP permettent à un utilisateur distant de provoquer un déni de service ou d'exécuter du code arbitraire ;
une erreur dans la mise en œuvre de requêtes SQL sur un serveur MySQL dans PHP permet à un utilisateur de contourner les restrictions associées aux directives open_basedir et safe_mode ;
un manque de contrôle dans la fonction glob permet également de contourner les restrictions de open_basedir ;
une dernière vulnérabilité relative à l'extension session permet de contourner les restrictions de open_basedir si le fichier de session est un lien symbolique.

Solution

La version 5.2.4 de PHP corrige le problème :

http://www.php.net/downloads.php

PHP versions 5.2.3 et antérieures.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Liste des changements apportés à la version 5.2.4 de PHP du 30 août 2007	None	vendor-advisory
Liste des changements apportés à la version 5.2.4 de PHP :	-	other
Site de PHP :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003ePHP versions 5.2.3 et ant\u00e9rieures.\u003c/p\u003e",
  "content": "## Description\n\nPlusieurs failles sont pr\u00e9sentes dans PHP :\n\n-   une erreur d\u0027impact non pr\u00e9cis\u00e9 par l\u0027\u00e9diteur a \u00e9t\u00e9 identifi\u00e9e dans\n    la fonction money_format() ;\n-   une seconde dans la fonction zend_alter_ini_entry() permet de\n    d\u00e9clencher une interruption arbitraire ;\n-   plusieurs failles de type d\u00e9bordement de m\u00e9moire dans la mise en\n    \u0153uvre de la biblioth\u00e8que de fonctions GD par PHP permettent \u00e0 un\n    utilisateur distant de provoquer un d\u00e9ni de service ou d\u0027ex\u00e9cuter du\n    code arbitraire ;\n-   une erreur dans la mise en \u0153uvre de requ\u00eates SQL sur un serveur\n    MySQL dans PHP permet \u00e0 un utilisateur de contourner les\n    restrictions associ\u00e9es aux directives open_basedir et safe_mode ;\n-   un manque de contr\u00f4le dans la fonction glob permet \u00e9galement de\n    contourner les restrictions de open_basedir ;\n-   une derni\u00e8re vuln\u00e9rabilit\u00e9 relative \u00e0 l\u0027extension session permet de\n    contourner les restrictions de open_basedir si le fichier de session\n    est un lien symbolique.\n\n## Solution\n\nLa version 5.2.4 de PHP corrige le probl\u00e8me :\n\n    http://www.php.net/downloads.php\n",
  "cves": [
    {
      "name": "CVE-2007-3378",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3378"
    },
    {
      "name": "CVE-2007-3997",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3997"
    },
    {
      "name": "CVE-2007-3996",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3996"
    }
  ],
  "links": [
    {
      "title": "Liste des changements apport\u00e9s \u00e0 la version 5.2.4 de    PHP :",
      "url": "http://www.php.net/releases/5_2_4.php"
    },
    {
      "title": "Site de PHP :",
      "url": "http://www.php.net"
    }
  ],
  "reference": "CERTA-2007-AVI-388",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2007-09-05T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s sont pr\u00e9sentes dans PHP et permettent \u00e0 un\nutilisateur distant d\u0027ex\u00e9cuter du code arbitraire ou de contourner la\npolitique de s\u00e9curit\u00e9 du site mis en \u0153uvre avec PHP.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans PHP",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Liste des changements apport\u00e9s \u00e0 la version 5.2.4 de PHP du 30 ao\u00fbt 2007",
      "url": null
    }
  ]
}

CERTA-2007-AVI-388

Vulnerability from certfr_avis - Published: - Updated:

Description

Plusieurs failles sont présentes dans PHP :

une erreur d'impact non précisé par l'éditeur a été identifiée dans la fonction money_format() ;
une seconde dans la fonction zend_alter_ini_entry() permet de déclencher une interruption arbitraire ;
plusieurs failles de type débordement de mémoire dans la mise en œuvre de la bibliothèque de fonctions GD par PHP permettent à un utilisateur distant de provoquer un déni de service ou d'exécuter du code arbitraire ;
une erreur dans la mise en œuvre de requêtes SQL sur un serveur MySQL dans PHP permet à un utilisateur de contourner les restrictions associées aux directives open_basedir et safe_mode ;
un manque de contrôle dans la fonction glob permet également de contourner les restrictions de open_basedir ;
une dernière vulnérabilité relative à l'extension session permet de contourner les restrictions de open_basedir si le fichier de session est un lien symbolique.

Solution

La version 5.2.4 de PHP corrige le problème :

http://www.php.net/downloads.php

PHP versions 5.2.3 et antérieures.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Liste des changements apportés à la version 5.2.4 de PHP du 30 août 2007	None	vendor-advisory
Liste des changements apportés à la version 5.2.4 de PHP :	-	other
Site de PHP :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003ePHP versions 5.2.3 et ant\u00e9rieures.\u003c/p\u003e",
  "content": "## Description\n\nPlusieurs failles sont pr\u00e9sentes dans PHP :\n\n-   une erreur d\u0027impact non pr\u00e9cis\u00e9 par l\u0027\u00e9diteur a \u00e9t\u00e9 identifi\u00e9e dans\n    la fonction money_format() ;\n-   une seconde dans la fonction zend_alter_ini_entry() permet de\n    d\u00e9clencher une interruption arbitraire ;\n-   plusieurs failles de type d\u00e9bordement de m\u00e9moire dans la mise en\n    \u0153uvre de la biblioth\u00e8que de fonctions GD par PHP permettent \u00e0 un\n    utilisateur distant de provoquer un d\u00e9ni de service ou d\u0027ex\u00e9cuter du\n    code arbitraire ;\n-   une erreur dans la mise en \u0153uvre de requ\u00eates SQL sur un serveur\n    MySQL dans PHP permet \u00e0 un utilisateur de contourner les\n    restrictions associ\u00e9es aux directives open_basedir et safe_mode ;\n-   un manque de contr\u00f4le dans la fonction glob permet \u00e9galement de\n    contourner les restrictions de open_basedir ;\n-   une derni\u00e8re vuln\u00e9rabilit\u00e9 relative \u00e0 l\u0027extension session permet de\n    contourner les restrictions de open_basedir si le fichier de session\n    est un lien symbolique.\n\n## Solution\n\nLa version 5.2.4 de PHP corrige le probl\u00e8me :\n\n    http://www.php.net/downloads.php\n",
  "cves": [
    {
      "name": "CVE-2007-3378",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3378"
    },
    {
      "name": "CVE-2007-3997",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3997"
    },
    {
      "name": "CVE-2007-3996",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3996"
    }
  ],
  "links": [
    {
      "title": "Liste des changements apport\u00e9s \u00e0 la version 5.2.4 de    PHP :",
      "url": "http://www.php.net/releases/5_2_4.php"
    },
    {
      "title": "Site de PHP :",
      "url": "http://www.php.net"
    }
  ],
  "reference": "CERTA-2007-AVI-388",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2007-09-05T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s sont pr\u00e9sentes dans PHP et permettent \u00e0 un\nutilisateur distant d\u0027ex\u00e9cuter du code arbitraire ou de contourner la\npolitique de s\u00e9curit\u00e9 du site mis en \u0153uvre avec PHP.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans PHP",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Liste des changements apport\u00e9s \u00e0 la version 5.2.4 de PHP du 30 ao\u00fbt 2007",
      "url": null
    }
  ]
}

GSD-2007-3997

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2007-3997

Aliases

CVE-2007-3997

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2007-3997",
    "description": "The (1) MySQL and (2) MySQLi extensions in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, allow remote attackers to bypass safe_mode and open_basedir restrictions via MySQL LOCAL INFILE operations, as demonstrated by a query with LOAD DATA LOCAL INFILE.",
    "id": "GSD-2007-3997",
    "references": [
      "https://www.suse.com/security/cve/CVE-2007-3997.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2007-3997"
      ],
      "details": "The (1) MySQL and (2) MySQLi extensions in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, allow remote attackers to bypass safe_mode and open_basedir restrictions via MySQL LOCAL INFILE operations, as demonstrated by a query with LOAD DATA LOCAL INFILE.",
      "id": "GSD-2007-3997",
      "modified": "2023-12-13T01:21:42.275883Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2007-3997",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The (1) MySQL and (2) MySQLi extensions in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, allow remote attackers to bypass safe_mode and open_basedir restrictions via MySQL LOCAL INFILE operations, as demonstrated by a query with LOAD DATA LOCAL INFILE."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "php-localinfile-mysql-security-bypass(39402)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39402"
          },
          {
            "name": "26822",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/26822"
          },
          {
            "name": "ADV-2008-0059",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2008/0059"
          },
          {
            "name": "GLSA-200710-02",
            "refsource": "GENTOO",
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml"
          },
          {
            "name": "http://www.php.net/releases/4_4_8.php",
            "refsource": "CONFIRM",
            "url": "http://www.php.net/releases/4_4_8.php"
          },
          {
            "name": "http://www.php.net/ChangeLog-5.php#5.2.4",
            "refsource": "CONFIRM",
            "url": "http://www.php.net/ChangeLog-5.php#5.2.4"
          },
          {
            "name": "2007-0026",
            "refsource": "TRUSTIX",
            "url": "http://www.trustix.org/errata/2007/0026/"
          },
          {
            "name": "https://issues.rpath.com/browse/RPL-1693",
            "refsource": "CONFIRM",
            "url": "https://issues.rpath.com/browse/RPL-1693"
          },
          {
            "name": "3102",
            "refsource": "SREASON",
            "url": "http://securityreason.com/securityalert/3102"
          },
          {
            "name": "http://secweb.se/en/advisories/php-mysql-safe-mode-bypass-vulnerability/",
            "refsource": "MISC",
            "url": "http://secweb.se/en/advisories/php-mysql-safe-mode-bypass-vulnerability/"
          },
          {
            "name": "https://issues.rpath.com/browse/RPL-1702",
            "refsource": "CONFIRM",
            "url": "https://issues.rpath.com/browse/RPL-1702"
          },
          {
            "name": "26838",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/26838"
          },
          {
            "name": "php-local-infile-security-bypass(36384)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36384"
          },
          {
            "name": "27377",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/27377"
          },
          {
            "name": "4392",
            "refsource": "EXPLOIT-DB",
            "url": "https://www.exploit-db.com/exploits/4392"
          },
          {
            "name": "http://www.php.net/ChangeLog-4.php",
            "refsource": "CONFIRM",
            "url": "http://www.php.net/ChangeLog-4.php"
          },
          {
            "name": "27102",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/27102"
          },
          {
            "name": "ADV-2007-3023",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2007/3023"
          },
          {
            "name": "http://www.php.net/releases/5_2_4.php",
            "refsource": "CONFIRM",
            "url": "http://www.php.net/releases/5_2_4.php"
          },
          {
            "name": "28318",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/28318"
          },
          {
            "name": "26642",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/26642"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "4.4.8",
                "versionStartIncluding": "4.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "5.2.4",
                "versionStartIncluding": "5.0.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-3997"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The (1) MySQL and (2) MySQLi extensions in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, allow remote attackers to bypass safe_mode and open_basedir restrictions via MySQL LOCAL INFILE operations, as demonstrated by a query with LOAD DATA LOCAL INFILE."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-264"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://secweb.se/en/advisories/php-mysql-safe-mode-bypass-vulnerability/",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Third Party Advisory"
              ],
              "url": "http://secweb.se/en/advisories/php-mysql-safe-mode-bypass-vulnerability/"
            },
            {
              "name": "http://www.php.net/ChangeLog-5.php#5.2.4",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.php.net/ChangeLog-5.php#5.2.4"
            },
            {
              "name": "http://www.php.net/releases/5_2_4.php",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.php.net/releases/5_2_4.php"
            },
            {
              "name": "26642",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/26642"
            },
            {
              "name": "https://issues.rpath.com/browse/RPL-1702",
              "refsource": "CONFIRM",
              "tags": [
                "Broken Link"
              ],
              "url": "https://issues.rpath.com/browse/RPL-1702"
            },
            {
              "name": "https://issues.rpath.com/browse/RPL-1693",
              "refsource": "CONFIRM",
              "tags": [
                "Broken Link"
              ],
              "url": "https://issues.rpath.com/browse/RPL-1693"
            },
            {
              "name": "GLSA-200710-02",
              "refsource": "GENTOO",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml"
            },
            {
              "name": "2007-0026",
              "refsource": "TRUSTIX",
              "tags": [
                "Broken Link"
              ],
              "url": "http://www.trustix.org/errata/2007/0026/"
            },
            {
              "name": "26822",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/26822"
            },
            {
              "name": "26838",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/26838"
            },
            {
              "name": "27377",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/27377"
            },
            {
              "name": "27102",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/27102"
            },
            {
              "name": "3102",
              "refsource": "SREASON",
              "tags": [
                "Exploit",
                "Third Party Advisory"
              ],
              "url": "http://securityreason.com/securityalert/3102"
            },
            {
              "name": "http://www.php.net/ChangeLog-4.php",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.php.net/ChangeLog-4.php"
            },
            {
              "name": "http://www.php.net/releases/4_4_8.php",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.php.net/releases/4_4_8.php"
            },
            {
              "name": "28318",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/28318"
            },
            {
              "name": "ADV-2008-0059",
              "refsource": "VUPEN",
              "tags": [
                "Permissions Required",
                "Third Party Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/0059"
            },
            {
              "name": "ADV-2007-3023",
              "refsource": "VUPEN",
              "tags": [
                "Permissions Required",
                "Third Party Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/3023"
            },
            {
              "name": "php-localinfile-mysql-security-bypass(39402)",
              "refsource": "XF",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39402"
            },
            {
              "name": "php-local-infile-security-bypass(36384)",
              "refsource": "XF",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36384"
            },
            {
              "name": "4392",
              "refsource": "EXPLOIT-DB",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "https://www.exploit-db.com/exploits/4392"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-10-26T13:59Z",
      "publishedDate": "2007-09-04T18:17Z"
    }
  }
}

GHSA-966W-852V-C3C4

Vulnerability from github – Published: 2022-05-01 18:19 – Updated: 2025-04-09 03:45

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2007-3997"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2007-09-04T18:17:00Z",
    "severity": "HIGH"
  },
  "details": "The (1) MySQL and (2) MySQLi extensions in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, allow remote attackers to bypass safe_mode and open_basedir restrictions via MySQL LOCAL INFILE operations, as demonstrated by a query with LOAD DATA LOCAL INFILE.",
  "id": "GHSA-966w-852v-c3c4",
  "modified": "2025-04-09T03:45:48Z",
  "published": "2022-05-01T18:19:22Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-3997"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36384"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39402"
    },
    {
      "type": "WEB",
      "url": "https://issues.rpath.com/browse/RPL-1693"
    },
    {
      "type": "WEB",
      "url": "https://issues.rpath.com/browse/RPL-1702"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/4392"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/26642"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/26822"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/26838"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/27102"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/27377"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/28318"
    },
    {
      "type": "WEB",
      "url": "http://securityreason.com/securityalert/3102"
    },
    {
      "type": "WEB",
      "url": "http://secweb.se/en/advisories/php-mysql-safe-mode-bypass-vulnerability"
    },
    {
      "type": "WEB",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml"
    },
    {
      "type": "WEB",
      "url": "http://www.php.net/ChangeLog-4.php"
    },
    {
      "type": "WEB",
      "url": "http://www.php.net/ChangeLog-5.php#5.2.4"
    },
    {
      "type": "WEB",
      "url": "http://www.php.net/releases/4_4_8.php"
    },
    {
      "type": "WEB",
      "url": "http://www.php.net/releases/5_2_4.php"
    },
    {
      "type": "WEB",
      "url": "http://www.trustix.org/errata/2007/0026"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2007/3023"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/0059"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

FKIE_CVE-2007-3997

Vulnerability from fkie_nvd - Published: 2007-09-04 18:17 - Updated: 2025-04-09 00:30

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/26642	Third Party Advisory
cve@mitre.org	http://secunia.com/advisories/26822	Third Party Advisory
cve@mitre.org	http://secunia.com/advisories/26838	Third Party Advisory
cve@mitre.org	http://secunia.com/advisories/27102	Third Party Advisory
cve@mitre.org	http://secunia.com/advisories/27377	Third Party Advisory
cve@mitre.org	http://secunia.com/advisories/28318	Third Party Advisory
cve@mitre.org	http://securityreason.com/securityalert/3102	Exploit, Third Party Advisory
cve@mitre.org	http://secweb.se/en/advisories/php-mysql-safe-mode-bypass-vulnerability/	Exploit, Third Party Advisory
cve@mitre.org	http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml	Third Party Advisory
cve@mitre.org	http://www.php.net/ChangeLog-4.php	Vendor Advisory
cve@mitre.org	http://www.php.net/ChangeLog-5.php#5.2.4	Vendor Advisory
cve@mitre.org	http://www.php.net/releases/4_4_8.php	Vendor Advisory
cve@mitre.org	http://www.php.net/releases/5_2_4.php	Vendor Advisory
cve@mitre.org	http://www.trustix.org/errata/2007/0026/	Broken Link
cve@mitre.org	http://www.vupen.com/english/advisories/2007/3023	Permissions Required, Third Party Advisory
cve@mitre.org	http://www.vupen.com/english/advisories/2008/0059	Permissions Required, Third Party Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/36384	Third Party Advisory, VDB Entry
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/39402	Third Party Advisory, VDB Entry
cve@mitre.org	https://issues.rpath.com/browse/RPL-1693	Broken Link
cve@mitre.org	https://issues.rpath.com/browse/RPL-1702	Broken Link
cve@mitre.org	https://www.exploit-db.com/exploits/4392	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/26642	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/26822	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/26838	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27102	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27377	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28318	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securityreason.com/securityalert/3102	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secweb.se/en/advisories/php-mysql-safe-mode-bypass-vulnerability/	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.php.net/ChangeLog-4.php	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.php.net/ChangeLog-5.php#5.2.4	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.php.net/releases/4_4_8.php	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.php.net/releases/5_2_4.php	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.trustix.org/errata/2007/0026/	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/3023	Permissions Required, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/0059	Permissions Required, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/36384	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/39402	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://issues.rpath.com/browse/RPL-1693	Broken Link
af854a3a-2127-422b-91ae-364da2661108	https://issues.rpath.com/browse/RPL-1702	Broken Link
af854a3a-2127-422b-91ae-364da2661108	https://www.exploit-db.com/exploits/4392	Third Party Advisory, VDB Entry

Impacted products

	Vendor	Product	Version
	php	php	*
	php	php	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6C219FD-2507-491C-B38F-777D1A626FEC",
              "versionEndExcluding": "4.4.8",
              "versionStartIncluding": "4.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EABE00F5-DB5A-480D-8D77-73C04DBAB2A0",
              "versionEndExcluding": "5.2.4",
              "versionStartIncluding": "5.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The (1) MySQL and (2) MySQLi extensions in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, allow remote attackers to bypass safe_mode and open_basedir restrictions via MySQL LOCAL INFILE operations, as demonstrated by a query with LOAD DATA LOCAL INFILE."
    },
    {
      "lang": "es",
      "value": "Las extensiones (1) MySQL y (2) MySQLi en PHP 4 anterior a 4.4.8, y PHP 5 anterior a  5.2.4, permite a atacantes remotos evitar las restricciones safe_mode y open_basedir a trav\u00e9s de operaciones MySQL LOCAL INFILE, como se demostr\u00f3 con un consulta con LOAD DATA LOCAL INFILE."
    }
  ],
  "id": "CVE-2007-3997",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-09-04T18:17:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/26642"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/26822"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/26838"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/27102"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/27377"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/28318"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "http://securityreason.com/securityalert/3102"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "http://secweb.se/en/advisories/php-mysql-safe-mode-bypass-vulnerability/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.php.net/ChangeLog-4.php"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.php.net/ChangeLog-5.php#5.2.4"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.php.net/releases/4_4_8.php"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.php.net/releases/5_2_4.php"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.trustix.org/errata/2007/0026/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Permissions Required",
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/3023"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Permissions Required",
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/0059"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36384"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39402"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "https://issues.rpath.com/browse/RPL-1693"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "https://issues.rpath.com/browse/RPL-1702"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/4392"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/26642"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/26822"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/26838"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/27102"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/27377"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/28318"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "http://securityreason.com/securityalert/3102"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "http://secweb.se/en/advisories/php-mysql-safe-mode-bypass-vulnerability/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.php.net/ChangeLog-4.php"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.php.net/ChangeLog-5.php#5.2.4"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.php.net/releases/4_4_8.php"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.php.net/releases/5_2_4.php"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.trustix.org/errata/2007/0026/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required",
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/3023"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required",
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/0059"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36384"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39402"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "https://issues.rpath.com/browse/RPL-1693"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "https://issues.rpath.com/browse/RPL-1702"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/4392"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vendorComments": [
    {
      "comment": "Due to the nature of safe_mode and open_basedir restrictions, and in alignment with the PHP group\u2019s stance on these features, Mandriva does not consider this a security issue.",
      "lastModified": "2007-09-18T00:00:00",
      "organization": "Mandriva"
    },
    {
      "comment": "We do not consider these to be security issues.  For more details see http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=169857#c1\nand http://www.php.net/security-note.php\n",
      "lastModified": "2007-09-05T00:00:00",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2007-3997 (GCVE-0-2007-3997)

CERTA-2007-AVI-388

Description

Solution

CERTA-2007-AVI-388

Description

Solution

GSD-2007-3997

GHSA-966W-852V-C3C4

FKIE_CVE-2007-3997

Tags

Sightings

Nomenclature