rhsa-2007_0081
Vulnerability from csaf_redhat
Published
2007-02-21 12:42
Modified
2024-11-14 10:04
Summary
Red Hat Security Advisory: php security update
Notes
Topic
Updated PHP packages that fix several security issues are now available for
Red Hat Enterprise Linux 2.1.
This update has been rated as having important security impact by the Red
Hat Security Response Team.
Details
PHP is an HTML-embedded scripting language commonly used with the Apache
HTTP Web server.
A number of buffer overflow flaws were found in the PHP session extension;
the str_replace() function; and the imap_mail_compose() function. If very
long strings were passed to the str_replace() function, an integer
overflow could occur in memory allocation. If a script used the
imap_mail_compose() function to create a new MIME message based on an
input body from an untrusted source, it could result in a heap overflow.
An attacker with access to a PHP application affected by any these issues
could trigger the flaws and possibly execute arbitrary code as the
'apache' user. (CVE-2007-0906)
When unserializing untrusted data on 64-bit platforms, the
zend_hash_init() function could be forced into an infinite loop, consuming
CPU resources for a limited time, until the script timeout alarm aborted
execution of the script. (CVE-2007-0988)
If the wddx extension was used to import WDDX data from an untrusted
source, certain WDDX input packets could expose a random portion of heap
memory. (CVE-2007-0908)
If the odbc_result_all() function was used to display data from a database,
and the database table contents were under an attacker's control, a format
string vulnerability was possible which could allow arbitrary code
execution. (CVE-2007-0909)
A one byte memory read always occurs before the beginning of a buffer. This
could be triggered, for example, by any use of the header() function in a
script. However it is unlikely that this would have any effect.
(CVE-2007-0907)
Several flaws in PHP could allow attackers to "clobber" certain
super-global variables via unspecified vectors. (CVE-2007-0910)
Users of PHP should upgrade to these updated packages which contain
backported patches to correct these issues.
Red Hat would like to thank Stefan Esser for his help diagnosing these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated PHP packages that fix several security issues are now available for\nRed Hat Enterprise Linux 2.1.\n\nThis update has been rated as having important security impact by the Red\nHat Security Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "PHP is an HTML-embedded scripting language commonly used with the Apache\nHTTP Web server. \n\nA number of buffer overflow flaws were found in the PHP session extension;\nthe str_replace() function; and the imap_mail_compose() function. If very\nlong strings were passed to the str_replace() function, an integer\noverflow could occur in memory allocation. If a script used the\nimap_mail_compose() function to create a new MIME message based on an\ninput body from an untrusted source, it could result in a heap overflow.\nAn attacker with access to a PHP application affected by any these issues\ncould trigger the flaws and possibly execute arbitrary code as the\n\u0027apache\u0027 user. (CVE-2007-0906)\n\nWhen unserializing untrusted data on 64-bit platforms, the\nzend_hash_init() function could be forced into an infinite loop, consuming\nCPU resources for a limited time, until the script timeout alarm aborted\nexecution of the script. (CVE-2007-0988)\n\nIf the wddx extension was used to import WDDX data from an untrusted\nsource, certain WDDX input packets could expose a random portion of heap\nmemory. (CVE-2007-0908)\n\nIf the odbc_result_all() function was used to display data from a database,\nand the database table contents were under an attacker\u0027s control, a format\nstring vulnerability was possible which could allow arbitrary code\nexecution. (CVE-2007-0909)\n\nA one byte memory read always occurs before the beginning of a buffer. This\ncould be triggered, for example, by any use of the header() function in a\nscript. However it is unlikely that this would have any effect.\n(CVE-2007-0907)\n\nSeveral flaws in PHP could allow attackers to \"clobber\" certain\nsuper-global variables via unspecified vectors. (CVE-2007-0910)\n\nUsers of PHP should upgrade to these updated packages which contain\nbackported patches to correct these issues.\n\nRed Hat would like to thank Stefan Esser for his help diagnosing these issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2007:0081",
"url": "https://access.redhat.com/errata/RHSA-2007:0081"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "229332",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=229332"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2007/rhsa-2007_0081.json"
}
],
"title": "Red Hat Security Advisory: php security update",
"tracking": {
"current_release_date": "2024-11-14T10:04:59+00:00",
"generator": {
"date": "2024-11-14T10:04:59+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.0"
}
},
"id": "RHSA-2007:0081",
"initial_release_date": "2007-02-21T12:42:00+00:00",
"revision_history": [
{
"date": "2007-02-21T12:42:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2007-02-21T07:42:15+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-14T10:04:59+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"product": {
"name": "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"product_id": "2.1AS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:2.1::as"
}
}
},
{
"category": "product_name",
"name": "Red Hat Linux Advanced Workstation 2.1",
"product": {
"name": "Red Hat Linux Advanced Workstation 2.1",
"product_id": "2.1AW",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:2.1::aw"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 2.1",
"product": {
"name": "Red Hat Enterprise Linux ES version 2.1",
"product_id": "2.1ES",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:2.1::es"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 2.1",
"product": {
"name": "Red Hat Enterprise Linux WS version 2.1",
"product_id": "2.1WS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:2.1::ws"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "php-imap-0:4.1.2-2.14.ia64",
"product": {
"name": "php-imap-0:4.1.2-2.14.ia64",
"product_id": "php-imap-0:4.1.2-2.14.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-imap@4.1.2-2.14?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "php-devel-0:4.1.2-2.14.ia64",
"product": {
"name": "php-devel-0:4.1.2-2.14.ia64",
"product_id": "php-devel-0:4.1.2-2.14.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-devel@4.1.2-2.14?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "php-ldap-0:4.1.2-2.14.ia64",
"product": {
"name": "php-ldap-0:4.1.2-2.14.ia64",
"product_id": "php-ldap-0:4.1.2-2.14.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-ldap@4.1.2-2.14?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "php-manual-0:4.1.2-2.14.ia64",
"product": {
"name": "php-manual-0:4.1.2-2.14.ia64",
"product_id": "php-manual-0:4.1.2-2.14.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-manual@4.1.2-2.14?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "php-0:4.1.2-2.14.ia64",
"product": {
"name": "php-0:4.1.2-2.14.ia64",
"product_id": "php-0:4.1.2-2.14.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php@4.1.2-2.14?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "php-odbc-0:4.1.2-2.14.ia64",
"product": {
"name": "php-odbc-0:4.1.2-2.14.ia64",
"product_id": "php-odbc-0:4.1.2-2.14.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-odbc@4.1.2-2.14?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "php-mysql-0:4.1.2-2.14.ia64",
"product": {
"name": "php-mysql-0:4.1.2-2.14.ia64",
"product_id": "php-mysql-0:4.1.2-2.14.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-mysql@4.1.2-2.14?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "php-pgsql-0:4.1.2-2.14.ia64",
"product": {
"name": "php-pgsql-0:4.1.2-2.14.ia64",
"product_id": "php-pgsql-0:4.1.2-2.14.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-pgsql@4.1.2-2.14?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "php-0:4.1.2-2.14.src",
"product": {
"name": "php-0:4.1.2-2.14.src",
"product_id": "php-0:4.1.2-2.14.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php@4.1.2-2.14?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "php-imap-0:4.1.2-2.14.i386",
"product": {
"name": "php-imap-0:4.1.2-2.14.i386",
"product_id": "php-imap-0:4.1.2-2.14.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-imap@4.1.2-2.14?arch=i386"
}
}
},
{
"category": "product_version",
"name": "php-devel-0:4.1.2-2.14.i386",
"product": {
"name": "php-devel-0:4.1.2-2.14.i386",
"product_id": "php-devel-0:4.1.2-2.14.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-devel@4.1.2-2.14?arch=i386"
}
}
},
{
"category": "product_version",
"name": "php-ldap-0:4.1.2-2.14.i386",
"product": {
"name": "php-ldap-0:4.1.2-2.14.i386",
"product_id": "php-ldap-0:4.1.2-2.14.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-ldap@4.1.2-2.14?arch=i386"
}
}
},
{
"category": "product_version",
"name": "php-manual-0:4.1.2-2.14.i386",
"product": {
"name": "php-manual-0:4.1.2-2.14.i386",
"product_id": "php-manual-0:4.1.2-2.14.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-manual@4.1.2-2.14?arch=i386"
}
}
},
{
"category": "product_version",
"name": "php-0:4.1.2-2.14.i386",
"product": {
"name": "php-0:4.1.2-2.14.i386",
"product_id": "php-0:4.1.2-2.14.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php@4.1.2-2.14?arch=i386"
}
}
},
{
"category": "product_version",
"name": "php-odbc-0:4.1.2-2.14.i386",
"product": {
"name": "php-odbc-0:4.1.2-2.14.i386",
"product_id": "php-odbc-0:4.1.2-2.14.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-odbc@4.1.2-2.14?arch=i386"
}
}
},
{
"category": "product_version",
"name": "php-mysql-0:4.1.2-2.14.i386",
"product": {
"name": "php-mysql-0:4.1.2-2.14.i386",
"product_id": "php-mysql-0:4.1.2-2.14.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-mysql@4.1.2-2.14?arch=i386"
}
}
},
{
"category": "product_version",
"name": "php-pgsql-0:4.1.2-2.14.i386",
"product": {
"name": "php-pgsql-0:4.1.2-2.14.i386",
"product_id": "php-pgsql-0:4.1.2-2.14.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/php-pgsql@4.1.2-2.14?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "php-0:4.1.2-2.14.i386 as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"product_id": "2.1AS:php-0:4.1.2-2.14.i386"
},
"product_reference": "php-0:4.1.2-2.14.i386",
"relates_to_product_reference": "2.1AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-0:4.1.2-2.14.ia64 as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"product_id": "2.1AS:php-0:4.1.2-2.14.ia64"
},
"product_reference": "php-0:4.1.2-2.14.ia64",
"relates_to_product_reference": "2.1AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-0:4.1.2-2.14.src as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"product_id": "2.1AS:php-0:4.1.2-2.14.src"
},
"product_reference": "php-0:4.1.2-2.14.src",
"relates_to_product_reference": "2.1AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-devel-0:4.1.2-2.14.i386 as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"product_id": "2.1AS:php-devel-0:4.1.2-2.14.i386"
},
"product_reference": "php-devel-0:4.1.2-2.14.i386",
"relates_to_product_reference": "2.1AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-devel-0:4.1.2-2.14.ia64 as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"product_id": "2.1AS:php-devel-0:4.1.2-2.14.ia64"
},
"product_reference": "php-devel-0:4.1.2-2.14.ia64",
"relates_to_product_reference": "2.1AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-imap-0:4.1.2-2.14.i386 as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"product_id": "2.1AS:php-imap-0:4.1.2-2.14.i386"
},
"product_reference": "php-imap-0:4.1.2-2.14.i386",
"relates_to_product_reference": "2.1AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-imap-0:4.1.2-2.14.ia64 as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"product_id": "2.1AS:php-imap-0:4.1.2-2.14.ia64"
},
"product_reference": "php-imap-0:4.1.2-2.14.ia64",
"relates_to_product_reference": "2.1AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-ldap-0:4.1.2-2.14.i386 as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"product_id": "2.1AS:php-ldap-0:4.1.2-2.14.i386"
},
"product_reference": "php-ldap-0:4.1.2-2.14.i386",
"relates_to_product_reference": "2.1AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-ldap-0:4.1.2-2.14.ia64 as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"product_id": "2.1AS:php-ldap-0:4.1.2-2.14.ia64"
},
"product_reference": "php-ldap-0:4.1.2-2.14.ia64",
"relates_to_product_reference": "2.1AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-manual-0:4.1.2-2.14.i386 as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"product_id": "2.1AS:php-manual-0:4.1.2-2.14.i386"
},
"product_reference": "php-manual-0:4.1.2-2.14.i386",
"relates_to_product_reference": "2.1AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-manual-0:4.1.2-2.14.ia64 as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"product_id": "2.1AS:php-manual-0:4.1.2-2.14.ia64"
},
"product_reference": "php-manual-0:4.1.2-2.14.ia64",
"relates_to_product_reference": "2.1AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-mysql-0:4.1.2-2.14.i386 as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"product_id": "2.1AS:php-mysql-0:4.1.2-2.14.i386"
},
"product_reference": "php-mysql-0:4.1.2-2.14.i386",
"relates_to_product_reference": "2.1AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-mysql-0:4.1.2-2.14.ia64 as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"product_id": "2.1AS:php-mysql-0:4.1.2-2.14.ia64"
},
"product_reference": "php-mysql-0:4.1.2-2.14.ia64",
"relates_to_product_reference": "2.1AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-odbc-0:4.1.2-2.14.i386 as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"product_id": "2.1AS:php-odbc-0:4.1.2-2.14.i386"
},
"product_reference": "php-odbc-0:4.1.2-2.14.i386",
"relates_to_product_reference": "2.1AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-odbc-0:4.1.2-2.14.ia64 as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"product_id": "2.1AS:php-odbc-0:4.1.2-2.14.ia64"
},
"product_reference": "php-odbc-0:4.1.2-2.14.ia64",
"relates_to_product_reference": "2.1AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-pgsql-0:4.1.2-2.14.i386 as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"product_id": "2.1AS:php-pgsql-0:4.1.2-2.14.i386"
},
"product_reference": "php-pgsql-0:4.1.2-2.14.i386",
"relates_to_product_reference": "2.1AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-pgsql-0:4.1.2-2.14.ia64 as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"product_id": "2.1AS:php-pgsql-0:4.1.2-2.14.ia64"
},
"product_reference": "php-pgsql-0:4.1.2-2.14.ia64",
"relates_to_product_reference": "2.1AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-0:4.1.2-2.14.i386 as a component of Red Hat Linux Advanced Workstation 2.1",
"product_id": "2.1AW:php-0:4.1.2-2.14.i386"
},
"product_reference": "php-0:4.1.2-2.14.i386",
"relates_to_product_reference": "2.1AW"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-0:4.1.2-2.14.ia64 as a component of Red Hat Linux Advanced Workstation 2.1",
"product_id": "2.1AW:php-0:4.1.2-2.14.ia64"
},
"product_reference": "php-0:4.1.2-2.14.ia64",
"relates_to_product_reference": "2.1AW"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-0:4.1.2-2.14.src as a component of Red Hat Linux Advanced Workstation 2.1",
"product_id": "2.1AW:php-0:4.1.2-2.14.src"
},
"product_reference": "php-0:4.1.2-2.14.src",
"relates_to_product_reference": "2.1AW"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-devel-0:4.1.2-2.14.i386 as a component of Red Hat Linux Advanced Workstation 2.1",
"product_id": "2.1AW:php-devel-0:4.1.2-2.14.i386"
},
"product_reference": "php-devel-0:4.1.2-2.14.i386",
"relates_to_product_reference": "2.1AW"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-devel-0:4.1.2-2.14.ia64 as a component of Red Hat Linux Advanced Workstation 2.1",
"product_id": "2.1AW:php-devel-0:4.1.2-2.14.ia64"
},
"product_reference": "php-devel-0:4.1.2-2.14.ia64",
"relates_to_product_reference": "2.1AW"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-imap-0:4.1.2-2.14.i386 as a component of Red Hat Linux Advanced Workstation 2.1",
"product_id": "2.1AW:php-imap-0:4.1.2-2.14.i386"
},
"product_reference": "php-imap-0:4.1.2-2.14.i386",
"relates_to_product_reference": "2.1AW"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-imap-0:4.1.2-2.14.ia64 as a component of Red Hat Linux Advanced Workstation 2.1",
"product_id": "2.1AW:php-imap-0:4.1.2-2.14.ia64"
},
"product_reference": "php-imap-0:4.1.2-2.14.ia64",
"relates_to_product_reference": "2.1AW"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-ldap-0:4.1.2-2.14.i386 as a component of Red Hat Linux Advanced Workstation 2.1",
"product_id": "2.1AW:php-ldap-0:4.1.2-2.14.i386"
},
"product_reference": "php-ldap-0:4.1.2-2.14.i386",
"relates_to_product_reference": "2.1AW"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-ldap-0:4.1.2-2.14.ia64 as a component of Red Hat Linux Advanced Workstation 2.1",
"product_id": "2.1AW:php-ldap-0:4.1.2-2.14.ia64"
},
"product_reference": "php-ldap-0:4.1.2-2.14.ia64",
"relates_to_product_reference": "2.1AW"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-manual-0:4.1.2-2.14.i386 as a component of Red Hat Linux Advanced Workstation 2.1",
"product_id": "2.1AW:php-manual-0:4.1.2-2.14.i386"
},
"product_reference": "php-manual-0:4.1.2-2.14.i386",
"relates_to_product_reference": "2.1AW"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-manual-0:4.1.2-2.14.ia64 as a component of Red Hat Linux Advanced Workstation 2.1",
"product_id": "2.1AW:php-manual-0:4.1.2-2.14.ia64"
},
"product_reference": "php-manual-0:4.1.2-2.14.ia64",
"relates_to_product_reference": "2.1AW"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-mysql-0:4.1.2-2.14.i386 as a component of Red Hat Linux Advanced Workstation 2.1",
"product_id": "2.1AW:php-mysql-0:4.1.2-2.14.i386"
},
"product_reference": "php-mysql-0:4.1.2-2.14.i386",
"relates_to_product_reference": "2.1AW"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-mysql-0:4.1.2-2.14.ia64 as a component of Red Hat Linux Advanced Workstation 2.1",
"product_id": "2.1AW:php-mysql-0:4.1.2-2.14.ia64"
},
"product_reference": "php-mysql-0:4.1.2-2.14.ia64",
"relates_to_product_reference": "2.1AW"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-odbc-0:4.1.2-2.14.i386 as a component of Red Hat Linux Advanced Workstation 2.1",
"product_id": "2.1AW:php-odbc-0:4.1.2-2.14.i386"
},
"product_reference": "php-odbc-0:4.1.2-2.14.i386",
"relates_to_product_reference": "2.1AW"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-odbc-0:4.1.2-2.14.ia64 as a component of Red Hat Linux Advanced Workstation 2.1",
"product_id": "2.1AW:php-odbc-0:4.1.2-2.14.ia64"
},
"product_reference": "php-odbc-0:4.1.2-2.14.ia64",
"relates_to_product_reference": "2.1AW"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-pgsql-0:4.1.2-2.14.i386 as a component of Red Hat Linux Advanced Workstation 2.1",
"product_id": "2.1AW:php-pgsql-0:4.1.2-2.14.i386"
},
"product_reference": "php-pgsql-0:4.1.2-2.14.i386",
"relates_to_product_reference": "2.1AW"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-pgsql-0:4.1.2-2.14.ia64 as a component of Red Hat Linux Advanced Workstation 2.1",
"product_id": "2.1AW:php-pgsql-0:4.1.2-2.14.ia64"
},
"product_reference": "php-pgsql-0:4.1.2-2.14.ia64",
"relates_to_product_reference": "2.1AW"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-0:4.1.2-2.14.i386 as a component of Red Hat Enterprise Linux ES version 2.1",
"product_id": "2.1ES:php-0:4.1.2-2.14.i386"
},
"product_reference": "php-0:4.1.2-2.14.i386",
"relates_to_product_reference": "2.1ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-0:4.1.2-2.14.ia64 as a component of Red Hat Enterprise Linux ES version 2.1",
"product_id": "2.1ES:php-0:4.1.2-2.14.ia64"
},
"product_reference": "php-0:4.1.2-2.14.ia64",
"relates_to_product_reference": "2.1ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-0:4.1.2-2.14.src as a component of Red Hat Enterprise Linux ES version 2.1",
"product_id": "2.1ES:php-0:4.1.2-2.14.src"
},
"product_reference": "php-0:4.1.2-2.14.src",
"relates_to_product_reference": "2.1ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-devel-0:4.1.2-2.14.i386 as a component of Red Hat Enterprise Linux ES version 2.1",
"product_id": "2.1ES:php-devel-0:4.1.2-2.14.i386"
},
"product_reference": "php-devel-0:4.1.2-2.14.i386",
"relates_to_product_reference": "2.1ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-devel-0:4.1.2-2.14.ia64 as a component of Red Hat Enterprise Linux ES version 2.1",
"product_id": "2.1ES:php-devel-0:4.1.2-2.14.ia64"
},
"product_reference": "php-devel-0:4.1.2-2.14.ia64",
"relates_to_product_reference": "2.1ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-imap-0:4.1.2-2.14.i386 as a component of Red Hat Enterprise Linux ES version 2.1",
"product_id": "2.1ES:php-imap-0:4.1.2-2.14.i386"
},
"product_reference": "php-imap-0:4.1.2-2.14.i386",
"relates_to_product_reference": "2.1ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-imap-0:4.1.2-2.14.ia64 as a component of Red Hat Enterprise Linux ES version 2.1",
"product_id": "2.1ES:php-imap-0:4.1.2-2.14.ia64"
},
"product_reference": "php-imap-0:4.1.2-2.14.ia64",
"relates_to_product_reference": "2.1ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-ldap-0:4.1.2-2.14.i386 as a component of Red Hat Enterprise Linux ES version 2.1",
"product_id": "2.1ES:php-ldap-0:4.1.2-2.14.i386"
},
"product_reference": "php-ldap-0:4.1.2-2.14.i386",
"relates_to_product_reference": "2.1ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-ldap-0:4.1.2-2.14.ia64 as a component of Red Hat Enterprise Linux ES version 2.1",
"product_id": "2.1ES:php-ldap-0:4.1.2-2.14.ia64"
},
"product_reference": "php-ldap-0:4.1.2-2.14.ia64",
"relates_to_product_reference": "2.1ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-manual-0:4.1.2-2.14.i386 as a component of Red Hat Enterprise Linux ES version 2.1",
"product_id": "2.1ES:php-manual-0:4.1.2-2.14.i386"
},
"product_reference": "php-manual-0:4.1.2-2.14.i386",
"relates_to_product_reference": "2.1ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-manual-0:4.1.2-2.14.ia64 as a component of Red Hat Enterprise Linux ES version 2.1",
"product_id": "2.1ES:php-manual-0:4.1.2-2.14.ia64"
},
"product_reference": "php-manual-0:4.1.2-2.14.ia64",
"relates_to_product_reference": "2.1ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-mysql-0:4.1.2-2.14.i386 as a component of Red Hat Enterprise Linux ES version 2.1",
"product_id": "2.1ES:php-mysql-0:4.1.2-2.14.i386"
},
"product_reference": "php-mysql-0:4.1.2-2.14.i386",
"relates_to_product_reference": "2.1ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-mysql-0:4.1.2-2.14.ia64 as a component of Red Hat Enterprise Linux ES version 2.1",
"product_id": "2.1ES:php-mysql-0:4.1.2-2.14.ia64"
},
"product_reference": "php-mysql-0:4.1.2-2.14.ia64",
"relates_to_product_reference": "2.1ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-odbc-0:4.1.2-2.14.i386 as a component of Red Hat Enterprise Linux ES version 2.1",
"product_id": "2.1ES:php-odbc-0:4.1.2-2.14.i386"
},
"product_reference": "php-odbc-0:4.1.2-2.14.i386",
"relates_to_product_reference": "2.1ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-odbc-0:4.1.2-2.14.ia64 as a component of Red Hat Enterprise Linux ES version 2.1",
"product_id": "2.1ES:php-odbc-0:4.1.2-2.14.ia64"
},
"product_reference": "php-odbc-0:4.1.2-2.14.ia64",
"relates_to_product_reference": "2.1ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-pgsql-0:4.1.2-2.14.i386 as a component of Red Hat Enterprise Linux ES version 2.1",
"product_id": "2.1ES:php-pgsql-0:4.1.2-2.14.i386"
},
"product_reference": "php-pgsql-0:4.1.2-2.14.i386",
"relates_to_product_reference": "2.1ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-pgsql-0:4.1.2-2.14.ia64 as a component of Red Hat Enterprise Linux ES version 2.1",
"product_id": "2.1ES:php-pgsql-0:4.1.2-2.14.ia64"
},
"product_reference": "php-pgsql-0:4.1.2-2.14.ia64",
"relates_to_product_reference": "2.1ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-0:4.1.2-2.14.i386 as a component of Red Hat Enterprise Linux WS version 2.1",
"product_id": "2.1WS:php-0:4.1.2-2.14.i386"
},
"product_reference": "php-0:4.1.2-2.14.i386",
"relates_to_product_reference": "2.1WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-0:4.1.2-2.14.ia64 as a component of Red Hat Enterprise Linux WS version 2.1",
"product_id": "2.1WS:php-0:4.1.2-2.14.ia64"
},
"product_reference": "php-0:4.1.2-2.14.ia64",
"relates_to_product_reference": "2.1WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-0:4.1.2-2.14.src as a component of Red Hat Enterprise Linux WS version 2.1",
"product_id": "2.1WS:php-0:4.1.2-2.14.src"
},
"product_reference": "php-0:4.1.2-2.14.src",
"relates_to_product_reference": "2.1WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-devel-0:4.1.2-2.14.i386 as a component of Red Hat Enterprise Linux WS version 2.1",
"product_id": "2.1WS:php-devel-0:4.1.2-2.14.i386"
},
"product_reference": "php-devel-0:4.1.2-2.14.i386",
"relates_to_product_reference": "2.1WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-devel-0:4.1.2-2.14.ia64 as a component of Red Hat Enterprise Linux WS version 2.1",
"product_id": "2.1WS:php-devel-0:4.1.2-2.14.ia64"
},
"product_reference": "php-devel-0:4.1.2-2.14.ia64",
"relates_to_product_reference": "2.1WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-imap-0:4.1.2-2.14.i386 as a component of Red Hat Enterprise Linux WS version 2.1",
"product_id": "2.1WS:php-imap-0:4.1.2-2.14.i386"
},
"product_reference": "php-imap-0:4.1.2-2.14.i386",
"relates_to_product_reference": "2.1WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-imap-0:4.1.2-2.14.ia64 as a component of Red Hat Enterprise Linux WS version 2.1",
"product_id": "2.1WS:php-imap-0:4.1.2-2.14.ia64"
},
"product_reference": "php-imap-0:4.1.2-2.14.ia64",
"relates_to_product_reference": "2.1WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-ldap-0:4.1.2-2.14.i386 as a component of Red Hat Enterprise Linux WS version 2.1",
"product_id": "2.1WS:php-ldap-0:4.1.2-2.14.i386"
},
"product_reference": "php-ldap-0:4.1.2-2.14.i386",
"relates_to_product_reference": "2.1WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-ldap-0:4.1.2-2.14.ia64 as a component of Red Hat Enterprise Linux WS version 2.1",
"product_id": "2.1WS:php-ldap-0:4.1.2-2.14.ia64"
},
"product_reference": "php-ldap-0:4.1.2-2.14.ia64",
"relates_to_product_reference": "2.1WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-manual-0:4.1.2-2.14.i386 as a component of Red Hat Enterprise Linux WS version 2.1",
"product_id": "2.1WS:php-manual-0:4.1.2-2.14.i386"
},
"product_reference": "php-manual-0:4.1.2-2.14.i386",
"relates_to_product_reference": "2.1WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-manual-0:4.1.2-2.14.ia64 as a component of Red Hat Enterprise Linux WS version 2.1",
"product_id": "2.1WS:php-manual-0:4.1.2-2.14.ia64"
},
"product_reference": "php-manual-0:4.1.2-2.14.ia64",
"relates_to_product_reference": "2.1WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-mysql-0:4.1.2-2.14.i386 as a component of Red Hat Enterprise Linux WS version 2.1",
"product_id": "2.1WS:php-mysql-0:4.1.2-2.14.i386"
},
"product_reference": "php-mysql-0:4.1.2-2.14.i386",
"relates_to_product_reference": "2.1WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-mysql-0:4.1.2-2.14.ia64 as a component of Red Hat Enterprise Linux WS version 2.1",
"product_id": "2.1WS:php-mysql-0:4.1.2-2.14.ia64"
},
"product_reference": "php-mysql-0:4.1.2-2.14.ia64",
"relates_to_product_reference": "2.1WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-odbc-0:4.1.2-2.14.i386 as a component of Red Hat Enterprise Linux WS version 2.1",
"product_id": "2.1WS:php-odbc-0:4.1.2-2.14.i386"
},
"product_reference": "php-odbc-0:4.1.2-2.14.i386",
"relates_to_product_reference": "2.1WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-odbc-0:4.1.2-2.14.ia64 as a component of Red Hat Enterprise Linux WS version 2.1",
"product_id": "2.1WS:php-odbc-0:4.1.2-2.14.ia64"
},
"product_reference": "php-odbc-0:4.1.2-2.14.ia64",
"relates_to_product_reference": "2.1WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-pgsql-0:4.1.2-2.14.i386 as a component of Red Hat Enterprise Linux WS version 2.1",
"product_id": "2.1WS:php-pgsql-0:4.1.2-2.14.i386"
},
"product_reference": "php-pgsql-0:4.1.2-2.14.i386",
"relates_to_product_reference": "2.1WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "php-pgsql-0:4.1.2-2.14.ia64 as a component of Red Hat Enterprise Linux WS version 2.1",
"product_id": "2.1WS:php-pgsql-0:4.1.2-2.14.ia64"
},
"product_reference": "php-pgsql-0:4.1.2-2.14.ia64",
"relates_to_product_reference": "2.1WS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2007-0906",
"discovery_date": "2007-02-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1618280"
}
],
"notes": [
{
"category": "description",
"text": "Multiple buffer overflows in PHP before 5.2.1 allow attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors in the (1) session, (2) zip, (3) imap, and (4) sqlite extensions; (5) stream filters; and the (6) str_replace, (7) mail, (8) ibase_delete_user, (9) ibase_add_user, and (10) ibase_modify_user functions. NOTE: vector 6 might actually be an integer overflow (CVE-2007-1885). NOTE: as of 20070411, vector (3) might involve the imap_mail_compose function (CVE-2007-1825).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"2.1AS:php-0:4.1.2-2.14.i386",
"2.1AS:php-0:4.1.2-2.14.ia64",
"2.1AS:php-0:4.1.2-2.14.src",
"2.1AS:php-devel-0:4.1.2-2.14.i386",
"2.1AS:php-devel-0:4.1.2-2.14.ia64",
"2.1AS:php-imap-0:4.1.2-2.14.i386",
"2.1AS:php-imap-0:4.1.2-2.14.ia64",
"2.1AS:php-ldap-0:4.1.2-2.14.i386",
"2.1AS:php-ldap-0:4.1.2-2.14.ia64",
"2.1AS:php-manual-0:4.1.2-2.14.i386",
"2.1AS:php-manual-0:4.1.2-2.14.ia64",
"2.1AS:php-mysql-0:4.1.2-2.14.i386",
"2.1AS:php-mysql-0:4.1.2-2.14.ia64",
"2.1AS:php-odbc-0:4.1.2-2.14.i386",
"2.1AS:php-odbc-0:4.1.2-2.14.ia64",
"2.1AS:php-pgsql-0:4.1.2-2.14.i386",
"2.1AS:php-pgsql-0:4.1.2-2.14.ia64",
"2.1AW:php-0:4.1.2-2.14.i386",
"2.1AW:php-0:4.1.2-2.14.ia64",
"2.1AW:php-0:4.1.2-2.14.src",
"2.1AW:php-devel-0:4.1.2-2.14.i386",
"2.1AW:php-devel-0:4.1.2-2.14.ia64",
"2.1AW:php-imap-0:4.1.2-2.14.i386",
"2.1AW:php-imap-0:4.1.2-2.14.ia64",
"2.1AW:php-ldap-0:4.1.2-2.14.i386",
"2.1AW:php-ldap-0:4.1.2-2.14.ia64",
"2.1AW:php-manual-0:4.1.2-2.14.i386",
"2.1AW:php-manual-0:4.1.2-2.14.ia64",
"2.1AW:php-mysql-0:4.1.2-2.14.i386",
"2.1AW:php-mysql-0:4.1.2-2.14.ia64",
"2.1AW:php-odbc-0:4.1.2-2.14.i386",
"2.1AW:php-odbc-0:4.1.2-2.14.ia64",
"2.1AW:php-pgsql-0:4.1.2-2.14.i386",
"2.1AW:php-pgsql-0:4.1.2-2.14.ia64",
"2.1ES:php-0:4.1.2-2.14.i386",
"2.1ES:php-0:4.1.2-2.14.ia64",
"2.1ES:php-0:4.1.2-2.14.src",
"2.1ES:php-devel-0:4.1.2-2.14.i386",
"2.1ES:php-devel-0:4.1.2-2.14.ia64",
"2.1ES:php-imap-0:4.1.2-2.14.i386",
"2.1ES:php-imap-0:4.1.2-2.14.ia64",
"2.1ES:php-ldap-0:4.1.2-2.14.i386",
"2.1ES:php-ldap-0:4.1.2-2.14.ia64",
"2.1ES:php-manual-0:4.1.2-2.14.i386",
"2.1ES:php-manual-0:4.1.2-2.14.ia64",
"2.1ES:php-mysql-0:4.1.2-2.14.i386",
"2.1ES:php-mysql-0:4.1.2-2.14.ia64",
"2.1ES:php-odbc-0:4.1.2-2.14.i386",
"2.1ES:php-odbc-0:4.1.2-2.14.ia64",
"2.1ES:php-pgsql-0:4.1.2-2.14.i386",
"2.1ES:php-pgsql-0:4.1.2-2.14.ia64",
"2.1WS:php-0:4.1.2-2.14.i386",
"2.1WS:php-0:4.1.2-2.14.ia64",
"2.1WS:php-0:4.1.2-2.14.src",
"2.1WS:php-devel-0:4.1.2-2.14.i386",
"2.1WS:php-devel-0:4.1.2-2.14.ia64",
"2.1WS:php-imap-0:4.1.2-2.14.i386",
"2.1WS:php-imap-0:4.1.2-2.14.ia64",
"2.1WS:php-ldap-0:4.1.2-2.14.i386",
"2.1WS:php-ldap-0:4.1.2-2.14.ia64",
"2.1WS:php-manual-0:4.1.2-2.14.i386",
"2.1WS:php-manual-0:4.1.2-2.14.ia64",
"2.1WS:php-mysql-0:4.1.2-2.14.i386",
"2.1WS:php-mysql-0:4.1.2-2.14.ia64",
"2.1WS:php-odbc-0:4.1.2-2.14.i386",
"2.1WS:php-odbc-0:4.1.2-2.14.ia64",
"2.1WS:php-pgsql-0:4.1.2-2.14.i386",
"2.1WS:php-pgsql-0:4.1.2-2.14.ia64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2007-0906"
},
{
"category": "external",
"summary": "RHBZ#1618280",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618280"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2007-0906",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0906"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2007-0906",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2007-0906"
}
],
"release_date": "2007-02-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2007-02-21T12:42:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
"product_ids": [
"2.1AS:php-0:4.1.2-2.14.i386",
"2.1AS:php-0:4.1.2-2.14.ia64",
"2.1AS:php-0:4.1.2-2.14.src",
"2.1AS:php-devel-0:4.1.2-2.14.i386",
"2.1AS:php-devel-0:4.1.2-2.14.ia64",
"2.1AS:php-imap-0:4.1.2-2.14.i386",
"2.1AS:php-imap-0:4.1.2-2.14.ia64",
"2.1AS:php-ldap-0:4.1.2-2.14.i386",
"2.1AS:php-ldap-0:4.1.2-2.14.ia64",
"2.1AS:php-manual-0:4.1.2-2.14.i386",
"2.1AS:php-manual-0:4.1.2-2.14.ia64",
"2.1AS:php-mysql-0:4.1.2-2.14.i386",
"2.1AS:php-mysql-0:4.1.2-2.14.ia64",
"2.1AS:php-odbc-0:4.1.2-2.14.i386",
"2.1AS:php-odbc-0:4.1.2-2.14.ia64",
"2.1AS:php-pgsql-0:4.1.2-2.14.i386",
"2.1AS:php-pgsql-0:4.1.2-2.14.ia64",
"2.1AW:php-0:4.1.2-2.14.i386",
"2.1AW:php-0:4.1.2-2.14.ia64",
"2.1AW:php-0:4.1.2-2.14.src",
"2.1AW:php-devel-0:4.1.2-2.14.i386",
"2.1AW:php-devel-0:4.1.2-2.14.ia64",
"2.1AW:php-imap-0:4.1.2-2.14.i386",
"2.1AW:php-imap-0:4.1.2-2.14.ia64",
"2.1AW:php-ldap-0:4.1.2-2.14.i386",
"2.1AW:php-ldap-0:4.1.2-2.14.ia64",
"2.1AW:php-manual-0:4.1.2-2.14.i386",
"2.1AW:php-manual-0:4.1.2-2.14.ia64",
"2.1AW:php-mysql-0:4.1.2-2.14.i386",
"2.1AW:php-mysql-0:4.1.2-2.14.ia64",
"2.1AW:php-odbc-0:4.1.2-2.14.i386",
"2.1AW:php-odbc-0:4.1.2-2.14.ia64",
"2.1AW:php-pgsql-0:4.1.2-2.14.i386",
"2.1AW:php-pgsql-0:4.1.2-2.14.ia64",
"2.1ES:php-0:4.1.2-2.14.i386",
"2.1ES:php-0:4.1.2-2.14.ia64",
"2.1ES:php-0:4.1.2-2.14.src",
"2.1ES:php-devel-0:4.1.2-2.14.i386",
"2.1ES:php-devel-0:4.1.2-2.14.ia64",
"2.1ES:php-imap-0:4.1.2-2.14.i386",
"2.1ES:php-imap-0:4.1.2-2.14.ia64",
"2.1ES:php-ldap-0:4.1.2-2.14.i386",
"2.1ES:php-ldap-0:4.1.2-2.14.ia64",
"2.1ES:php-manual-0:4.1.2-2.14.i386",
"2.1ES:php-manual-0:4.1.2-2.14.ia64",
"2.1ES:php-mysql-0:4.1.2-2.14.i386",
"2.1ES:php-mysql-0:4.1.2-2.14.ia64",
"2.1ES:php-odbc-0:4.1.2-2.14.i386",
"2.1ES:php-odbc-0:4.1.2-2.14.ia64",
"2.1ES:php-pgsql-0:4.1.2-2.14.i386",
"2.1ES:php-pgsql-0:4.1.2-2.14.ia64",
"2.1WS:php-0:4.1.2-2.14.i386",
"2.1WS:php-0:4.1.2-2.14.ia64",
"2.1WS:php-0:4.1.2-2.14.src",
"2.1WS:php-devel-0:4.1.2-2.14.i386",
"2.1WS:php-devel-0:4.1.2-2.14.ia64",
"2.1WS:php-imap-0:4.1.2-2.14.i386",
"2.1WS:php-imap-0:4.1.2-2.14.ia64",
"2.1WS:php-ldap-0:4.1.2-2.14.i386",
"2.1WS:php-ldap-0:4.1.2-2.14.ia64",
"2.1WS:php-manual-0:4.1.2-2.14.i386",
"2.1WS:php-manual-0:4.1.2-2.14.ia64",
"2.1WS:php-mysql-0:4.1.2-2.14.i386",
"2.1WS:php-mysql-0:4.1.2-2.14.ia64",
"2.1WS:php-odbc-0:4.1.2-2.14.i386",
"2.1WS:php-odbc-0:4.1.2-2.14.ia64",
"2.1WS:php-pgsql-0:4.1.2-2.14.i386",
"2.1WS:php-pgsql-0:4.1.2-2.14.ia64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2007:0081"
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2007-0907",
"discovery_date": "2007-02-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1618281"
}
],
"notes": [
{
"category": "description",
"text": "Buffer underflow in PHP before 5.2.1 allows attackers to cause a denial of service via unspecified vectors involving the sapi_header_op function.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"2.1AS:php-0:4.1.2-2.14.i386",
"2.1AS:php-0:4.1.2-2.14.ia64",
"2.1AS:php-0:4.1.2-2.14.src",
"2.1AS:php-devel-0:4.1.2-2.14.i386",
"2.1AS:php-devel-0:4.1.2-2.14.ia64",
"2.1AS:php-imap-0:4.1.2-2.14.i386",
"2.1AS:php-imap-0:4.1.2-2.14.ia64",
"2.1AS:php-ldap-0:4.1.2-2.14.i386",
"2.1AS:php-ldap-0:4.1.2-2.14.ia64",
"2.1AS:php-manual-0:4.1.2-2.14.i386",
"2.1AS:php-manual-0:4.1.2-2.14.ia64",
"2.1AS:php-mysql-0:4.1.2-2.14.i386",
"2.1AS:php-mysql-0:4.1.2-2.14.ia64",
"2.1AS:php-odbc-0:4.1.2-2.14.i386",
"2.1AS:php-odbc-0:4.1.2-2.14.ia64",
"2.1AS:php-pgsql-0:4.1.2-2.14.i386",
"2.1AS:php-pgsql-0:4.1.2-2.14.ia64",
"2.1AW:php-0:4.1.2-2.14.i386",
"2.1AW:php-0:4.1.2-2.14.ia64",
"2.1AW:php-0:4.1.2-2.14.src",
"2.1AW:php-devel-0:4.1.2-2.14.i386",
"2.1AW:php-devel-0:4.1.2-2.14.ia64",
"2.1AW:php-imap-0:4.1.2-2.14.i386",
"2.1AW:php-imap-0:4.1.2-2.14.ia64",
"2.1AW:php-ldap-0:4.1.2-2.14.i386",
"2.1AW:php-ldap-0:4.1.2-2.14.ia64",
"2.1AW:php-manual-0:4.1.2-2.14.i386",
"2.1AW:php-manual-0:4.1.2-2.14.ia64",
"2.1AW:php-mysql-0:4.1.2-2.14.i386",
"2.1AW:php-mysql-0:4.1.2-2.14.ia64",
"2.1AW:php-odbc-0:4.1.2-2.14.i386",
"2.1AW:php-odbc-0:4.1.2-2.14.ia64",
"2.1AW:php-pgsql-0:4.1.2-2.14.i386",
"2.1AW:php-pgsql-0:4.1.2-2.14.ia64",
"2.1ES:php-0:4.1.2-2.14.i386",
"2.1ES:php-0:4.1.2-2.14.ia64",
"2.1ES:php-0:4.1.2-2.14.src",
"2.1ES:php-devel-0:4.1.2-2.14.i386",
"2.1ES:php-devel-0:4.1.2-2.14.ia64",
"2.1ES:php-imap-0:4.1.2-2.14.i386",
"2.1ES:php-imap-0:4.1.2-2.14.ia64",
"2.1ES:php-ldap-0:4.1.2-2.14.i386",
"2.1ES:php-ldap-0:4.1.2-2.14.ia64",
"2.1ES:php-manual-0:4.1.2-2.14.i386",
"2.1ES:php-manual-0:4.1.2-2.14.ia64",
"2.1ES:php-mysql-0:4.1.2-2.14.i386",
"2.1ES:php-mysql-0:4.1.2-2.14.ia64",
"2.1ES:php-odbc-0:4.1.2-2.14.i386",
"2.1ES:php-odbc-0:4.1.2-2.14.ia64",
"2.1ES:php-pgsql-0:4.1.2-2.14.i386",
"2.1ES:php-pgsql-0:4.1.2-2.14.ia64",
"2.1WS:php-0:4.1.2-2.14.i386",
"2.1WS:php-0:4.1.2-2.14.ia64",
"2.1WS:php-0:4.1.2-2.14.src",
"2.1WS:php-devel-0:4.1.2-2.14.i386",
"2.1WS:php-devel-0:4.1.2-2.14.ia64",
"2.1WS:php-imap-0:4.1.2-2.14.i386",
"2.1WS:php-imap-0:4.1.2-2.14.ia64",
"2.1WS:php-ldap-0:4.1.2-2.14.i386",
"2.1WS:php-ldap-0:4.1.2-2.14.ia64",
"2.1WS:php-manual-0:4.1.2-2.14.i386",
"2.1WS:php-manual-0:4.1.2-2.14.ia64",
"2.1WS:php-mysql-0:4.1.2-2.14.i386",
"2.1WS:php-mysql-0:4.1.2-2.14.ia64",
"2.1WS:php-odbc-0:4.1.2-2.14.i386",
"2.1WS:php-odbc-0:4.1.2-2.14.ia64",
"2.1WS:php-pgsql-0:4.1.2-2.14.i386",
"2.1WS:php-pgsql-0:4.1.2-2.14.ia64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2007-0907"
},
{
"category": "external",
"summary": "RHBZ#1618281",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618281"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2007-0907",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0907"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2007-0907",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2007-0907"
}
],
"release_date": "2007-02-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2007-02-21T12:42:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
"product_ids": [
"2.1AS:php-0:4.1.2-2.14.i386",
"2.1AS:php-0:4.1.2-2.14.ia64",
"2.1AS:php-0:4.1.2-2.14.src",
"2.1AS:php-devel-0:4.1.2-2.14.i386",
"2.1AS:php-devel-0:4.1.2-2.14.ia64",
"2.1AS:php-imap-0:4.1.2-2.14.i386",
"2.1AS:php-imap-0:4.1.2-2.14.ia64",
"2.1AS:php-ldap-0:4.1.2-2.14.i386",
"2.1AS:php-ldap-0:4.1.2-2.14.ia64",
"2.1AS:php-manual-0:4.1.2-2.14.i386",
"2.1AS:php-manual-0:4.1.2-2.14.ia64",
"2.1AS:php-mysql-0:4.1.2-2.14.i386",
"2.1AS:php-mysql-0:4.1.2-2.14.ia64",
"2.1AS:php-odbc-0:4.1.2-2.14.i386",
"2.1AS:php-odbc-0:4.1.2-2.14.ia64",
"2.1AS:php-pgsql-0:4.1.2-2.14.i386",
"2.1AS:php-pgsql-0:4.1.2-2.14.ia64",
"2.1AW:php-0:4.1.2-2.14.i386",
"2.1AW:php-0:4.1.2-2.14.ia64",
"2.1AW:php-0:4.1.2-2.14.src",
"2.1AW:php-devel-0:4.1.2-2.14.i386",
"2.1AW:php-devel-0:4.1.2-2.14.ia64",
"2.1AW:php-imap-0:4.1.2-2.14.i386",
"2.1AW:php-imap-0:4.1.2-2.14.ia64",
"2.1AW:php-ldap-0:4.1.2-2.14.i386",
"2.1AW:php-ldap-0:4.1.2-2.14.ia64",
"2.1AW:php-manual-0:4.1.2-2.14.i386",
"2.1AW:php-manual-0:4.1.2-2.14.ia64",
"2.1AW:php-mysql-0:4.1.2-2.14.i386",
"2.1AW:php-mysql-0:4.1.2-2.14.ia64",
"2.1AW:php-odbc-0:4.1.2-2.14.i386",
"2.1AW:php-odbc-0:4.1.2-2.14.ia64",
"2.1AW:php-pgsql-0:4.1.2-2.14.i386",
"2.1AW:php-pgsql-0:4.1.2-2.14.ia64",
"2.1ES:php-0:4.1.2-2.14.i386",
"2.1ES:php-0:4.1.2-2.14.ia64",
"2.1ES:php-0:4.1.2-2.14.src",
"2.1ES:php-devel-0:4.1.2-2.14.i386",
"2.1ES:php-devel-0:4.1.2-2.14.ia64",
"2.1ES:php-imap-0:4.1.2-2.14.i386",
"2.1ES:php-imap-0:4.1.2-2.14.ia64",
"2.1ES:php-ldap-0:4.1.2-2.14.i386",
"2.1ES:php-ldap-0:4.1.2-2.14.ia64",
"2.1ES:php-manual-0:4.1.2-2.14.i386",
"2.1ES:php-manual-0:4.1.2-2.14.ia64",
"2.1ES:php-mysql-0:4.1.2-2.14.i386",
"2.1ES:php-mysql-0:4.1.2-2.14.ia64",
"2.1ES:php-odbc-0:4.1.2-2.14.i386",
"2.1ES:php-odbc-0:4.1.2-2.14.ia64",
"2.1ES:php-pgsql-0:4.1.2-2.14.i386",
"2.1ES:php-pgsql-0:4.1.2-2.14.ia64",
"2.1WS:php-0:4.1.2-2.14.i386",
"2.1WS:php-0:4.1.2-2.14.ia64",
"2.1WS:php-0:4.1.2-2.14.src",
"2.1WS:php-devel-0:4.1.2-2.14.i386",
"2.1WS:php-devel-0:4.1.2-2.14.ia64",
"2.1WS:php-imap-0:4.1.2-2.14.i386",
"2.1WS:php-imap-0:4.1.2-2.14.ia64",
"2.1WS:php-ldap-0:4.1.2-2.14.i386",
"2.1WS:php-ldap-0:4.1.2-2.14.ia64",
"2.1WS:php-manual-0:4.1.2-2.14.i386",
"2.1WS:php-manual-0:4.1.2-2.14.ia64",
"2.1WS:php-mysql-0:4.1.2-2.14.i386",
"2.1WS:php-mysql-0:4.1.2-2.14.ia64",
"2.1WS:php-odbc-0:4.1.2-2.14.i386",
"2.1WS:php-odbc-0:4.1.2-2.14.ia64",
"2.1WS:php-pgsql-0:4.1.2-2.14.i386",
"2.1WS:php-pgsql-0:4.1.2-2.14.ia64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2007:0081"
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2007-0908",
"discovery_date": "2007-02-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1618282"
}
],
"notes": [
{
"category": "description",
"text": "The WDDX deserializer in the wddx extension in PHP 5 before 5.2.1 and PHP 4 before 4.4.5 does not properly initialize the key_length variable for a numerical key, which allows context-dependent attackers to read stack memory via a wddxPacket element that contains a variable with a string name before a numerical variable.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"2.1AS:php-0:4.1.2-2.14.i386",
"2.1AS:php-0:4.1.2-2.14.ia64",
"2.1AS:php-0:4.1.2-2.14.src",
"2.1AS:php-devel-0:4.1.2-2.14.i386",
"2.1AS:php-devel-0:4.1.2-2.14.ia64",
"2.1AS:php-imap-0:4.1.2-2.14.i386",
"2.1AS:php-imap-0:4.1.2-2.14.ia64",
"2.1AS:php-ldap-0:4.1.2-2.14.i386",
"2.1AS:php-ldap-0:4.1.2-2.14.ia64",
"2.1AS:php-manual-0:4.1.2-2.14.i386",
"2.1AS:php-manual-0:4.1.2-2.14.ia64",
"2.1AS:php-mysql-0:4.1.2-2.14.i386",
"2.1AS:php-mysql-0:4.1.2-2.14.ia64",
"2.1AS:php-odbc-0:4.1.2-2.14.i386",
"2.1AS:php-odbc-0:4.1.2-2.14.ia64",
"2.1AS:php-pgsql-0:4.1.2-2.14.i386",
"2.1AS:php-pgsql-0:4.1.2-2.14.ia64",
"2.1AW:php-0:4.1.2-2.14.i386",
"2.1AW:php-0:4.1.2-2.14.ia64",
"2.1AW:php-0:4.1.2-2.14.src",
"2.1AW:php-devel-0:4.1.2-2.14.i386",
"2.1AW:php-devel-0:4.1.2-2.14.ia64",
"2.1AW:php-imap-0:4.1.2-2.14.i386",
"2.1AW:php-imap-0:4.1.2-2.14.ia64",
"2.1AW:php-ldap-0:4.1.2-2.14.i386",
"2.1AW:php-ldap-0:4.1.2-2.14.ia64",
"2.1AW:php-manual-0:4.1.2-2.14.i386",
"2.1AW:php-manual-0:4.1.2-2.14.ia64",
"2.1AW:php-mysql-0:4.1.2-2.14.i386",
"2.1AW:php-mysql-0:4.1.2-2.14.ia64",
"2.1AW:php-odbc-0:4.1.2-2.14.i386",
"2.1AW:php-odbc-0:4.1.2-2.14.ia64",
"2.1AW:php-pgsql-0:4.1.2-2.14.i386",
"2.1AW:php-pgsql-0:4.1.2-2.14.ia64",
"2.1ES:php-0:4.1.2-2.14.i386",
"2.1ES:php-0:4.1.2-2.14.ia64",
"2.1ES:php-0:4.1.2-2.14.src",
"2.1ES:php-devel-0:4.1.2-2.14.i386",
"2.1ES:php-devel-0:4.1.2-2.14.ia64",
"2.1ES:php-imap-0:4.1.2-2.14.i386",
"2.1ES:php-imap-0:4.1.2-2.14.ia64",
"2.1ES:php-ldap-0:4.1.2-2.14.i386",
"2.1ES:php-ldap-0:4.1.2-2.14.ia64",
"2.1ES:php-manual-0:4.1.2-2.14.i386",
"2.1ES:php-manual-0:4.1.2-2.14.ia64",
"2.1ES:php-mysql-0:4.1.2-2.14.i386",
"2.1ES:php-mysql-0:4.1.2-2.14.ia64",
"2.1ES:php-odbc-0:4.1.2-2.14.i386",
"2.1ES:php-odbc-0:4.1.2-2.14.ia64",
"2.1ES:php-pgsql-0:4.1.2-2.14.i386",
"2.1ES:php-pgsql-0:4.1.2-2.14.ia64",
"2.1WS:php-0:4.1.2-2.14.i386",
"2.1WS:php-0:4.1.2-2.14.ia64",
"2.1WS:php-0:4.1.2-2.14.src",
"2.1WS:php-devel-0:4.1.2-2.14.i386",
"2.1WS:php-devel-0:4.1.2-2.14.ia64",
"2.1WS:php-imap-0:4.1.2-2.14.i386",
"2.1WS:php-imap-0:4.1.2-2.14.ia64",
"2.1WS:php-ldap-0:4.1.2-2.14.i386",
"2.1WS:php-ldap-0:4.1.2-2.14.ia64",
"2.1WS:php-manual-0:4.1.2-2.14.i386",
"2.1WS:php-manual-0:4.1.2-2.14.ia64",
"2.1WS:php-mysql-0:4.1.2-2.14.i386",
"2.1WS:php-mysql-0:4.1.2-2.14.ia64",
"2.1WS:php-odbc-0:4.1.2-2.14.i386",
"2.1WS:php-odbc-0:4.1.2-2.14.ia64",
"2.1WS:php-pgsql-0:4.1.2-2.14.i386",
"2.1WS:php-pgsql-0:4.1.2-2.14.ia64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2007-0908"
},
{
"category": "external",
"summary": "RHBZ#1618282",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618282"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2007-0908",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0908"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2007-0908",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2007-0908"
}
],
"release_date": "2007-02-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2007-02-21T12:42:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
"product_ids": [
"2.1AS:php-0:4.1.2-2.14.i386",
"2.1AS:php-0:4.1.2-2.14.ia64",
"2.1AS:php-0:4.1.2-2.14.src",
"2.1AS:php-devel-0:4.1.2-2.14.i386",
"2.1AS:php-devel-0:4.1.2-2.14.ia64",
"2.1AS:php-imap-0:4.1.2-2.14.i386",
"2.1AS:php-imap-0:4.1.2-2.14.ia64",
"2.1AS:php-ldap-0:4.1.2-2.14.i386",
"2.1AS:php-ldap-0:4.1.2-2.14.ia64",
"2.1AS:php-manual-0:4.1.2-2.14.i386",
"2.1AS:php-manual-0:4.1.2-2.14.ia64",
"2.1AS:php-mysql-0:4.1.2-2.14.i386",
"2.1AS:php-mysql-0:4.1.2-2.14.ia64",
"2.1AS:php-odbc-0:4.1.2-2.14.i386",
"2.1AS:php-odbc-0:4.1.2-2.14.ia64",
"2.1AS:php-pgsql-0:4.1.2-2.14.i386",
"2.1AS:php-pgsql-0:4.1.2-2.14.ia64",
"2.1AW:php-0:4.1.2-2.14.i386",
"2.1AW:php-0:4.1.2-2.14.ia64",
"2.1AW:php-0:4.1.2-2.14.src",
"2.1AW:php-devel-0:4.1.2-2.14.i386",
"2.1AW:php-devel-0:4.1.2-2.14.ia64",
"2.1AW:php-imap-0:4.1.2-2.14.i386",
"2.1AW:php-imap-0:4.1.2-2.14.ia64",
"2.1AW:php-ldap-0:4.1.2-2.14.i386",
"2.1AW:php-ldap-0:4.1.2-2.14.ia64",
"2.1AW:php-manual-0:4.1.2-2.14.i386",
"2.1AW:php-manual-0:4.1.2-2.14.ia64",
"2.1AW:php-mysql-0:4.1.2-2.14.i386",
"2.1AW:php-mysql-0:4.1.2-2.14.ia64",
"2.1AW:php-odbc-0:4.1.2-2.14.i386",
"2.1AW:php-odbc-0:4.1.2-2.14.ia64",
"2.1AW:php-pgsql-0:4.1.2-2.14.i386",
"2.1AW:php-pgsql-0:4.1.2-2.14.ia64",
"2.1ES:php-0:4.1.2-2.14.i386",
"2.1ES:php-0:4.1.2-2.14.ia64",
"2.1ES:php-0:4.1.2-2.14.src",
"2.1ES:php-devel-0:4.1.2-2.14.i386",
"2.1ES:php-devel-0:4.1.2-2.14.ia64",
"2.1ES:php-imap-0:4.1.2-2.14.i386",
"2.1ES:php-imap-0:4.1.2-2.14.ia64",
"2.1ES:php-ldap-0:4.1.2-2.14.i386",
"2.1ES:php-ldap-0:4.1.2-2.14.ia64",
"2.1ES:php-manual-0:4.1.2-2.14.i386",
"2.1ES:php-manual-0:4.1.2-2.14.ia64",
"2.1ES:php-mysql-0:4.1.2-2.14.i386",
"2.1ES:php-mysql-0:4.1.2-2.14.ia64",
"2.1ES:php-odbc-0:4.1.2-2.14.i386",
"2.1ES:php-odbc-0:4.1.2-2.14.ia64",
"2.1ES:php-pgsql-0:4.1.2-2.14.i386",
"2.1ES:php-pgsql-0:4.1.2-2.14.ia64",
"2.1WS:php-0:4.1.2-2.14.i386",
"2.1WS:php-0:4.1.2-2.14.ia64",
"2.1WS:php-0:4.1.2-2.14.src",
"2.1WS:php-devel-0:4.1.2-2.14.i386",
"2.1WS:php-devel-0:4.1.2-2.14.ia64",
"2.1WS:php-imap-0:4.1.2-2.14.i386",
"2.1WS:php-imap-0:4.1.2-2.14.ia64",
"2.1WS:php-ldap-0:4.1.2-2.14.i386",
"2.1WS:php-ldap-0:4.1.2-2.14.ia64",
"2.1WS:php-manual-0:4.1.2-2.14.i386",
"2.1WS:php-manual-0:4.1.2-2.14.ia64",
"2.1WS:php-mysql-0:4.1.2-2.14.i386",
"2.1WS:php-mysql-0:4.1.2-2.14.ia64",
"2.1WS:php-odbc-0:4.1.2-2.14.i386",
"2.1WS:php-odbc-0:4.1.2-2.14.ia64",
"2.1WS:php-pgsql-0:4.1.2-2.14.i386",
"2.1WS:php-pgsql-0:4.1.2-2.14.ia64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2007:0081"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2007-0909",
"discovery_date": "2007-02-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1618283"
}
],
"notes": [
{
"category": "description",
"text": "Multiple format string vulnerabilities in PHP before 5.2.1 might allow attackers to execute arbitrary code via format string specifiers to (1) all of the *print functions on 64-bit systems, and (2) the odbc_result_all function.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"2.1AS:php-0:4.1.2-2.14.i386",
"2.1AS:php-0:4.1.2-2.14.ia64",
"2.1AS:php-0:4.1.2-2.14.src",
"2.1AS:php-devel-0:4.1.2-2.14.i386",
"2.1AS:php-devel-0:4.1.2-2.14.ia64",
"2.1AS:php-imap-0:4.1.2-2.14.i386",
"2.1AS:php-imap-0:4.1.2-2.14.ia64",
"2.1AS:php-ldap-0:4.1.2-2.14.i386",
"2.1AS:php-ldap-0:4.1.2-2.14.ia64",
"2.1AS:php-manual-0:4.1.2-2.14.i386",
"2.1AS:php-manual-0:4.1.2-2.14.ia64",
"2.1AS:php-mysql-0:4.1.2-2.14.i386",
"2.1AS:php-mysql-0:4.1.2-2.14.ia64",
"2.1AS:php-odbc-0:4.1.2-2.14.i386",
"2.1AS:php-odbc-0:4.1.2-2.14.ia64",
"2.1AS:php-pgsql-0:4.1.2-2.14.i386",
"2.1AS:php-pgsql-0:4.1.2-2.14.ia64",
"2.1AW:php-0:4.1.2-2.14.i386",
"2.1AW:php-0:4.1.2-2.14.ia64",
"2.1AW:php-0:4.1.2-2.14.src",
"2.1AW:php-devel-0:4.1.2-2.14.i386",
"2.1AW:php-devel-0:4.1.2-2.14.ia64",
"2.1AW:php-imap-0:4.1.2-2.14.i386",
"2.1AW:php-imap-0:4.1.2-2.14.ia64",
"2.1AW:php-ldap-0:4.1.2-2.14.i386",
"2.1AW:php-ldap-0:4.1.2-2.14.ia64",
"2.1AW:php-manual-0:4.1.2-2.14.i386",
"2.1AW:php-manual-0:4.1.2-2.14.ia64",
"2.1AW:php-mysql-0:4.1.2-2.14.i386",
"2.1AW:php-mysql-0:4.1.2-2.14.ia64",
"2.1AW:php-odbc-0:4.1.2-2.14.i386",
"2.1AW:php-odbc-0:4.1.2-2.14.ia64",
"2.1AW:php-pgsql-0:4.1.2-2.14.i386",
"2.1AW:php-pgsql-0:4.1.2-2.14.ia64",
"2.1ES:php-0:4.1.2-2.14.i386",
"2.1ES:php-0:4.1.2-2.14.ia64",
"2.1ES:php-0:4.1.2-2.14.src",
"2.1ES:php-devel-0:4.1.2-2.14.i386",
"2.1ES:php-devel-0:4.1.2-2.14.ia64",
"2.1ES:php-imap-0:4.1.2-2.14.i386",
"2.1ES:php-imap-0:4.1.2-2.14.ia64",
"2.1ES:php-ldap-0:4.1.2-2.14.i386",
"2.1ES:php-ldap-0:4.1.2-2.14.ia64",
"2.1ES:php-manual-0:4.1.2-2.14.i386",
"2.1ES:php-manual-0:4.1.2-2.14.ia64",
"2.1ES:php-mysql-0:4.1.2-2.14.i386",
"2.1ES:php-mysql-0:4.1.2-2.14.ia64",
"2.1ES:php-odbc-0:4.1.2-2.14.i386",
"2.1ES:php-odbc-0:4.1.2-2.14.ia64",
"2.1ES:php-pgsql-0:4.1.2-2.14.i386",
"2.1ES:php-pgsql-0:4.1.2-2.14.ia64",
"2.1WS:php-0:4.1.2-2.14.i386",
"2.1WS:php-0:4.1.2-2.14.ia64",
"2.1WS:php-0:4.1.2-2.14.src",
"2.1WS:php-devel-0:4.1.2-2.14.i386",
"2.1WS:php-devel-0:4.1.2-2.14.ia64",
"2.1WS:php-imap-0:4.1.2-2.14.i386",
"2.1WS:php-imap-0:4.1.2-2.14.ia64",
"2.1WS:php-ldap-0:4.1.2-2.14.i386",
"2.1WS:php-ldap-0:4.1.2-2.14.ia64",
"2.1WS:php-manual-0:4.1.2-2.14.i386",
"2.1WS:php-manual-0:4.1.2-2.14.ia64",
"2.1WS:php-mysql-0:4.1.2-2.14.i386",
"2.1WS:php-mysql-0:4.1.2-2.14.ia64",
"2.1WS:php-odbc-0:4.1.2-2.14.i386",
"2.1WS:php-odbc-0:4.1.2-2.14.ia64",
"2.1WS:php-pgsql-0:4.1.2-2.14.i386",
"2.1WS:php-pgsql-0:4.1.2-2.14.ia64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2007-0909"
},
{
"category": "external",
"summary": "RHBZ#1618283",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618283"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2007-0909",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0909"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2007-0909",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2007-0909"
}
],
"release_date": "2007-02-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2007-02-21T12:42:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
"product_ids": [
"2.1AS:php-0:4.1.2-2.14.i386",
"2.1AS:php-0:4.1.2-2.14.ia64",
"2.1AS:php-0:4.1.2-2.14.src",
"2.1AS:php-devel-0:4.1.2-2.14.i386",
"2.1AS:php-devel-0:4.1.2-2.14.ia64",
"2.1AS:php-imap-0:4.1.2-2.14.i386",
"2.1AS:php-imap-0:4.1.2-2.14.ia64",
"2.1AS:php-ldap-0:4.1.2-2.14.i386",
"2.1AS:php-ldap-0:4.1.2-2.14.ia64",
"2.1AS:php-manual-0:4.1.2-2.14.i386",
"2.1AS:php-manual-0:4.1.2-2.14.ia64",
"2.1AS:php-mysql-0:4.1.2-2.14.i386",
"2.1AS:php-mysql-0:4.1.2-2.14.ia64",
"2.1AS:php-odbc-0:4.1.2-2.14.i386",
"2.1AS:php-odbc-0:4.1.2-2.14.ia64",
"2.1AS:php-pgsql-0:4.1.2-2.14.i386",
"2.1AS:php-pgsql-0:4.1.2-2.14.ia64",
"2.1AW:php-0:4.1.2-2.14.i386",
"2.1AW:php-0:4.1.2-2.14.ia64",
"2.1AW:php-0:4.1.2-2.14.src",
"2.1AW:php-devel-0:4.1.2-2.14.i386",
"2.1AW:php-devel-0:4.1.2-2.14.ia64",
"2.1AW:php-imap-0:4.1.2-2.14.i386",
"2.1AW:php-imap-0:4.1.2-2.14.ia64",
"2.1AW:php-ldap-0:4.1.2-2.14.i386",
"2.1AW:php-ldap-0:4.1.2-2.14.ia64",
"2.1AW:php-manual-0:4.1.2-2.14.i386",
"2.1AW:php-manual-0:4.1.2-2.14.ia64",
"2.1AW:php-mysql-0:4.1.2-2.14.i386",
"2.1AW:php-mysql-0:4.1.2-2.14.ia64",
"2.1AW:php-odbc-0:4.1.2-2.14.i386",
"2.1AW:php-odbc-0:4.1.2-2.14.ia64",
"2.1AW:php-pgsql-0:4.1.2-2.14.i386",
"2.1AW:php-pgsql-0:4.1.2-2.14.ia64",
"2.1ES:php-0:4.1.2-2.14.i386",
"2.1ES:php-0:4.1.2-2.14.ia64",
"2.1ES:php-0:4.1.2-2.14.src",
"2.1ES:php-devel-0:4.1.2-2.14.i386",
"2.1ES:php-devel-0:4.1.2-2.14.ia64",
"2.1ES:php-imap-0:4.1.2-2.14.i386",
"2.1ES:php-imap-0:4.1.2-2.14.ia64",
"2.1ES:php-ldap-0:4.1.2-2.14.i386",
"2.1ES:php-ldap-0:4.1.2-2.14.ia64",
"2.1ES:php-manual-0:4.1.2-2.14.i386",
"2.1ES:php-manual-0:4.1.2-2.14.ia64",
"2.1ES:php-mysql-0:4.1.2-2.14.i386",
"2.1ES:php-mysql-0:4.1.2-2.14.ia64",
"2.1ES:php-odbc-0:4.1.2-2.14.i386",
"2.1ES:php-odbc-0:4.1.2-2.14.ia64",
"2.1ES:php-pgsql-0:4.1.2-2.14.i386",
"2.1ES:php-pgsql-0:4.1.2-2.14.ia64",
"2.1WS:php-0:4.1.2-2.14.i386",
"2.1WS:php-0:4.1.2-2.14.ia64",
"2.1WS:php-0:4.1.2-2.14.src",
"2.1WS:php-devel-0:4.1.2-2.14.i386",
"2.1WS:php-devel-0:4.1.2-2.14.ia64",
"2.1WS:php-imap-0:4.1.2-2.14.i386",
"2.1WS:php-imap-0:4.1.2-2.14.ia64",
"2.1WS:php-ldap-0:4.1.2-2.14.i386",
"2.1WS:php-ldap-0:4.1.2-2.14.ia64",
"2.1WS:php-manual-0:4.1.2-2.14.i386",
"2.1WS:php-manual-0:4.1.2-2.14.ia64",
"2.1WS:php-mysql-0:4.1.2-2.14.i386",
"2.1WS:php-mysql-0:4.1.2-2.14.ia64",
"2.1WS:php-odbc-0:4.1.2-2.14.i386",
"2.1WS:php-odbc-0:4.1.2-2.14.ia64",
"2.1WS:php-pgsql-0:4.1.2-2.14.i386",
"2.1WS:php-pgsql-0:4.1.2-2.14.ia64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2007:0081"
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2007-0910",
"discovery_date": "2007-02-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1618284"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in PHP before 5.2.1 allows attackers to \"clobber\" certain super-global variables via unspecified vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"2.1AS:php-0:4.1.2-2.14.i386",
"2.1AS:php-0:4.1.2-2.14.ia64",
"2.1AS:php-0:4.1.2-2.14.src",
"2.1AS:php-devel-0:4.1.2-2.14.i386",
"2.1AS:php-devel-0:4.1.2-2.14.ia64",
"2.1AS:php-imap-0:4.1.2-2.14.i386",
"2.1AS:php-imap-0:4.1.2-2.14.ia64",
"2.1AS:php-ldap-0:4.1.2-2.14.i386",
"2.1AS:php-ldap-0:4.1.2-2.14.ia64",
"2.1AS:php-manual-0:4.1.2-2.14.i386",
"2.1AS:php-manual-0:4.1.2-2.14.ia64",
"2.1AS:php-mysql-0:4.1.2-2.14.i386",
"2.1AS:php-mysql-0:4.1.2-2.14.ia64",
"2.1AS:php-odbc-0:4.1.2-2.14.i386",
"2.1AS:php-odbc-0:4.1.2-2.14.ia64",
"2.1AS:php-pgsql-0:4.1.2-2.14.i386",
"2.1AS:php-pgsql-0:4.1.2-2.14.ia64",
"2.1AW:php-0:4.1.2-2.14.i386",
"2.1AW:php-0:4.1.2-2.14.ia64",
"2.1AW:php-0:4.1.2-2.14.src",
"2.1AW:php-devel-0:4.1.2-2.14.i386",
"2.1AW:php-devel-0:4.1.2-2.14.ia64",
"2.1AW:php-imap-0:4.1.2-2.14.i386",
"2.1AW:php-imap-0:4.1.2-2.14.ia64",
"2.1AW:php-ldap-0:4.1.2-2.14.i386",
"2.1AW:php-ldap-0:4.1.2-2.14.ia64",
"2.1AW:php-manual-0:4.1.2-2.14.i386",
"2.1AW:php-manual-0:4.1.2-2.14.ia64",
"2.1AW:php-mysql-0:4.1.2-2.14.i386",
"2.1AW:php-mysql-0:4.1.2-2.14.ia64",
"2.1AW:php-odbc-0:4.1.2-2.14.i386",
"2.1AW:php-odbc-0:4.1.2-2.14.ia64",
"2.1AW:php-pgsql-0:4.1.2-2.14.i386",
"2.1AW:php-pgsql-0:4.1.2-2.14.ia64",
"2.1ES:php-0:4.1.2-2.14.i386",
"2.1ES:php-0:4.1.2-2.14.ia64",
"2.1ES:php-0:4.1.2-2.14.src",
"2.1ES:php-devel-0:4.1.2-2.14.i386",
"2.1ES:php-devel-0:4.1.2-2.14.ia64",
"2.1ES:php-imap-0:4.1.2-2.14.i386",
"2.1ES:php-imap-0:4.1.2-2.14.ia64",
"2.1ES:php-ldap-0:4.1.2-2.14.i386",
"2.1ES:php-ldap-0:4.1.2-2.14.ia64",
"2.1ES:php-manual-0:4.1.2-2.14.i386",
"2.1ES:php-manual-0:4.1.2-2.14.ia64",
"2.1ES:php-mysql-0:4.1.2-2.14.i386",
"2.1ES:php-mysql-0:4.1.2-2.14.ia64",
"2.1ES:php-odbc-0:4.1.2-2.14.i386",
"2.1ES:php-odbc-0:4.1.2-2.14.ia64",
"2.1ES:php-pgsql-0:4.1.2-2.14.i386",
"2.1ES:php-pgsql-0:4.1.2-2.14.ia64",
"2.1WS:php-0:4.1.2-2.14.i386",
"2.1WS:php-0:4.1.2-2.14.ia64",
"2.1WS:php-0:4.1.2-2.14.src",
"2.1WS:php-devel-0:4.1.2-2.14.i386",
"2.1WS:php-devel-0:4.1.2-2.14.ia64",
"2.1WS:php-imap-0:4.1.2-2.14.i386",
"2.1WS:php-imap-0:4.1.2-2.14.ia64",
"2.1WS:php-ldap-0:4.1.2-2.14.i386",
"2.1WS:php-ldap-0:4.1.2-2.14.ia64",
"2.1WS:php-manual-0:4.1.2-2.14.i386",
"2.1WS:php-manual-0:4.1.2-2.14.ia64",
"2.1WS:php-mysql-0:4.1.2-2.14.i386",
"2.1WS:php-mysql-0:4.1.2-2.14.ia64",
"2.1WS:php-odbc-0:4.1.2-2.14.i386",
"2.1WS:php-odbc-0:4.1.2-2.14.ia64",
"2.1WS:php-pgsql-0:4.1.2-2.14.i386",
"2.1WS:php-pgsql-0:4.1.2-2.14.ia64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2007-0910"
},
{
"category": "external",
"summary": "RHBZ#1618284",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618284"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2007-0910",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0910"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2007-0910",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2007-0910"
}
],
"release_date": "2007-02-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2007-02-21T12:42:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
"product_ids": [
"2.1AS:php-0:4.1.2-2.14.i386",
"2.1AS:php-0:4.1.2-2.14.ia64",
"2.1AS:php-0:4.1.2-2.14.src",
"2.1AS:php-devel-0:4.1.2-2.14.i386",
"2.1AS:php-devel-0:4.1.2-2.14.ia64",
"2.1AS:php-imap-0:4.1.2-2.14.i386",
"2.1AS:php-imap-0:4.1.2-2.14.ia64",
"2.1AS:php-ldap-0:4.1.2-2.14.i386",
"2.1AS:php-ldap-0:4.1.2-2.14.ia64",
"2.1AS:php-manual-0:4.1.2-2.14.i386",
"2.1AS:php-manual-0:4.1.2-2.14.ia64",
"2.1AS:php-mysql-0:4.1.2-2.14.i386",
"2.1AS:php-mysql-0:4.1.2-2.14.ia64",
"2.1AS:php-odbc-0:4.1.2-2.14.i386",
"2.1AS:php-odbc-0:4.1.2-2.14.ia64",
"2.1AS:php-pgsql-0:4.1.2-2.14.i386",
"2.1AS:php-pgsql-0:4.1.2-2.14.ia64",
"2.1AW:php-0:4.1.2-2.14.i386",
"2.1AW:php-0:4.1.2-2.14.ia64",
"2.1AW:php-0:4.1.2-2.14.src",
"2.1AW:php-devel-0:4.1.2-2.14.i386",
"2.1AW:php-devel-0:4.1.2-2.14.ia64",
"2.1AW:php-imap-0:4.1.2-2.14.i386",
"2.1AW:php-imap-0:4.1.2-2.14.ia64",
"2.1AW:php-ldap-0:4.1.2-2.14.i386",
"2.1AW:php-ldap-0:4.1.2-2.14.ia64",
"2.1AW:php-manual-0:4.1.2-2.14.i386",
"2.1AW:php-manual-0:4.1.2-2.14.ia64",
"2.1AW:php-mysql-0:4.1.2-2.14.i386",
"2.1AW:php-mysql-0:4.1.2-2.14.ia64",
"2.1AW:php-odbc-0:4.1.2-2.14.i386",
"2.1AW:php-odbc-0:4.1.2-2.14.ia64",
"2.1AW:php-pgsql-0:4.1.2-2.14.i386",
"2.1AW:php-pgsql-0:4.1.2-2.14.ia64",
"2.1ES:php-0:4.1.2-2.14.i386",
"2.1ES:php-0:4.1.2-2.14.ia64",
"2.1ES:php-0:4.1.2-2.14.src",
"2.1ES:php-devel-0:4.1.2-2.14.i386",
"2.1ES:php-devel-0:4.1.2-2.14.ia64",
"2.1ES:php-imap-0:4.1.2-2.14.i386",
"2.1ES:php-imap-0:4.1.2-2.14.ia64",
"2.1ES:php-ldap-0:4.1.2-2.14.i386",
"2.1ES:php-ldap-0:4.1.2-2.14.ia64",
"2.1ES:php-manual-0:4.1.2-2.14.i386",
"2.1ES:php-manual-0:4.1.2-2.14.ia64",
"2.1ES:php-mysql-0:4.1.2-2.14.i386",
"2.1ES:php-mysql-0:4.1.2-2.14.ia64",
"2.1ES:php-odbc-0:4.1.2-2.14.i386",
"2.1ES:php-odbc-0:4.1.2-2.14.ia64",
"2.1ES:php-pgsql-0:4.1.2-2.14.i386",
"2.1ES:php-pgsql-0:4.1.2-2.14.ia64",
"2.1WS:php-0:4.1.2-2.14.i386",
"2.1WS:php-0:4.1.2-2.14.ia64",
"2.1WS:php-0:4.1.2-2.14.src",
"2.1WS:php-devel-0:4.1.2-2.14.i386",
"2.1WS:php-devel-0:4.1.2-2.14.ia64",
"2.1WS:php-imap-0:4.1.2-2.14.i386",
"2.1WS:php-imap-0:4.1.2-2.14.ia64",
"2.1WS:php-ldap-0:4.1.2-2.14.i386",
"2.1WS:php-ldap-0:4.1.2-2.14.ia64",
"2.1WS:php-manual-0:4.1.2-2.14.i386",
"2.1WS:php-manual-0:4.1.2-2.14.ia64",
"2.1WS:php-mysql-0:4.1.2-2.14.i386",
"2.1WS:php-mysql-0:4.1.2-2.14.ia64",
"2.1WS:php-odbc-0:4.1.2-2.14.i386",
"2.1WS:php-odbc-0:4.1.2-2.14.ia64",
"2.1WS:php-pgsql-0:4.1.2-2.14.i386",
"2.1WS:php-pgsql-0:4.1.2-2.14.ia64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2007:0081"
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2007-0988",
"discovery_date": "2007-02-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1618285"
}
],
"notes": [
{
"category": "description",
"text": "The zend_hash_init function in PHP 5 before 5.2.1 and PHP 4 before 4.4.5, when running on a 64-bit platform, allows context-dependent attackers to cause a denial of service (infinite loop) by unserializing certain integer expressions, which only cause 32-bit arguments to be used after the check for a negative value, as demonstrated by an \"a:2147483649:{\" argument.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"2.1AS:php-0:4.1.2-2.14.i386",
"2.1AS:php-0:4.1.2-2.14.ia64",
"2.1AS:php-0:4.1.2-2.14.src",
"2.1AS:php-devel-0:4.1.2-2.14.i386",
"2.1AS:php-devel-0:4.1.2-2.14.ia64",
"2.1AS:php-imap-0:4.1.2-2.14.i386",
"2.1AS:php-imap-0:4.1.2-2.14.ia64",
"2.1AS:php-ldap-0:4.1.2-2.14.i386",
"2.1AS:php-ldap-0:4.1.2-2.14.ia64",
"2.1AS:php-manual-0:4.1.2-2.14.i386",
"2.1AS:php-manual-0:4.1.2-2.14.ia64",
"2.1AS:php-mysql-0:4.1.2-2.14.i386",
"2.1AS:php-mysql-0:4.1.2-2.14.ia64",
"2.1AS:php-odbc-0:4.1.2-2.14.i386",
"2.1AS:php-odbc-0:4.1.2-2.14.ia64",
"2.1AS:php-pgsql-0:4.1.2-2.14.i386",
"2.1AS:php-pgsql-0:4.1.2-2.14.ia64",
"2.1AW:php-0:4.1.2-2.14.i386",
"2.1AW:php-0:4.1.2-2.14.ia64",
"2.1AW:php-0:4.1.2-2.14.src",
"2.1AW:php-devel-0:4.1.2-2.14.i386",
"2.1AW:php-devel-0:4.1.2-2.14.ia64",
"2.1AW:php-imap-0:4.1.2-2.14.i386",
"2.1AW:php-imap-0:4.1.2-2.14.ia64",
"2.1AW:php-ldap-0:4.1.2-2.14.i386",
"2.1AW:php-ldap-0:4.1.2-2.14.ia64",
"2.1AW:php-manual-0:4.1.2-2.14.i386",
"2.1AW:php-manual-0:4.1.2-2.14.ia64",
"2.1AW:php-mysql-0:4.1.2-2.14.i386",
"2.1AW:php-mysql-0:4.1.2-2.14.ia64",
"2.1AW:php-odbc-0:4.1.2-2.14.i386",
"2.1AW:php-odbc-0:4.1.2-2.14.ia64",
"2.1AW:php-pgsql-0:4.1.2-2.14.i386",
"2.1AW:php-pgsql-0:4.1.2-2.14.ia64",
"2.1ES:php-0:4.1.2-2.14.i386",
"2.1ES:php-0:4.1.2-2.14.ia64",
"2.1ES:php-0:4.1.2-2.14.src",
"2.1ES:php-devel-0:4.1.2-2.14.i386",
"2.1ES:php-devel-0:4.1.2-2.14.ia64",
"2.1ES:php-imap-0:4.1.2-2.14.i386",
"2.1ES:php-imap-0:4.1.2-2.14.ia64",
"2.1ES:php-ldap-0:4.1.2-2.14.i386",
"2.1ES:php-ldap-0:4.1.2-2.14.ia64",
"2.1ES:php-manual-0:4.1.2-2.14.i386",
"2.1ES:php-manual-0:4.1.2-2.14.ia64",
"2.1ES:php-mysql-0:4.1.2-2.14.i386",
"2.1ES:php-mysql-0:4.1.2-2.14.ia64",
"2.1ES:php-odbc-0:4.1.2-2.14.i386",
"2.1ES:php-odbc-0:4.1.2-2.14.ia64",
"2.1ES:php-pgsql-0:4.1.2-2.14.i386",
"2.1ES:php-pgsql-0:4.1.2-2.14.ia64",
"2.1WS:php-0:4.1.2-2.14.i386",
"2.1WS:php-0:4.1.2-2.14.ia64",
"2.1WS:php-0:4.1.2-2.14.src",
"2.1WS:php-devel-0:4.1.2-2.14.i386",
"2.1WS:php-devel-0:4.1.2-2.14.ia64",
"2.1WS:php-imap-0:4.1.2-2.14.i386",
"2.1WS:php-imap-0:4.1.2-2.14.ia64",
"2.1WS:php-ldap-0:4.1.2-2.14.i386",
"2.1WS:php-ldap-0:4.1.2-2.14.ia64",
"2.1WS:php-manual-0:4.1.2-2.14.i386",
"2.1WS:php-manual-0:4.1.2-2.14.ia64",
"2.1WS:php-mysql-0:4.1.2-2.14.i386",
"2.1WS:php-mysql-0:4.1.2-2.14.ia64",
"2.1WS:php-odbc-0:4.1.2-2.14.i386",
"2.1WS:php-odbc-0:4.1.2-2.14.ia64",
"2.1WS:php-pgsql-0:4.1.2-2.14.i386",
"2.1WS:php-pgsql-0:4.1.2-2.14.ia64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2007-0988"
},
{
"category": "external",
"summary": "RHBZ#1618285",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618285"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2007-0988",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0988"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2007-0988",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2007-0988"
}
],
"release_date": "2007-02-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2007-02-21T12:42:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
"product_ids": [
"2.1AS:php-0:4.1.2-2.14.i386",
"2.1AS:php-0:4.1.2-2.14.ia64",
"2.1AS:php-0:4.1.2-2.14.src",
"2.1AS:php-devel-0:4.1.2-2.14.i386",
"2.1AS:php-devel-0:4.1.2-2.14.ia64",
"2.1AS:php-imap-0:4.1.2-2.14.i386",
"2.1AS:php-imap-0:4.1.2-2.14.ia64",
"2.1AS:php-ldap-0:4.1.2-2.14.i386",
"2.1AS:php-ldap-0:4.1.2-2.14.ia64",
"2.1AS:php-manual-0:4.1.2-2.14.i386",
"2.1AS:php-manual-0:4.1.2-2.14.ia64",
"2.1AS:php-mysql-0:4.1.2-2.14.i386",
"2.1AS:php-mysql-0:4.1.2-2.14.ia64",
"2.1AS:php-odbc-0:4.1.2-2.14.i386",
"2.1AS:php-odbc-0:4.1.2-2.14.ia64",
"2.1AS:php-pgsql-0:4.1.2-2.14.i386",
"2.1AS:php-pgsql-0:4.1.2-2.14.ia64",
"2.1AW:php-0:4.1.2-2.14.i386",
"2.1AW:php-0:4.1.2-2.14.ia64",
"2.1AW:php-0:4.1.2-2.14.src",
"2.1AW:php-devel-0:4.1.2-2.14.i386",
"2.1AW:php-devel-0:4.1.2-2.14.ia64",
"2.1AW:php-imap-0:4.1.2-2.14.i386",
"2.1AW:php-imap-0:4.1.2-2.14.ia64",
"2.1AW:php-ldap-0:4.1.2-2.14.i386",
"2.1AW:php-ldap-0:4.1.2-2.14.ia64",
"2.1AW:php-manual-0:4.1.2-2.14.i386",
"2.1AW:php-manual-0:4.1.2-2.14.ia64",
"2.1AW:php-mysql-0:4.1.2-2.14.i386",
"2.1AW:php-mysql-0:4.1.2-2.14.ia64",
"2.1AW:php-odbc-0:4.1.2-2.14.i386",
"2.1AW:php-odbc-0:4.1.2-2.14.ia64",
"2.1AW:php-pgsql-0:4.1.2-2.14.i386",
"2.1AW:php-pgsql-0:4.1.2-2.14.ia64",
"2.1ES:php-0:4.1.2-2.14.i386",
"2.1ES:php-0:4.1.2-2.14.ia64",
"2.1ES:php-0:4.1.2-2.14.src",
"2.1ES:php-devel-0:4.1.2-2.14.i386",
"2.1ES:php-devel-0:4.1.2-2.14.ia64",
"2.1ES:php-imap-0:4.1.2-2.14.i386",
"2.1ES:php-imap-0:4.1.2-2.14.ia64",
"2.1ES:php-ldap-0:4.1.2-2.14.i386",
"2.1ES:php-ldap-0:4.1.2-2.14.ia64",
"2.1ES:php-manual-0:4.1.2-2.14.i386",
"2.1ES:php-manual-0:4.1.2-2.14.ia64",
"2.1ES:php-mysql-0:4.1.2-2.14.i386",
"2.1ES:php-mysql-0:4.1.2-2.14.ia64",
"2.1ES:php-odbc-0:4.1.2-2.14.i386",
"2.1ES:php-odbc-0:4.1.2-2.14.ia64",
"2.1ES:php-pgsql-0:4.1.2-2.14.i386",
"2.1ES:php-pgsql-0:4.1.2-2.14.ia64",
"2.1WS:php-0:4.1.2-2.14.i386",
"2.1WS:php-0:4.1.2-2.14.ia64",
"2.1WS:php-0:4.1.2-2.14.src",
"2.1WS:php-devel-0:4.1.2-2.14.i386",
"2.1WS:php-devel-0:4.1.2-2.14.ia64",
"2.1WS:php-imap-0:4.1.2-2.14.i386",
"2.1WS:php-imap-0:4.1.2-2.14.ia64",
"2.1WS:php-ldap-0:4.1.2-2.14.i386",
"2.1WS:php-ldap-0:4.1.2-2.14.ia64",
"2.1WS:php-manual-0:4.1.2-2.14.i386",
"2.1WS:php-manual-0:4.1.2-2.14.ia64",
"2.1WS:php-mysql-0:4.1.2-2.14.i386",
"2.1WS:php-mysql-0:4.1.2-2.14.ia64",
"2.1WS:php-odbc-0:4.1.2-2.14.i386",
"2.1WS:php-odbc-0:4.1.2-2.14.ia64",
"2.1WS:php-pgsql-0:4.1.2-2.14.i386",
"2.1WS:php-pgsql-0:4.1.2-2.14.ia64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2007:0081"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2007-1380",
"discovery_date": "2007-02-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "240157"
}
],
"notes": [
{
"category": "description",
"text": "The php_binary serialization handler in the session extension in PHP before 4.4.5, and 5.x before 5.2.1, allows context-dependent attackers to obtain sensitive information (memory contents) via a serialized variable entry with a large length value, which triggers a buffer over-read.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "php session extension information leak",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Our previous fixes for CVE-2007-0906 included a patch that also addressed the issue now given CVE name CVE-2007-1380.",
"title": "Statement"
}
],
"product_status": {
"fixed": [
"2.1AS:php-0:4.1.2-2.14.i386",
"2.1AS:php-0:4.1.2-2.14.ia64",
"2.1AS:php-0:4.1.2-2.14.src",
"2.1AS:php-devel-0:4.1.2-2.14.i386",
"2.1AS:php-devel-0:4.1.2-2.14.ia64",
"2.1AS:php-imap-0:4.1.2-2.14.i386",
"2.1AS:php-imap-0:4.1.2-2.14.ia64",
"2.1AS:php-ldap-0:4.1.2-2.14.i386",
"2.1AS:php-ldap-0:4.1.2-2.14.ia64",
"2.1AS:php-manual-0:4.1.2-2.14.i386",
"2.1AS:php-manual-0:4.1.2-2.14.ia64",
"2.1AS:php-mysql-0:4.1.2-2.14.i386",
"2.1AS:php-mysql-0:4.1.2-2.14.ia64",
"2.1AS:php-odbc-0:4.1.2-2.14.i386",
"2.1AS:php-odbc-0:4.1.2-2.14.ia64",
"2.1AS:php-pgsql-0:4.1.2-2.14.i386",
"2.1AS:php-pgsql-0:4.1.2-2.14.ia64",
"2.1AW:php-0:4.1.2-2.14.i386",
"2.1AW:php-0:4.1.2-2.14.ia64",
"2.1AW:php-0:4.1.2-2.14.src",
"2.1AW:php-devel-0:4.1.2-2.14.i386",
"2.1AW:php-devel-0:4.1.2-2.14.ia64",
"2.1AW:php-imap-0:4.1.2-2.14.i386",
"2.1AW:php-imap-0:4.1.2-2.14.ia64",
"2.1AW:php-ldap-0:4.1.2-2.14.i386",
"2.1AW:php-ldap-0:4.1.2-2.14.ia64",
"2.1AW:php-manual-0:4.1.2-2.14.i386",
"2.1AW:php-manual-0:4.1.2-2.14.ia64",
"2.1AW:php-mysql-0:4.1.2-2.14.i386",
"2.1AW:php-mysql-0:4.1.2-2.14.ia64",
"2.1AW:php-odbc-0:4.1.2-2.14.i386",
"2.1AW:php-odbc-0:4.1.2-2.14.ia64",
"2.1AW:php-pgsql-0:4.1.2-2.14.i386",
"2.1AW:php-pgsql-0:4.1.2-2.14.ia64",
"2.1ES:php-0:4.1.2-2.14.i386",
"2.1ES:php-0:4.1.2-2.14.ia64",
"2.1ES:php-0:4.1.2-2.14.src",
"2.1ES:php-devel-0:4.1.2-2.14.i386",
"2.1ES:php-devel-0:4.1.2-2.14.ia64",
"2.1ES:php-imap-0:4.1.2-2.14.i386",
"2.1ES:php-imap-0:4.1.2-2.14.ia64",
"2.1ES:php-ldap-0:4.1.2-2.14.i386",
"2.1ES:php-ldap-0:4.1.2-2.14.ia64",
"2.1ES:php-manual-0:4.1.2-2.14.i386",
"2.1ES:php-manual-0:4.1.2-2.14.ia64",
"2.1ES:php-mysql-0:4.1.2-2.14.i386",
"2.1ES:php-mysql-0:4.1.2-2.14.ia64",
"2.1ES:php-odbc-0:4.1.2-2.14.i386",
"2.1ES:php-odbc-0:4.1.2-2.14.ia64",
"2.1ES:php-pgsql-0:4.1.2-2.14.i386",
"2.1ES:php-pgsql-0:4.1.2-2.14.ia64",
"2.1WS:php-0:4.1.2-2.14.i386",
"2.1WS:php-0:4.1.2-2.14.ia64",
"2.1WS:php-0:4.1.2-2.14.src",
"2.1WS:php-devel-0:4.1.2-2.14.i386",
"2.1WS:php-devel-0:4.1.2-2.14.ia64",
"2.1WS:php-imap-0:4.1.2-2.14.i386",
"2.1WS:php-imap-0:4.1.2-2.14.ia64",
"2.1WS:php-ldap-0:4.1.2-2.14.i386",
"2.1WS:php-ldap-0:4.1.2-2.14.ia64",
"2.1WS:php-manual-0:4.1.2-2.14.i386",
"2.1WS:php-manual-0:4.1.2-2.14.ia64",
"2.1WS:php-mysql-0:4.1.2-2.14.i386",
"2.1WS:php-mysql-0:4.1.2-2.14.ia64",
"2.1WS:php-odbc-0:4.1.2-2.14.i386",
"2.1WS:php-odbc-0:4.1.2-2.14.ia64",
"2.1WS:php-pgsql-0:4.1.2-2.14.i386",
"2.1WS:php-pgsql-0:4.1.2-2.14.ia64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2007-1380"
},
{
"category": "external",
"summary": "RHBZ#240157",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=240157"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2007-1380",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-1380"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2007-1380",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2007-1380"
}
],
"release_date": "2007-02-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2007-02-21T12:42:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
"product_ids": [
"2.1AS:php-0:4.1.2-2.14.i386",
"2.1AS:php-0:4.1.2-2.14.ia64",
"2.1AS:php-0:4.1.2-2.14.src",
"2.1AS:php-devel-0:4.1.2-2.14.i386",
"2.1AS:php-devel-0:4.1.2-2.14.ia64",
"2.1AS:php-imap-0:4.1.2-2.14.i386",
"2.1AS:php-imap-0:4.1.2-2.14.ia64",
"2.1AS:php-ldap-0:4.1.2-2.14.i386",
"2.1AS:php-ldap-0:4.1.2-2.14.ia64",
"2.1AS:php-manual-0:4.1.2-2.14.i386",
"2.1AS:php-manual-0:4.1.2-2.14.ia64",
"2.1AS:php-mysql-0:4.1.2-2.14.i386",
"2.1AS:php-mysql-0:4.1.2-2.14.ia64",
"2.1AS:php-odbc-0:4.1.2-2.14.i386",
"2.1AS:php-odbc-0:4.1.2-2.14.ia64",
"2.1AS:php-pgsql-0:4.1.2-2.14.i386",
"2.1AS:php-pgsql-0:4.1.2-2.14.ia64",
"2.1AW:php-0:4.1.2-2.14.i386",
"2.1AW:php-0:4.1.2-2.14.ia64",
"2.1AW:php-0:4.1.2-2.14.src",
"2.1AW:php-devel-0:4.1.2-2.14.i386",
"2.1AW:php-devel-0:4.1.2-2.14.ia64",
"2.1AW:php-imap-0:4.1.2-2.14.i386",
"2.1AW:php-imap-0:4.1.2-2.14.ia64",
"2.1AW:php-ldap-0:4.1.2-2.14.i386",
"2.1AW:php-ldap-0:4.1.2-2.14.ia64",
"2.1AW:php-manual-0:4.1.2-2.14.i386",
"2.1AW:php-manual-0:4.1.2-2.14.ia64",
"2.1AW:php-mysql-0:4.1.2-2.14.i386",
"2.1AW:php-mysql-0:4.1.2-2.14.ia64",
"2.1AW:php-odbc-0:4.1.2-2.14.i386",
"2.1AW:php-odbc-0:4.1.2-2.14.ia64",
"2.1AW:php-pgsql-0:4.1.2-2.14.i386",
"2.1AW:php-pgsql-0:4.1.2-2.14.ia64",
"2.1ES:php-0:4.1.2-2.14.i386",
"2.1ES:php-0:4.1.2-2.14.ia64",
"2.1ES:php-0:4.1.2-2.14.src",
"2.1ES:php-devel-0:4.1.2-2.14.i386",
"2.1ES:php-devel-0:4.1.2-2.14.ia64",
"2.1ES:php-imap-0:4.1.2-2.14.i386",
"2.1ES:php-imap-0:4.1.2-2.14.ia64",
"2.1ES:php-ldap-0:4.1.2-2.14.i386",
"2.1ES:php-ldap-0:4.1.2-2.14.ia64",
"2.1ES:php-manual-0:4.1.2-2.14.i386",
"2.1ES:php-manual-0:4.1.2-2.14.ia64",
"2.1ES:php-mysql-0:4.1.2-2.14.i386",
"2.1ES:php-mysql-0:4.1.2-2.14.ia64",
"2.1ES:php-odbc-0:4.1.2-2.14.i386",
"2.1ES:php-odbc-0:4.1.2-2.14.ia64",
"2.1ES:php-pgsql-0:4.1.2-2.14.i386",
"2.1ES:php-pgsql-0:4.1.2-2.14.ia64",
"2.1WS:php-0:4.1.2-2.14.i386",
"2.1WS:php-0:4.1.2-2.14.ia64",
"2.1WS:php-0:4.1.2-2.14.src",
"2.1WS:php-devel-0:4.1.2-2.14.i386",
"2.1WS:php-devel-0:4.1.2-2.14.ia64",
"2.1WS:php-imap-0:4.1.2-2.14.i386",
"2.1WS:php-imap-0:4.1.2-2.14.ia64",
"2.1WS:php-ldap-0:4.1.2-2.14.i386",
"2.1WS:php-ldap-0:4.1.2-2.14.ia64",
"2.1WS:php-manual-0:4.1.2-2.14.i386",
"2.1WS:php-manual-0:4.1.2-2.14.ia64",
"2.1WS:php-mysql-0:4.1.2-2.14.i386",
"2.1WS:php-mysql-0:4.1.2-2.14.ia64",
"2.1WS:php-odbc-0:4.1.2-2.14.i386",
"2.1WS:php-odbc-0:4.1.2-2.14.ia64",
"2.1WS:php-pgsql-0:4.1.2-2.14.i386",
"2.1WS:php-pgsql-0:4.1.2-2.14.ia64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2007:0081"
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "php session extension information leak"
},
{
"cve": "CVE-2007-1701",
"discovery_date": "2007-02-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "240431"
}
],
"notes": [
{
"category": "description",
"text": "PHP 4 before 4.4.5, and PHP 5 before 5.2.1, when register_globals is enabled, allows context-dependent attackers to execute arbitrary code via deserialization of session data, which overwrites arbitrary global variables, as demonstrated by calling session_decode on a string beginning with \"_SESSION|s:39:\".",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "php session extension global variable clobber",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE name is a duplicate as the vulnerability is addressed by CVE-2007-0910.",
"title": "Statement"
}
],
"product_status": {
"fixed": [
"2.1AS:php-0:4.1.2-2.14.i386",
"2.1AS:php-0:4.1.2-2.14.ia64",
"2.1AS:php-0:4.1.2-2.14.src",
"2.1AS:php-devel-0:4.1.2-2.14.i386",
"2.1AS:php-devel-0:4.1.2-2.14.ia64",
"2.1AS:php-imap-0:4.1.2-2.14.i386",
"2.1AS:php-imap-0:4.1.2-2.14.ia64",
"2.1AS:php-ldap-0:4.1.2-2.14.i386",
"2.1AS:php-ldap-0:4.1.2-2.14.ia64",
"2.1AS:php-manual-0:4.1.2-2.14.i386",
"2.1AS:php-manual-0:4.1.2-2.14.ia64",
"2.1AS:php-mysql-0:4.1.2-2.14.i386",
"2.1AS:php-mysql-0:4.1.2-2.14.ia64",
"2.1AS:php-odbc-0:4.1.2-2.14.i386",
"2.1AS:php-odbc-0:4.1.2-2.14.ia64",
"2.1AS:php-pgsql-0:4.1.2-2.14.i386",
"2.1AS:php-pgsql-0:4.1.2-2.14.ia64",
"2.1AW:php-0:4.1.2-2.14.i386",
"2.1AW:php-0:4.1.2-2.14.ia64",
"2.1AW:php-0:4.1.2-2.14.src",
"2.1AW:php-devel-0:4.1.2-2.14.i386",
"2.1AW:php-devel-0:4.1.2-2.14.ia64",
"2.1AW:php-imap-0:4.1.2-2.14.i386",
"2.1AW:php-imap-0:4.1.2-2.14.ia64",
"2.1AW:php-ldap-0:4.1.2-2.14.i386",
"2.1AW:php-ldap-0:4.1.2-2.14.ia64",
"2.1AW:php-manual-0:4.1.2-2.14.i386",
"2.1AW:php-manual-0:4.1.2-2.14.ia64",
"2.1AW:php-mysql-0:4.1.2-2.14.i386",
"2.1AW:php-mysql-0:4.1.2-2.14.ia64",
"2.1AW:php-odbc-0:4.1.2-2.14.i386",
"2.1AW:php-odbc-0:4.1.2-2.14.ia64",
"2.1AW:php-pgsql-0:4.1.2-2.14.i386",
"2.1AW:php-pgsql-0:4.1.2-2.14.ia64",
"2.1ES:php-0:4.1.2-2.14.i386",
"2.1ES:php-0:4.1.2-2.14.ia64",
"2.1ES:php-0:4.1.2-2.14.src",
"2.1ES:php-devel-0:4.1.2-2.14.i386",
"2.1ES:php-devel-0:4.1.2-2.14.ia64",
"2.1ES:php-imap-0:4.1.2-2.14.i386",
"2.1ES:php-imap-0:4.1.2-2.14.ia64",
"2.1ES:php-ldap-0:4.1.2-2.14.i386",
"2.1ES:php-ldap-0:4.1.2-2.14.ia64",
"2.1ES:php-manual-0:4.1.2-2.14.i386",
"2.1ES:php-manual-0:4.1.2-2.14.ia64",
"2.1ES:php-mysql-0:4.1.2-2.14.i386",
"2.1ES:php-mysql-0:4.1.2-2.14.ia64",
"2.1ES:php-odbc-0:4.1.2-2.14.i386",
"2.1ES:php-odbc-0:4.1.2-2.14.ia64",
"2.1ES:php-pgsql-0:4.1.2-2.14.i386",
"2.1ES:php-pgsql-0:4.1.2-2.14.ia64",
"2.1WS:php-0:4.1.2-2.14.i386",
"2.1WS:php-0:4.1.2-2.14.ia64",
"2.1WS:php-0:4.1.2-2.14.src",
"2.1WS:php-devel-0:4.1.2-2.14.i386",
"2.1WS:php-devel-0:4.1.2-2.14.ia64",
"2.1WS:php-imap-0:4.1.2-2.14.i386",
"2.1WS:php-imap-0:4.1.2-2.14.ia64",
"2.1WS:php-ldap-0:4.1.2-2.14.i386",
"2.1WS:php-ldap-0:4.1.2-2.14.ia64",
"2.1WS:php-manual-0:4.1.2-2.14.i386",
"2.1WS:php-manual-0:4.1.2-2.14.ia64",
"2.1WS:php-mysql-0:4.1.2-2.14.i386",
"2.1WS:php-mysql-0:4.1.2-2.14.ia64",
"2.1WS:php-odbc-0:4.1.2-2.14.i386",
"2.1WS:php-odbc-0:4.1.2-2.14.ia64",
"2.1WS:php-pgsql-0:4.1.2-2.14.i386",
"2.1WS:php-pgsql-0:4.1.2-2.14.ia64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2007-1701"
},
{
"category": "external",
"summary": "RHBZ#240431",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=240431"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2007-1701",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-1701"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2007-1701",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2007-1701"
}
],
"release_date": "2007-02-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2007-02-21T12:42:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
"product_ids": [
"2.1AS:php-0:4.1.2-2.14.i386",
"2.1AS:php-0:4.1.2-2.14.ia64",
"2.1AS:php-0:4.1.2-2.14.src",
"2.1AS:php-devel-0:4.1.2-2.14.i386",
"2.1AS:php-devel-0:4.1.2-2.14.ia64",
"2.1AS:php-imap-0:4.1.2-2.14.i386",
"2.1AS:php-imap-0:4.1.2-2.14.ia64",
"2.1AS:php-ldap-0:4.1.2-2.14.i386",
"2.1AS:php-ldap-0:4.1.2-2.14.ia64",
"2.1AS:php-manual-0:4.1.2-2.14.i386",
"2.1AS:php-manual-0:4.1.2-2.14.ia64",
"2.1AS:php-mysql-0:4.1.2-2.14.i386",
"2.1AS:php-mysql-0:4.1.2-2.14.ia64",
"2.1AS:php-odbc-0:4.1.2-2.14.i386",
"2.1AS:php-odbc-0:4.1.2-2.14.ia64",
"2.1AS:php-pgsql-0:4.1.2-2.14.i386",
"2.1AS:php-pgsql-0:4.1.2-2.14.ia64",
"2.1AW:php-0:4.1.2-2.14.i386",
"2.1AW:php-0:4.1.2-2.14.ia64",
"2.1AW:php-0:4.1.2-2.14.src",
"2.1AW:php-devel-0:4.1.2-2.14.i386",
"2.1AW:php-devel-0:4.1.2-2.14.ia64",
"2.1AW:php-imap-0:4.1.2-2.14.i386",
"2.1AW:php-imap-0:4.1.2-2.14.ia64",
"2.1AW:php-ldap-0:4.1.2-2.14.i386",
"2.1AW:php-ldap-0:4.1.2-2.14.ia64",
"2.1AW:php-manual-0:4.1.2-2.14.i386",
"2.1AW:php-manual-0:4.1.2-2.14.ia64",
"2.1AW:php-mysql-0:4.1.2-2.14.i386",
"2.1AW:php-mysql-0:4.1.2-2.14.ia64",
"2.1AW:php-odbc-0:4.1.2-2.14.i386",
"2.1AW:php-odbc-0:4.1.2-2.14.ia64",
"2.1AW:php-pgsql-0:4.1.2-2.14.i386",
"2.1AW:php-pgsql-0:4.1.2-2.14.ia64",
"2.1ES:php-0:4.1.2-2.14.i386",
"2.1ES:php-0:4.1.2-2.14.ia64",
"2.1ES:php-0:4.1.2-2.14.src",
"2.1ES:php-devel-0:4.1.2-2.14.i386",
"2.1ES:php-devel-0:4.1.2-2.14.ia64",
"2.1ES:php-imap-0:4.1.2-2.14.i386",
"2.1ES:php-imap-0:4.1.2-2.14.ia64",
"2.1ES:php-ldap-0:4.1.2-2.14.i386",
"2.1ES:php-ldap-0:4.1.2-2.14.ia64",
"2.1ES:php-manual-0:4.1.2-2.14.i386",
"2.1ES:php-manual-0:4.1.2-2.14.ia64",
"2.1ES:php-mysql-0:4.1.2-2.14.i386",
"2.1ES:php-mysql-0:4.1.2-2.14.ia64",
"2.1ES:php-odbc-0:4.1.2-2.14.i386",
"2.1ES:php-odbc-0:4.1.2-2.14.ia64",
"2.1ES:php-pgsql-0:4.1.2-2.14.i386",
"2.1ES:php-pgsql-0:4.1.2-2.14.ia64",
"2.1WS:php-0:4.1.2-2.14.i386",
"2.1WS:php-0:4.1.2-2.14.ia64",
"2.1WS:php-0:4.1.2-2.14.src",
"2.1WS:php-devel-0:4.1.2-2.14.i386",
"2.1WS:php-devel-0:4.1.2-2.14.ia64",
"2.1WS:php-imap-0:4.1.2-2.14.i386",
"2.1WS:php-imap-0:4.1.2-2.14.ia64",
"2.1WS:php-ldap-0:4.1.2-2.14.i386",
"2.1WS:php-ldap-0:4.1.2-2.14.ia64",
"2.1WS:php-manual-0:4.1.2-2.14.i386",
"2.1WS:php-manual-0:4.1.2-2.14.ia64",
"2.1WS:php-mysql-0:4.1.2-2.14.i386",
"2.1WS:php-mysql-0:4.1.2-2.14.ia64",
"2.1WS:php-odbc-0:4.1.2-2.14.i386",
"2.1WS:php-odbc-0:4.1.2-2.14.ia64",
"2.1WS:php-pgsql-0:4.1.2-2.14.i386",
"2.1WS:php-pgsql-0:4.1.2-2.14.ia64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2007:0081"
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "php session extension global variable clobber"
},
{
"cve": "CVE-2007-1825",
"discovery_date": "2007-02-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "240426"
}
],
"notes": [
{
"category": "description",
"text": "Buffer overflow in the imap_mail_compose function in PHP 5 before 5.2.1, and PHP 4 before 4.4.5, allows remote attackers to execute arbitrary code via a long boundary string in a type.parameters field. NOTE: as of 20070411, it appears that this issue might be subsumed by CVE-2007-0906.3.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "php imap_mail_compose() buffer overflow via type.parameters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE name is a duplicate as the vulnerability is addressed by CVE-2007-0906.",
"title": "Statement"
}
],
"product_status": {
"fixed": [
"2.1AS:php-0:4.1.2-2.14.i386",
"2.1AS:php-0:4.1.2-2.14.ia64",
"2.1AS:php-0:4.1.2-2.14.src",
"2.1AS:php-devel-0:4.1.2-2.14.i386",
"2.1AS:php-devel-0:4.1.2-2.14.ia64",
"2.1AS:php-imap-0:4.1.2-2.14.i386",
"2.1AS:php-imap-0:4.1.2-2.14.ia64",
"2.1AS:php-ldap-0:4.1.2-2.14.i386",
"2.1AS:php-ldap-0:4.1.2-2.14.ia64",
"2.1AS:php-manual-0:4.1.2-2.14.i386",
"2.1AS:php-manual-0:4.1.2-2.14.ia64",
"2.1AS:php-mysql-0:4.1.2-2.14.i386",
"2.1AS:php-mysql-0:4.1.2-2.14.ia64",
"2.1AS:php-odbc-0:4.1.2-2.14.i386",
"2.1AS:php-odbc-0:4.1.2-2.14.ia64",
"2.1AS:php-pgsql-0:4.1.2-2.14.i386",
"2.1AS:php-pgsql-0:4.1.2-2.14.ia64",
"2.1AW:php-0:4.1.2-2.14.i386",
"2.1AW:php-0:4.1.2-2.14.ia64",
"2.1AW:php-0:4.1.2-2.14.src",
"2.1AW:php-devel-0:4.1.2-2.14.i386",
"2.1AW:php-devel-0:4.1.2-2.14.ia64",
"2.1AW:php-imap-0:4.1.2-2.14.i386",
"2.1AW:php-imap-0:4.1.2-2.14.ia64",
"2.1AW:php-ldap-0:4.1.2-2.14.i386",
"2.1AW:php-ldap-0:4.1.2-2.14.ia64",
"2.1AW:php-manual-0:4.1.2-2.14.i386",
"2.1AW:php-manual-0:4.1.2-2.14.ia64",
"2.1AW:php-mysql-0:4.1.2-2.14.i386",
"2.1AW:php-mysql-0:4.1.2-2.14.ia64",
"2.1AW:php-odbc-0:4.1.2-2.14.i386",
"2.1AW:php-odbc-0:4.1.2-2.14.ia64",
"2.1AW:php-pgsql-0:4.1.2-2.14.i386",
"2.1AW:php-pgsql-0:4.1.2-2.14.ia64",
"2.1ES:php-0:4.1.2-2.14.i386",
"2.1ES:php-0:4.1.2-2.14.ia64",
"2.1ES:php-0:4.1.2-2.14.src",
"2.1ES:php-devel-0:4.1.2-2.14.i386",
"2.1ES:php-devel-0:4.1.2-2.14.ia64",
"2.1ES:php-imap-0:4.1.2-2.14.i386",
"2.1ES:php-imap-0:4.1.2-2.14.ia64",
"2.1ES:php-ldap-0:4.1.2-2.14.i386",
"2.1ES:php-ldap-0:4.1.2-2.14.ia64",
"2.1ES:php-manual-0:4.1.2-2.14.i386",
"2.1ES:php-manual-0:4.1.2-2.14.ia64",
"2.1ES:php-mysql-0:4.1.2-2.14.i386",
"2.1ES:php-mysql-0:4.1.2-2.14.ia64",
"2.1ES:php-odbc-0:4.1.2-2.14.i386",
"2.1ES:php-odbc-0:4.1.2-2.14.ia64",
"2.1ES:php-pgsql-0:4.1.2-2.14.i386",
"2.1ES:php-pgsql-0:4.1.2-2.14.ia64",
"2.1WS:php-0:4.1.2-2.14.i386",
"2.1WS:php-0:4.1.2-2.14.ia64",
"2.1WS:php-0:4.1.2-2.14.src",
"2.1WS:php-devel-0:4.1.2-2.14.i386",
"2.1WS:php-devel-0:4.1.2-2.14.ia64",
"2.1WS:php-imap-0:4.1.2-2.14.i386",
"2.1WS:php-imap-0:4.1.2-2.14.ia64",
"2.1WS:php-ldap-0:4.1.2-2.14.i386",
"2.1WS:php-ldap-0:4.1.2-2.14.ia64",
"2.1WS:php-manual-0:4.1.2-2.14.i386",
"2.1WS:php-manual-0:4.1.2-2.14.ia64",
"2.1WS:php-mysql-0:4.1.2-2.14.i386",
"2.1WS:php-mysql-0:4.1.2-2.14.ia64",
"2.1WS:php-odbc-0:4.1.2-2.14.i386",
"2.1WS:php-odbc-0:4.1.2-2.14.ia64",
"2.1WS:php-pgsql-0:4.1.2-2.14.i386",
"2.1WS:php-pgsql-0:4.1.2-2.14.ia64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2007-1825"
},
{
"category": "external",
"summary": "RHBZ#240426",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=240426"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2007-1825",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-1825"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2007-1825",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2007-1825"
}
],
"release_date": "2007-02-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2007-02-21T12:42:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
"product_ids": [
"2.1AS:php-0:4.1.2-2.14.i386",
"2.1AS:php-0:4.1.2-2.14.ia64",
"2.1AS:php-0:4.1.2-2.14.src",
"2.1AS:php-devel-0:4.1.2-2.14.i386",
"2.1AS:php-devel-0:4.1.2-2.14.ia64",
"2.1AS:php-imap-0:4.1.2-2.14.i386",
"2.1AS:php-imap-0:4.1.2-2.14.ia64",
"2.1AS:php-ldap-0:4.1.2-2.14.i386",
"2.1AS:php-ldap-0:4.1.2-2.14.ia64",
"2.1AS:php-manual-0:4.1.2-2.14.i386",
"2.1AS:php-manual-0:4.1.2-2.14.ia64",
"2.1AS:php-mysql-0:4.1.2-2.14.i386",
"2.1AS:php-mysql-0:4.1.2-2.14.ia64",
"2.1AS:php-odbc-0:4.1.2-2.14.i386",
"2.1AS:php-odbc-0:4.1.2-2.14.ia64",
"2.1AS:php-pgsql-0:4.1.2-2.14.i386",
"2.1AS:php-pgsql-0:4.1.2-2.14.ia64",
"2.1AW:php-0:4.1.2-2.14.i386",
"2.1AW:php-0:4.1.2-2.14.ia64",
"2.1AW:php-0:4.1.2-2.14.src",
"2.1AW:php-devel-0:4.1.2-2.14.i386",
"2.1AW:php-devel-0:4.1.2-2.14.ia64",
"2.1AW:php-imap-0:4.1.2-2.14.i386",
"2.1AW:php-imap-0:4.1.2-2.14.ia64",
"2.1AW:php-ldap-0:4.1.2-2.14.i386",
"2.1AW:php-ldap-0:4.1.2-2.14.ia64",
"2.1AW:php-manual-0:4.1.2-2.14.i386",
"2.1AW:php-manual-0:4.1.2-2.14.ia64",
"2.1AW:php-mysql-0:4.1.2-2.14.i386",
"2.1AW:php-mysql-0:4.1.2-2.14.ia64",
"2.1AW:php-odbc-0:4.1.2-2.14.i386",
"2.1AW:php-odbc-0:4.1.2-2.14.ia64",
"2.1AW:php-pgsql-0:4.1.2-2.14.i386",
"2.1AW:php-pgsql-0:4.1.2-2.14.ia64",
"2.1ES:php-0:4.1.2-2.14.i386",
"2.1ES:php-0:4.1.2-2.14.ia64",
"2.1ES:php-0:4.1.2-2.14.src",
"2.1ES:php-devel-0:4.1.2-2.14.i386",
"2.1ES:php-devel-0:4.1.2-2.14.ia64",
"2.1ES:php-imap-0:4.1.2-2.14.i386",
"2.1ES:php-imap-0:4.1.2-2.14.ia64",
"2.1ES:php-ldap-0:4.1.2-2.14.i386",
"2.1ES:php-ldap-0:4.1.2-2.14.ia64",
"2.1ES:php-manual-0:4.1.2-2.14.i386",
"2.1ES:php-manual-0:4.1.2-2.14.ia64",
"2.1ES:php-mysql-0:4.1.2-2.14.i386",
"2.1ES:php-mysql-0:4.1.2-2.14.ia64",
"2.1ES:php-odbc-0:4.1.2-2.14.i386",
"2.1ES:php-odbc-0:4.1.2-2.14.ia64",
"2.1ES:php-pgsql-0:4.1.2-2.14.i386",
"2.1ES:php-pgsql-0:4.1.2-2.14.ia64",
"2.1WS:php-0:4.1.2-2.14.i386",
"2.1WS:php-0:4.1.2-2.14.ia64",
"2.1WS:php-0:4.1.2-2.14.src",
"2.1WS:php-devel-0:4.1.2-2.14.i386",
"2.1WS:php-devel-0:4.1.2-2.14.ia64",
"2.1WS:php-imap-0:4.1.2-2.14.i386",
"2.1WS:php-imap-0:4.1.2-2.14.ia64",
"2.1WS:php-ldap-0:4.1.2-2.14.i386",
"2.1WS:php-ldap-0:4.1.2-2.14.ia64",
"2.1WS:php-manual-0:4.1.2-2.14.i386",
"2.1WS:php-manual-0:4.1.2-2.14.ia64",
"2.1WS:php-mysql-0:4.1.2-2.14.i386",
"2.1WS:php-mysql-0:4.1.2-2.14.ia64",
"2.1WS:php-odbc-0:4.1.2-2.14.i386",
"2.1WS:php-odbc-0:4.1.2-2.14.ia64",
"2.1WS:php-pgsql-0:4.1.2-2.14.i386",
"2.1WS:php-pgsql-0:4.1.2-2.14.ia64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2007:0081"
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "php imap_mail_compose() buffer overflow via type.parameters"
}
]
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.