csaf_redhat - rhsa-2007

rhsa-2007_0163

Vulnerability from csaf_redhat

Published

2007-04-20 11:36

Modified

2024-11-14 10:05

Summary

Red Hat Security Advisory: php security update for Stronghold

Notes

Topic

Updated PHP packages that fix several security issues are now available for Stronghold 4.0 for Enterprise Linux. This update has been rated as having important security impact by the Red Hat Security Response Team.

Details

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. This update addresses the following issues: - An input validation bug allowed a remote attacker to trigger a denial of service attack by submitting an input variable with a deeply-nested-array. (CVE-2007-1285) - An input validation bug function may allow a remote attacker to execute arbitrary code as the "apache" user if a script passes untrusted input data to the unserialize() function. (CVE-2007-1286) - A double-free bug in the "session" extension may allow a remote attacker to execute arbitrary code as the "apache" user, if untrusted input data was passed to the session_decode() function . (CVE-2007-1711) Users of PHP should upgrade to these updated packages, which contain backported patches to correct these issues.

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated PHP packages that fix several security issues are now available for\nStronghold 4.0 for Enterprise Linux. \n\nThis update has been rated as having important security impact by the Red\nHat Security Response Team.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "PHP is an HTML-embedded scripting language commonly used with the Apache\nHTTP Web server. \n\nThis update addresses the following issues:\n\n- An input validation bug allowed a remote attacker to trigger a denial of\nservice attack by submitting an input variable with a deeply-nested-array.\n(CVE-2007-1285)\n\n- An input validation bug function may allow a remote attacker to execute\narbitrary code as the \"apache\" user if a script passes untrusted input data\nto the unserialize() function. (CVE-2007-1286) \n\n- A double-free bug in the \"session\" extension may allow a remote attacker\nto execute arbitrary code as the \"apache\" user, if untrusted input data was\npassed to the session_decode() function . (CVE-2007-1711) \n\nUsers of PHP should upgrade to these updated packages, which contain\nbackported patches to correct these issues.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2007:0163",
        "url": "https://access.redhat.com/errata/RHSA-2007:0163"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "235359",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=235359"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2007/rhsa-2007_0163.json"
      }
    ],
    "title": "Red Hat Security Advisory: php security update for Stronghold",
    "tracking": {
      "current_release_date": "2024-11-14T10:05:08+00:00",
      "generator": {
        "date": "2024-11-14T10:05:08+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.0"
        }
      },
      "id": "RHSA-2007:0163",
      "initial_release_date": "2007-04-20T11:36:00+00:00",
      "revision_history": [
        {
          "date": "2007-04-20T11:36:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2007-04-20T07:36:42+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-14T10:05:08+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Stronghold 4.0 for Red Hat Enterprise Linux AS (version 2.1)",
                "product": {
                  "name": "Stronghold 4.0 for Red Hat Enterprise Linux AS (version 2.1)",
                  "product_id": "SH4-2.1AS",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_stronghold:4.0"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Stronghold 4.0 for Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "stronghold-php-devel-0:4.1.2-15.i386",
                "product": {
                  "name": "stronghold-php-devel-0:4.1.2-15.i386",
                  "product_id": "stronghold-php-devel-0:4.1.2-15.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/stronghold-php-devel@4.1.2-15?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "stronghold-php-0:4.1.2-15.i386",
                "product": {
                  "name": "stronghold-php-0:4.1.2-15.i386",
                  "product_id": "stronghold-php-0:4.1.2-15.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/stronghold-php@4.1.2-15?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "stronghold-php-odbc-0:4.1.2-15.i386",
                "product": {
                  "name": "stronghold-php-odbc-0:4.1.2-15.i386",
                  "product_id": "stronghold-php-odbc-0:4.1.2-15.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/stronghold-php-odbc@4.1.2-15?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "stronghold-php-pgsql-0:4.1.2-15.i386",
                "product": {
                  "name": "stronghold-php-pgsql-0:4.1.2-15.i386",
                  "product_id": "stronghold-php-pgsql-0:4.1.2-15.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/stronghold-php-pgsql@4.1.2-15?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "stronghold-php-mysql-0:4.1.2-15.i386",
                "product": {
                  "name": "stronghold-php-mysql-0:4.1.2-15.i386",
                  "product_id": "stronghold-php-mysql-0:4.1.2-15.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/stronghold-php-mysql@4.1.2-15?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "stronghold-php-manual-0:4.1.2-15.i386",
                "product": {
                  "name": "stronghold-php-manual-0:4.1.2-15.i386",
                  "product_id": "stronghold-php-manual-0:4.1.2-15.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/stronghold-php-manual@4.1.2-15?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "stronghold-php-snmp-0:4.1.2-15.i386",
                "product": {
                  "name": "stronghold-php-snmp-0:4.1.2-15.i386",
                  "product_id": "stronghold-php-snmp-0:4.1.2-15.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/stronghold-php-snmp@4.1.2-15?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "stronghold-php-imap-0:4.1.2-15.i386",
                "product": {
                  "name": "stronghold-php-imap-0:4.1.2-15.i386",
                  "product_id": "stronghold-php-imap-0:4.1.2-15.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/stronghold-php-imap@4.1.2-15?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "stronghold-php-ldap-0:4.1.2-15.i386",
                "product": {
                  "name": "stronghold-php-ldap-0:4.1.2-15.i386",
                  "product_id": "stronghold-php-ldap-0:4.1.2-15.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/stronghold-php-ldap@4.1.2-15?arch=i386"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "i386"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "stronghold-php-0:4.1.2-15.src",
                "product": {
                  "name": "stronghold-php-0:4.1.2-15.src",
                  "product_id": "stronghold-php-0:4.1.2-15.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/stronghold-php@4.1.2-15?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "stronghold-php-0:4.1.2-15.i386 as a component of Stronghold 4.0 for Red Hat Enterprise Linux AS (version 2.1)",
          "product_id": "SH4-2.1AS:stronghold-php-0:4.1.2-15.i386"
        },
        "product_reference": "stronghold-php-0:4.1.2-15.i386",
        "relates_to_product_reference": "SH4-2.1AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "stronghold-php-0:4.1.2-15.src as a component of Stronghold 4.0 for Red Hat Enterprise Linux AS (version 2.1)",
          "product_id": "SH4-2.1AS:stronghold-php-0:4.1.2-15.src"
        },
        "product_reference": "stronghold-php-0:4.1.2-15.src",
        "relates_to_product_reference": "SH4-2.1AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "stronghold-php-devel-0:4.1.2-15.i386 as a component of Stronghold 4.0 for Red Hat Enterprise Linux AS (version 2.1)",
          "product_id": "SH4-2.1AS:stronghold-php-devel-0:4.1.2-15.i386"
        },
        "product_reference": "stronghold-php-devel-0:4.1.2-15.i386",
        "relates_to_product_reference": "SH4-2.1AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "stronghold-php-imap-0:4.1.2-15.i386 as a component of Stronghold 4.0 for Red Hat Enterprise Linux AS (version 2.1)",
          "product_id": "SH4-2.1AS:stronghold-php-imap-0:4.1.2-15.i386"
        },
        "product_reference": "stronghold-php-imap-0:4.1.2-15.i386",
        "relates_to_product_reference": "SH4-2.1AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "stronghold-php-ldap-0:4.1.2-15.i386 as a component of Stronghold 4.0 for Red Hat Enterprise Linux AS (version 2.1)",
          "product_id": "SH4-2.1AS:stronghold-php-ldap-0:4.1.2-15.i386"
        },
        "product_reference": "stronghold-php-ldap-0:4.1.2-15.i386",
        "relates_to_product_reference": "SH4-2.1AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "stronghold-php-manual-0:4.1.2-15.i386 as a component of Stronghold 4.0 for Red Hat Enterprise Linux AS (version 2.1)",
          "product_id": "SH4-2.1AS:stronghold-php-manual-0:4.1.2-15.i386"
        },
        "product_reference": "stronghold-php-manual-0:4.1.2-15.i386",
        "relates_to_product_reference": "SH4-2.1AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "stronghold-php-mysql-0:4.1.2-15.i386 as a component of Stronghold 4.0 for Red Hat Enterprise Linux AS (version 2.1)",
          "product_id": "SH4-2.1AS:stronghold-php-mysql-0:4.1.2-15.i386"
        },
        "product_reference": "stronghold-php-mysql-0:4.1.2-15.i386",
        "relates_to_product_reference": "SH4-2.1AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "stronghold-php-odbc-0:4.1.2-15.i386 as a component of Stronghold 4.0 for Red Hat Enterprise Linux AS (version 2.1)",
          "product_id": "SH4-2.1AS:stronghold-php-odbc-0:4.1.2-15.i386"
        },
        "product_reference": "stronghold-php-odbc-0:4.1.2-15.i386",
        "relates_to_product_reference": "SH4-2.1AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "stronghold-php-pgsql-0:4.1.2-15.i386 as a component of Stronghold 4.0 for Red Hat Enterprise Linux AS (version 2.1)",
          "product_id": "SH4-2.1AS:stronghold-php-pgsql-0:4.1.2-15.i386"
        },
        "product_reference": "stronghold-php-pgsql-0:4.1.2-15.i386",
        "relates_to_product_reference": "SH4-2.1AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "stronghold-php-snmp-0:4.1.2-15.i386 as a component of Stronghold 4.0 for Red Hat Enterprise Linux AS (version 2.1)",
          "product_id": "SH4-2.1AS:stronghold-php-snmp-0:4.1.2-15.i386"
        },
        "product_reference": "stronghold-php-snmp-0:4.1.2-15.i386",
        "relates_to_product_reference": "SH4-2.1AS"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2007-1285",
      "discovery_date": "2007-03-01T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1618296"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "The Zend Engine in PHP 4.x before 4.4.7, and 5.x before 5.2.2, allows remote attackers to cause a denial of service (stack exhaustion and PHP crash) via deeply nested arrays, which trigger deep recursion in the variable destruction routines.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "security flaw",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "SH4-2.1AS:stronghold-php-0:4.1.2-15.i386",
          "SH4-2.1AS:stronghold-php-0:4.1.2-15.src",
          "SH4-2.1AS:stronghold-php-devel-0:4.1.2-15.i386",
          "SH4-2.1AS:stronghold-php-imap-0:4.1.2-15.i386",
          "SH4-2.1AS:stronghold-php-ldap-0:4.1.2-15.i386",
          "SH4-2.1AS:stronghold-php-manual-0:4.1.2-15.i386",
          "SH4-2.1AS:stronghold-php-mysql-0:4.1.2-15.i386",
          "SH4-2.1AS:stronghold-php-odbc-0:4.1.2-15.i386",
          "SH4-2.1AS:stronghold-php-pgsql-0:4.1.2-15.i386",
          "SH4-2.1AS:stronghold-php-snmp-0:4.1.2-15.i386"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2007-1285"
        },
        {
          "category": "external",
          "summary": "RHBZ#1618296",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618296"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2007-1285",
          "url": "https://www.cve.org/CVERecord?id=CVE-2007-1285"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2007-1285",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-1285"
        }
      ],
      "release_date": "2007-03-01T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2007-04-20T11:36:00+00:00",
          "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.  \n\nThis update is available via Red Hat Network.  Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
          "product_ids": [
            "SH4-2.1AS:stronghold-php-0:4.1.2-15.i386",
            "SH4-2.1AS:stronghold-php-0:4.1.2-15.src",
            "SH4-2.1AS:stronghold-php-devel-0:4.1.2-15.i386",
            "SH4-2.1AS:stronghold-php-imap-0:4.1.2-15.i386",
            "SH4-2.1AS:stronghold-php-ldap-0:4.1.2-15.i386",
            "SH4-2.1AS:stronghold-php-manual-0:4.1.2-15.i386",
            "SH4-2.1AS:stronghold-php-mysql-0:4.1.2-15.i386",
            "SH4-2.1AS:stronghold-php-odbc-0:4.1.2-15.i386",
            "SH4-2.1AS:stronghold-php-pgsql-0:4.1.2-15.i386",
            "SH4-2.1AS:stronghold-php-snmp-0:4.1.2-15.i386"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2007:0163"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "security flaw"
    },
    {
      "cve": "CVE-2007-1286",
      "discovery_date": "2007-03-02T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1618297"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Integer overflow in PHP 4.4.4 and earlier allows remote context-dependent attackers to execute arbitrary code via a long string to the unserialize function, which triggers the overflow in the ZVAL reference counter.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "security flaw",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "SH4-2.1AS:stronghold-php-0:4.1.2-15.i386",
          "SH4-2.1AS:stronghold-php-0:4.1.2-15.src",
          "SH4-2.1AS:stronghold-php-devel-0:4.1.2-15.i386",
          "SH4-2.1AS:stronghold-php-imap-0:4.1.2-15.i386",
          "SH4-2.1AS:stronghold-php-ldap-0:4.1.2-15.i386",
          "SH4-2.1AS:stronghold-php-manual-0:4.1.2-15.i386",
          "SH4-2.1AS:stronghold-php-mysql-0:4.1.2-15.i386",
          "SH4-2.1AS:stronghold-php-odbc-0:4.1.2-15.i386",
          "SH4-2.1AS:stronghold-php-pgsql-0:4.1.2-15.i386",
          "SH4-2.1AS:stronghold-php-snmp-0:4.1.2-15.i386"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2007-1286"
        },
        {
          "category": "external",
          "summary": "RHBZ#1618297",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618297"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2007-1286",
          "url": "https://www.cve.org/CVERecord?id=CVE-2007-1286"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2007-1286",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-1286"
        }
      ],
      "release_date": "2007-03-02T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2007-04-20T11:36:00+00:00",
          "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.  \n\nThis update is available via Red Hat Network.  Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
          "product_ids": [
            "SH4-2.1AS:stronghold-php-0:4.1.2-15.i386",
            "SH4-2.1AS:stronghold-php-0:4.1.2-15.src",
            "SH4-2.1AS:stronghold-php-devel-0:4.1.2-15.i386",
            "SH4-2.1AS:stronghold-php-imap-0:4.1.2-15.i386",
            "SH4-2.1AS:stronghold-php-ldap-0:4.1.2-15.i386",
            "SH4-2.1AS:stronghold-php-manual-0:4.1.2-15.i386",
            "SH4-2.1AS:stronghold-php-mysql-0:4.1.2-15.i386",
            "SH4-2.1AS:stronghold-php-odbc-0:4.1.2-15.i386",
            "SH4-2.1AS:stronghold-php-pgsql-0:4.1.2-15.i386",
            "SH4-2.1AS:stronghold-php-snmp-0:4.1.2-15.i386"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2007:0163"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "security flaw"
    },
    {
      "cve": "CVE-2007-1711",
      "discovery_date": "2007-03-25T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1618304"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Double free vulnerability in the unserializer in PHP 4.4.5 and 4.4.6 allows context-dependent attackers to execute arbitrary code by overwriting variables pointing to (1) the GLOBALS array or (2) the session data in _SESSION.  NOTE: this issue was introduced when attempting to patch CVE-2007-1701 (MOPB-31-2007).",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "security flaw",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "SH4-2.1AS:stronghold-php-0:4.1.2-15.i386",
          "SH4-2.1AS:stronghold-php-0:4.1.2-15.src",
          "SH4-2.1AS:stronghold-php-devel-0:4.1.2-15.i386",
          "SH4-2.1AS:stronghold-php-imap-0:4.1.2-15.i386",
          "SH4-2.1AS:stronghold-php-ldap-0:4.1.2-15.i386",
          "SH4-2.1AS:stronghold-php-manual-0:4.1.2-15.i386",
          "SH4-2.1AS:stronghold-php-mysql-0:4.1.2-15.i386",
          "SH4-2.1AS:stronghold-php-odbc-0:4.1.2-15.i386",
          "SH4-2.1AS:stronghold-php-pgsql-0:4.1.2-15.i386",
          "SH4-2.1AS:stronghold-php-snmp-0:4.1.2-15.i386"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2007-1711"
        },
        {
          "category": "external",
          "summary": "RHBZ#1618304",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618304"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2007-1711",
          "url": "https://www.cve.org/CVERecord?id=CVE-2007-1711"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2007-1711",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-1711"
        }
      ],
      "release_date": "2007-03-25T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2007-04-20T11:36:00+00:00",
          "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.  \n\nThis update is available via Red Hat Network.  Details on how to use \nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
          "product_ids": [
            "SH4-2.1AS:stronghold-php-0:4.1.2-15.i386",
            "SH4-2.1AS:stronghold-php-0:4.1.2-15.src",
            "SH4-2.1AS:stronghold-php-devel-0:4.1.2-15.i386",
            "SH4-2.1AS:stronghold-php-imap-0:4.1.2-15.i386",
            "SH4-2.1AS:stronghold-php-ldap-0:4.1.2-15.i386",
            "SH4-2.1AS:stronghold-php-manual-0:4.1.2-15.i386",
            "SH4-2.1AS:stronghold-php-mysql-0:4.1.2-15.i386",
            "SH4-2.1AS:stronghold-php-odbc-0:4.1.2-15.i386",
            "SH4-2.1AS:stronghold-php-pgsql-0:4.1.2-15.i386",
            "SH4-2.1AS:stronghold-php-snmp-0:4.1.2-15.i386"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2007:0163"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "security flaw"
    }
  ]
}

cve-2007-1286

Vulnerability from cvelistv5

Published

2007-03-06 20:00

Modified

2024-08-07 12:50

Severity ?

Summary

Integer overflow in PHP 4.4.4 and earlier allows remote context-dependent attackers to execute arbitrary code via a long string to the unserialize function, which triggers the overflow in the ZVAL reference counter.

References

▼	URL	Tags
	http://www.trustix.org/errata/2007/0009/	vendor-advisory, x_refsource_TRUSTIX
	http://www.vupen.com/english/advisories/2007/1991	vdb-entry, x_refsource_VUPEN
	http://www.debian.org/security/2007/dsa-1283	vendor-advisory, x_refsource_DEBIAN
	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/24606	third-party-advisory, x_refsource_SECUNIA
	http://rhn.redhat.com/errata/RHSA-2007-0154.html	vendor-advisory, x_refsource_REDHAT
	http://www.securityfocus.com/archive/1/466166/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://security.gentoo.org/glsa/glsa-200705-19.xml	vendor-advisory, x_refsource_GENTOO
	http://secunia.com/advisories/24941	third-party-advisory, x_refsource_SECUNIA
	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137	vendor-advisory, x_refsource_HP
	http://security.gentoo.org/glsa/glsa-200703-21.xml	vendor-advisory, x_refsource_GENTOO
	https://exchange.xforce.ibmcloud.com/vulnerabilities/32796	vdb-entry, x_refsource_XF
	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/25062	third-party-advisory, x_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2007/2374	vdb-entry, x_refsource_VUPEN
	http://secunia.com/advisories/25423	third-party-advisory, x_refsource_SECUNIA
	http://www.php-security.org/MOPB/MOPB-04-2007.html	x_refsource_MISC
	http://secunia.com/advisories/24419	third-party-advisory, x_refsource_SECUNIA
	http://www.mandriva.com/security/advisories?name=MDKSA-2007:087	vendor-advisory, x_refsource_MANDRIVA
	http://secunia.com/advisories/24945	third-party-advisory, x_refsource_SECUNIA
	http://www.debian.org/security/2007/dsa-1282	vendor-advisory, x_refsource_DEBIAN
	https://issues.rpath.com/browse/RPL-1268	x_refsource_CONFIRM
	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/24924	third-party-advisory, x_refsource_SECUNIA
	http://rhn.redhat.com/errata/RHSA-2007-0155.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/24910	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/25850	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/25445	third-party-advisory, x_refsource_SECUNIA
	http://rhn.redhat.com/errata/RHSA-2007-0163.html	vendor-advisory, x_refsource_REDHAT
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11575	vdb-entry, signature, x_refsource_OVAL
	http://www.securityfocus.com/bid/22765	vdb-entry, x_refsource_BID
	http://secunia.com/advisories/25025	third-party-advisory, x_refsource_SECUNIA
	http://www.osvdb.org/32771	vdb-entry, x_refsource_OSVDB
	http://www.mandriva.com/security/advisories?name=MDKSA-2007:088	vendor-advisory, x_refsource_MANDRIVA

Impacted products

▼	Vendor	Product
	n/a	n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T12:50:34.928Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "2007-0009",
            "tags": [
              "vendor-advisory",
              "x_refsource_TRUSTIX",
              "x_transferred"
            ],
            "url": "http://www.trustix.org/errata/2007/0009/"
          },
          {
            "name": "ADV-2007-1991",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/1991"
          },
          {
            "name": "DSA-1283",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2007/dsa-1283"
          },
          {
            "name": "SSRT071423",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01056506"
          },
          {
            "name": "24606",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24606"
          },
          {
            "name": "RHSA-2007:0154",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2007-0154.html"
          },
          {
            "name": "20070418 rPSA-2007-0073-1 php php-mysql php-pgsql",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/466166/100/0/threaded"
          },
          {
            "name": "GLSA-200705-19",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200705-19.xml"
          },
          {
            "name": "24941",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24941"
          },
          {
            "name": "HPSBTU02232",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01086137"
          },
          {
            "name": "GLSA-200703-21",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200703-21.xml"
          },
          {
            "name": "php-zval-code-execution(32796)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32796"
          },
          {
            "name": "SSRT071429",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01086137"
          },
          {
            "name": "25062",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25062"
          },
          {
            "name": "ADV-2007-2374",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2374"
          },
          {
            "name": "25423",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25423"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.php-security.org/MOPB/MOPB-04-2007.html"
          },
          {
            "name": "24419",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24419"
          },
          {
            "name": "MDKSA-2007:087",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:087"
          },
          {
            "name": "24945",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24945"
          },
          {
            "name": "DSA-1282",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2007/dsa-1282"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-1268"
          },
          {
            "name": "HPSBMA02215",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01056506"
          },
          {
            "name": "24924",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24924"
          },
          {
            "name": "RHSA-2007:0155",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2007-0155.html"
          },
          {
            "name": "24910",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24910"
          },
          {
            "name": "25850",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25850"
          },
          {
            "name": "25445",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25445"
          },
          {
            "name": "RHSA-2007:0163",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2007-0163.html"
          },
          {
            "name": "oval:org.mitre.oval:def:11575",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11575"
          },
          {
            "name": "22765",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/22765"
          },
          {
            "name": "25025",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25025"
          },
          {
            "name": "32771",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/32771"
          },
          {
            "name": "MDKSA-2007:088",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:088"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-03-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in PHP 4.4.4 and earlier allows remote context-dependent attackers to execute arbitrary code via a long string to the unserialize function, which triggers the overflow in the ZVAL reference counter."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-16T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "2007-0009",
          "tags": [
            "vendor-advisory",
            "x_refsource_TRUSTIX"
          ],
          "url": "http://www.trustix.org/errata/2007/0009/"
        },
        {
          "name": "ADV-2007-1991",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/1991"
        },
        {
          "name": "DSA-1283",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2007/dsa-1283"
        },
        {
          "name": "SSRT071423",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01056506"
        },
        {
          "name": "24606",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24606"
        },
        {
          "name": "RHSA-2007:0154",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2007-0154.html"
        },
        {
          "name": "20070418 rPSA-2007-0073-1 php php-mysql php-pgsql",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/466166/100/0/threaded"
        },
        {
          "name": "GLSA-200705-19",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200705-19.xml"
        },
        {
          "name": "24941",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24941"
        },
        {
          "name": "HPSBTU02232",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01086137"
        },
        {
          "name": "GLSA-200703-21",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200703-21.xml"
        },
        {
          "name": "php-zval-code-execution(32796)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32796"
        },
        {
          "name": "SSRT071429",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01086137"
        },
        {
          "name": "25062",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25062"
        },
        {
          "name": "ADV-2007-2374",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2374"
        },
        {
          "name": "25423",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25423"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.php-security.org/MOPB/MOPB-04-2007.html"
        },
        {
          "name": "24419",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24419"
        },
        {
          "name": "MDKSA-2007:087",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:087"
        },
        {
          "name": "24945",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24945"
        },
        {
          "name": "DSA-1282",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2007/dsa-1282"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-1268"
        },
        {
          "name": "HPSBMA02215",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01056506"
        },
        {
          "name": "24924",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24924"
        },
        {
          "name": "RHSA-2007:0155",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2007-0155.html"
        },
        {
          "name": "24910",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24910"
        },
        {
          "name": "25850",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25850"
        },
        {
          "name": "25445",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25445"
        },
        {
          "name": "RHSA-2007:0163",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2007-0163.html"
        },
        {
          "name": "oval:org.mitre.oval:def:11575",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11575"
        },
        {
          "name": "22765",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/22765"
        },
        {
          "name": "25025",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25025"
        },
        {
          "name": "32771",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/32771"
        },
        {
          "name": "MDKSA-2007:088",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:088"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-1286",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integer overflow in PHP 4.4.4 and earlier allows remote context-dependent attackers to execute arbitrary code via a long string to the unserialize function, which triggers the overflow in the ZVAL reference counter."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "2007-0009",
              "refsource": "TRUSTIX",
              "url": "http://www.trustix.org/errata/2007/0009/"
            },
            {
              "name": "ADV-2007-1991",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/1991"
            },
            {
              "name": "DSA-1283",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2007/dsa-1283"
            },
            {
              "name": "SSRT071423",
              "refsource": "HP",
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01056506"
            },
            {
              "name": "24606",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24606"
            },
            {
              "name": "RHSA-2007:0154",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2007-0154.html"
            },
            {
              "name": "20070418 rPSA-2007-0073-1 php php-mysql php-pgsql",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/466166/100/0/threaded"
            },
            {
              "name": "GLSA-200705-19",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200705-19.xml"
            },
            {
              "name": "24941",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24941"
            },
            {
              "name": "HPSBTU02232",
              "refsource": "HP",
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01086137"
            },
            {
              "name": "GLSA-200703-21",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200703-21.xml"
            },
            {
              "name": "php-zval-code-execution(32796)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32796"
            },
            {
              "name": "SSRT071429",
              "refsource": "HP",
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01086137"
            },
            {
              "name": "25062",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25062"
            },
            {
              "name": "ADV-2007-2374",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/2374"
            },
            {
              "name": "25423",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25423"
            },
            {
              "name": "http://www.php-security.org/MOPB/MOPB-04-2007.html",
              "refsource": "MISC",
              "url": "http://www.php-security.org/MOPB/MOPB-04-2007.html"
            },
            {
              "name": "24419",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24419"
            },
            {
              "name": "MDKSA-2007:087",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:087"
            },
            {
              "name": "24945",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24945"
            },
            {
              "name": "DSA-1282",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2007/dsa-1282"
            },
            {
              "name": "https://issues.rpath.com/browse/RPL-1268",
              "refsource": "CONFIRM",
              "url": "https://issues.rpath.com/browse/RPL-1268"
            },
            {
              "name": "HPSBMA02215",
              "refsource": "HP",
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01056506"
            },
            {
              "name": "24924",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24924"
            },
            {
              "name": "RHSA-2007:0155",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2007-0155.html"
            },
            {
              "name": "24910",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24910"
            },
            {
              "name": "25850",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25850"
            },
            {
              "name": "25445",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25445"
            },
            {
              "name": "RHSA-2007:0163",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2007-0163.html"
            },
            {
              "name": "oval:org.mitre.oval:def:11575",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11575"
            },
            {
              "name": "22765",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/22765"
            },
            {
              "name": "25025",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25025"
            },
            {
              "name": "32771",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/32771"
            },
            {
              "name": "MDKSA-2007:088",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:088"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-1286",
    "datePublished": "2007-03-06T20:00:00",
    "dateReserved": "2007-03-06T00:00:00",
    "dateUpdated": "2024-08-07T12:50:34.928Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-1285

Vulnerability from cvelistv5

Published

2007-03-06 20:00

Modified

2024-08-07 12:50

Severity ?

Summary

The Zend Engine in PHP 4.x before 4.4.7, and 5.x before 5.2.2, allows remote attackers to cause a denial of service (stack exhaustion and PHP crash) via deeply nested arrays, which trigger deep recursion in the variable destruction routines.

References

▼	URL	Tags
	https://launchpad.net/bugs/173043	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/22764	vdb-entry, x_refsource_BID
	http://rhn.redhat.com/errata/RHSA-2007-0154.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/26048	third-party-advisory, x_refsource_SECUNIA
	http://www.securityfocus.com/archive/1/466166/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://security.gentoo.org/glsa/glsa-200705-19.xml	vendor-advisory, x_refsource_GENTOO
	http://secunia.com/advisories/24941	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/27864	third-party-advisory, x_refsource_SECUNIA
	http://www.redhat.com/support/errata/RHSA-2007-0162.html	vendor-advisory, x_refsource_REDHAT
	http://us2.php.net/releases/4_4_7.php	x_refsource_CONFIRM
	http://www.php.net/releases/4_4_8.php	x_refsource_CONFIRM
	http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.335136	vendor-advisory, x_refsource_SLACKWARE
	http://www.php.net/ChangeLog-5.php#5.2.4	x_refsource_CONFIRM
	http://secunia.com/advisories/28936	third-party-advisory, x_refsource_SECUNIA
	http://www.mandriva.com/security/advisories?name=MDKSA-2007:090	vendor-advisory, x_refsource_MANDRIVA
	http://www.php-security.org/MOPB/MOPB-03-2007.html	x_refsource_MISC
	https://usn.ubuntu.com/549-1/	vendor-advisory, x_refsource_UBUNTU
	http://secunia.com/advisories/24909	third-party-advisory, x_refsource_SECUNIA
	http://www.mandriva.com/security/advisories?name=MDKSA-2007:087	vendor-advisory, x_refsource_MANDRIVA
	http://secunia.com/advisories/24945	third-party-advisory, x_refsource_SECUNIA
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11017	vdb-entry, signature, x_refsource_OVAL
	https://issues.rpath.com/browse/RPL-1268	x_refsource_CONFIRM
	http://www.osvdb.org/32769	vdb-entry, x_refsource_OSVDB
	http://us2.php.net/releases/5_2_2.php	x_refsource_CONFIRM
	http://www.securitytracker.com/id?1017771	vdb-entry, x_refsource_SECTRACK
	http://www.redhat.com/support/errata/RHSA-2007-0082.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/24924	third-party-advisory, x_refsource_SECUNIA
	http://rhn.redhat.com/errata/RHSA-2007-0155.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/24910	third-party-advisory, x_refsource_SECUNIA
	http://www.php.net/ChangeLog-4.php	x_refsource_CONFIRM
	http://www.php.net/releases/5_2_4.php	x_refsource_CONFIRM
	http://www.mandriva.com/security/advisories?name=MDKSA-2007:089	vendor-advisory, x_refsource_MANDRIVA
	http://secunia.com/advisories/25445	third-party-advisory, x_refsource_SECUNIA
	http://rhn.redhat.com/errata/RHSA-2007-0163.html	vendor-advisory, x_refsource_REDHAT
	http://www.ubuntu.com/usn/usn-549-2	vendor-advisory, x_refsource_UBUNTU
	http://secunia.com/advisories/26642	third-party-advisory, x_refsource_SECUNIA
	http://www.mandriva.com/security/advisories?name=MDKSA-2007:088	vendor-advisory, x_refsource_MANDRIVA
	http://lists.opensuse.org/opensuse-security-announce/2007-07/msg00006.html	vendor-advisory, x_refsource_SUSE

Impacted products

▼	Vendor	Product
	n/a	n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T12:50:35.022Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://launchpad.net/bugs/173043"
          },
          {
            "name": "22764",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/22764"
          },
          {
            "name": "RHSA-2007:0154",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2007-0154.html"
          },
          {
            "name": "26048",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26048"
          },
          {
            "name": "20070418 rPSA-2007-0073-1 php php-mysql php-pgsql",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/466166/100/0/threaded"
          },
          {
            "name": "GLSA-200705-19",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200705-19.xml"
          },
          {
            "name": "24941",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24941"
          },
          {
            "name": "27864",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27864"
          },
          {
            "name": "RHSA-2007:0162",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-0162.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://us2.php.net/releases/4_4_7.php"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.php.net/releases/4_4_8.php"
          },
          {
            "name": "SSA:2008-045-03",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.335136"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.php.net/ChangeLog-5.php#5.2.4"
          },
          {
            "name": "28936",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28936"
          },
          {
            "name": "MDKSA-2007:090",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:090"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.php-security.org/MOPB/MOPB-03-2007.html"
          },
          {
            "name": "USN-549-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/549-1/"
          },
          {
            "name": "24909",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24909"
          },
          {
            "name": "MDKSA-2007:087",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:087"
          },
          {
            "name": "24945",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24945"
          },
          {
            "name": "oval:org.mitre.oval:def:11017",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11017"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-1268"
          },
          {
            "name": "32769",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/32769"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://us2.php.net/releases/5_2_2.php"
          },
          {
            "name": "1017771",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1017771"
          },
          {
            "name": "RHSA-2007:0082",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-0082.html"
          },
          {
            "name": "24924",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24924"
          },
          {
            "name": "RHSA-2007:0155",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2007-0155.html"
          },
          {
            "name": "24910",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24910"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.php.net/ChangeLog-4.php"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.php.net/releases/5_2_4.php"
          },
          {
            "name": "MDKSA-2007:089",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:089"
          },
          {
            "name": "25445",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25445"
          },
          {
            "name": "RHSA-2007:0163",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2007-0163.html"
          },
          {
            "name": "USN-549-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-549-2"
          },
          {
            "name": "26642",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26642"
          },
          {
            "name": "MDKSA-2007:088",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:088"
          },
          {
            "name": "SUSE-SA:2007:044",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2007-07/msg00006.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-03-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Zend Engine in PHP 4.x before 4.4.7, and 5.x before 5.2.2, allows remote attackers to cause a denial of service (stack exhaustion and PHP crash) via deeply nested arrays, which trigger deep recursion in the variable destruction routines."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-16T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://launchpad.net/bugs/173043"
        },
        {
          "name": "22764",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/22764"
        },
        {
          "name": "RHSA-2007:0154",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2007-0154.html"
        },
        {
          "name": "26048",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26048"
        },
        {
          "name": "20070418 rPSA-2007-0073-1 php php-mysql php-pgsql",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/466166/100/0/threaded"
        },
        {
          "name": "GLSA-200705-19",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200705-19.xml"
        },
        {
          "name": "24941",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24941"
        },
        {
          "name": "27864",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27864"
        },
        {
          "name": "RHSA-2007:0162",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-0162.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://us2.php.net/releases/4_4_7.php"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.php.net/releases/4_4_8.php"
        },
        {
          "name": "SSA:2008-045-03",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.335136"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.php.net/ChangeLog-5.php#5.2.4"
        },
        {
          "name": "28936",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28936"
        },
        {
          "name": "MDKSA-2007:090",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:090"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.php-security.org/MOPB/MOPB-03-2007.html"
        },
        {
          "name": "USN-549-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/549-1/"
        },
        {
          "name": "24909",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24909"
        },
        {
          "name": "MDKSA-2007:087",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:087"
        },
        {
          "name": "24945",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24945"
        },
        {
          "name": "oval:org.mitre.oval:def:11017",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11017"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-1268"
        },
        {
          "name": "32769",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/32769"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://us2.php.net/releases/5_2_2.php"
        },
        {
          "name": "1017771",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1017771"
        },
        {
          "name": "RHSA-2007:0082",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-0082.html"
        },
        {
          "name": "24924",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24924"
        },
        {
          "name": "RHSA-2007:0155",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2007-0155.html"
        },
        {
          "name": "24910",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24910"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.php.net/ChangeLog-4.php"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.php.net/releases/5_2_4.php"
        },
        {
          "name": "MDKSA-2007:089",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:089"
        },
        {
          "name": "25445",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25445"
        },
        {
          "name": "RHSA-2007:0163",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2007-0163.html"
        },
        {
          "name": "USN-549-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-549-2"
        },
        {
          "name": "26642",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26642"
        },
        {
          "name": "MDKSA-2007:088",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:088"
        },
        {
          "name": "SUSE-SA:2007:044",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2007-07/msg00006.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-1285",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Zend Engine in PHP 4.x before 4.4.7, and 5.x before 5.2.2, allows remote attackers to cause a denial of service (stack exhaustion and PHP crash) via deeply nested arrays, which trigger deep recursion in the variable destruction routines."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://launchpad.net/bugs/173043",
              "refsource": "CONFIRM",
              "url": "https://launchpad.net/bugs/173043"
            },
            {
              "name": "22764",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/22764"
            },
            {
              "name": "RHSA-2007:0154",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2007-0154.html"
            },
            {
              "name": "26048",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/26048"
            },
            {
              "name": "20070418 rPSA-2007-0073-1 php php-mysql php-pgsql",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/466166/100/0/threaded"
            },
            {
              "name": "GLSA-200705-19",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200705-19.xml"
            },
            {
              "name": "24941",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24941"
            },
            {
              "name": "27864",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27864"
            },
            {
              "name": "RHSA-2007:0162",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0162.html"
            },
            {
              "name": "http://us2.php.net/releases/4_4_7.php",
              "refsource": "CONFIRM",
              "url": "http://us2.php.net/releases/4_4_7.php"
            },
            {
              "name": "http://www.php.net/releases/4_4_8.php",
              "refsource": "CONFIRM",
              "url": "http://www.php.net/releases/4_4_8.php"
            },
            {
              "name": "SSA:2008-045-03",
              "refsource": "SLACKWARE",
              "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.335136"
            },
            {
              "name": "http://www.php.net/ChangeLog-5.php#5.2.4",
              "refsource": "CONFIRM",
              "url": "http://www.php.net/ChangeLog-5.php#5.2.4"
            },
            {
              "name": "28936",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28936"
            },
            {
              "name": "MDKSA-2007:090",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:090"
            },
            {
              "name": "http://www.php-security.org/MOPB/MOPB-03-2007.html",
              "refsource": "MISC",
              "url": "http://www.php-security.org/MOPB/MOPB-03-2007.html"
            },
            {
              "name": "USN-549-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/549-1/"
            },
            {
              "name": "24909",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24909"
            },
            {
              "name": "MDKSA-2007:087",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:087"
            },
            {
              "name": "24945",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24945"
            },
            {
              "name": "oval:org.mitre.oval:def:11017",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11017"
            },
            {
              "name": "https://issues.rpath.com/browse/RPL-1268",
              "refsource": "CONFIRM",
              "url": "https://issues.rpath.com/browse/RPL-1268"
            },
            {
              "name": "32769",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/32769"
            },
            {
              "name": "http://us2.php.net/releases/5_2_2.php",
              "refsource": "CONFIRM",
              "url": "http://us2.php.net/releases/5_2_2.php"
            },
            {
              "name": "1017771",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1017771"
            },
            {
              "name": "RHSA-2007:0082",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0082.html"
            },
            {
              "name": "24924",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24924"
            },
            {
              "name": "RHSA-2007:0155",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2007-0155.html"
            },
            {
              "name": "24910",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24910"
            },
            {
              "name": "http://www.php.net/ChangeLog-4.php",
              "refsource": "CONFIRM",
              "url": "http://www.php.net/ChangeLog-4.php"
            },
            {
              "name": "http://www.php.net/releases/5_2_4.php",
              "refsource": "CONFIRM",
              "url": "http://www.php.net/releases/5_2_4.php"
            },
            {
              "name": "MDKSA-2007:089",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:089"
            },
            {
              "name": "25445",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25445"
            },
            {
              "name": "RHSA-2007:0163",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2007-0163.html"
            },
            {
              "name": "USN-549-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/usn-549-2"
            },
            {
              "name": "26642",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/26642"
            },
            {
              "name": "MDKSA-2007:088",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:088"
            },
            {
              "name": "SUSE-SA:2007:044",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2007-07/msg00006.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-1285",
    "datePublished": "2007-03-06T20:00:00",
    "dateReserved": "2007-03-06T00:00:00",
    "dateUpdated": "2024-08-07T12:50:35.022Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-1711

Vulnerability from cvelistv5

Published

2007-03-27 01:00

Modified

2024-08-07 13:06

Severity ?

Summary

Double free vulnerability in the unserializer in PHP 4.4.5 and 4.4.6 allows context-dependent attackers to execute arbitrary code by overwriting variables pointing to (1) the GLOBALS array or (2) the session data in _SESSION. NOTE: this issue was introduced when attempting to patch CVE-2007-1701 (MOPB-31-2007).

References

▼	URL	Tags
	http://www.vupen.com/english/advisories/2007/2732	vdb-entry, x_refsource_VUPEN
	http://www.securityfocus.com/bid/23121	vdb-entry, x_refsource_BID
	http://www.debian.org/security/2007/dsa-1283	vendor-advisory, x_refsource_DEBIAN
	http://rhn.redhat.com/errata/RHSA-2007-0154.html	vendor-advisory, x_refsource_REDHAT
	http://www.securityfocus.com/archive/1/466166/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html	vendor-advisory, x_refsource_APPLE
	http://security.gentoo.org/glsa/glsa-200705-19.xml	vendor-advisory, x_refsource_GENTOO
	http://secunia.com/advisories/24941	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/25062	third-party-advisory, x_refsource_SECUNIA
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10406	vdb-entry, signature, x_refsource_OVAL
	http://www.mandriva.com/security/advisories?name=MDKSA-2007:087	vendor-advisory, x_refsource_MANDRIVA
	http://secunia.com/advisories/24945	third-party-advisory, x_refsource_SECUNIA
	http://www.debian.org/security/2007/dsa-1282	vendor-advisory, x_refsource_DEBIAN
	https://issues.rpath.com/browse/RPL-1268	x_refsource_CONFIRM
	http://docs.info.apple.com/article.html?artnum=306172	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilities/33575	vdb-entry, x_refsource_XF
	http://secunia.com/advisories/24924	third-party-advisory, x_refsource_SECUNIA
	http://rhn.redhat.com/errata/RHSA-2007-0155.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/24910	third-party-advisory, x_refsource_SECUNIA
	http://www.securityfocus.com/bid/25159	vdb-entry, x_refsource_BID
	http://secunia.com/advisories/25445	third-party-advisory, x_refsource_SECUNIA
	http://www.php-security.org/MOPB/MOPB-32-2007.html	x_refsource_MISC
	http://rhn.redhat.com/errata/RHSA-2007-0163.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/25025	third-party-advisory, x_refsource_SECUNIA
	http://www.mandriva.com/security/advisories?name=MDKSA-2007:088	vendor-advisory, x_refsource_MANDRIVA
	http://secunia.com/advisories/26235	third-party-advisory, x_refsource_SECUNIA

Impacted products

▼	Vendor	Product
	n/a	n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T13:06:25.850Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ADV-2007-2732",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2732"
          },
          {
            "name": "23121",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/23121"
          },
          {
            "name": "DSA-1283",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2007/dsa-1283"
          },
          {
            "name": "RHSA-2007:0154",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2007-0154.html"
          },
          {
            "name": "20070418 rPSA-2007-0073-1 php php-mysql php-pgsql",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/466166/100/0/threaded"
          },
          {
            "name": "APPLE-SA-2007-07-31",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html"
          },
          {
            "name": "GLSA-200705-19",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200705-19.xml"
          },
          {
            "name": "24941",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24941"
          },
          {
            "name": "25062",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25062"
          },
          {
            "name": "oval:org.mitre.oval:def:10406",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10406"
          },
          {
            "name": "MDKSA-2007:087",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:087"
          },
          {
            "name": "24945",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24945"
          },
          {
            "name": "DSA-1282",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2007/dsa-1282"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-1268"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://docs.info.apple.com/article.html?artnum=306172"
          },
          {
            "name": "php-deserializer-code-execution(33575)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33575"
          },
          {
            "name": "24924",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24924"
          },
          {
            "name": "RHSA-2007:0155",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2007-0155.html"
          },
          {
            "name": "24910",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24910"
          },
          {
            "name": "25159",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/25159"
          },
          {
            "name": "25445",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25445"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.php-security.org/MOPB/MOPB-32-2007.html"
          },
          {
            "name": "RHSA-2007:0163",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2007-0163.html"
          },
          {
            "name": "25025",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25025"
          },
          {
            "name": "MDKSA-2007:088",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:088"
          },
          {
            "name": "26235",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26235"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-03-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Double free vulnerability in the unserializer in PHP 4.4.5 and 4.4.6 allows context-dependent attackers to execute arbitrary code by overwriting variables pointing to (1) the GLOBALS array or (2) the session data in _SESSION.  NOTE: this issue was introduced when attempting to patch CVE-2007-1701 (MOPB-31-2007)."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-16T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "ADV-2007-2732",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2732"
        },
        {
          "name": "23121",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/23121"
        },
        {
          "name": "DSA-1283",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2007/dsa-1283"
        },
        {
          "name": "RHSA-2007:0154",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2007-0154.html"
        },
        {
          "name": "20070418 rPSA-2007-0073-1 php php-mysql php-pgsql",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/466166/100/0/threaded"
        },
        {
          "name": "APPLE-SA-2007-07-31",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html"
        },
        {
          "name": "GLSA-200705-19",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200705-19.xml"
        },
        {
          "name": "24941",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24941"
        },
        {
          "name": "25062",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25062"
        },
        {
          "name": "oval:org.mitre.oval:def:10406",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10406"
        },
        {
          "name": "MDKSA-2007:087",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:087"
        },
        {
          "name": "24945",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24945"
        },
        {
          "name": "DSA-1282",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2007/dsa-1282"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-1268"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://docs.info.apple.com/article.html?artnum=306172"
        },
        {
          "name": "php-deserializer-code-execution(33575)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33575"
        },
        {
          "name": "24924",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24924"
        },
        {
          "name": "RHSA-2007:0155",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2007-0155.html"
        },
        {
          "name": "24910",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24910"
        },
        {
          "name": "25159",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/25159"
        },
        {
          "name": "25445",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25445"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.php-security.org/MOPB/MOPB-32-2007.html"
        },
        {
          "name": "RHSA-2007:0163",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2007-0163.html"
        },
        {
          "name": "25025",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25025"
        },
        {
          "name": "MDKSA-2007:088",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:088"
        },
        {
          "name": "26235",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26235"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-1711",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Double free vulnerability in the unserializer in PHP 4.4.5 and 4.4.6 allows context-dependent attackers to execute arbitrary code by overwriting variables pointing to (1) the GLOBALS array or (2) the session data in _SESSION.  NOTE: this issue was introduced when attempting to patch CVE-2007-1701 (MOPB-31-2007)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ADV-2007-2732",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/2732"
            },
            {
              "name": "23121",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/23121"
            },
            {
              "name": "DSA-1283",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2007/dsa-1283"
            },
            {
              "name": "RHSA-2007:0154",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2007-0154.html"
            },
            {
              "name": "20070418 rPSA-2007-0073-1 php php-mysql php-pgsql",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/466166/100/0/threaded"
            },
            {
              "name": "APPLE-SA-2007-07-31",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html"
            },
            {
              "name": "GLSA-200705-19",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200705-19.xml"
            },
            {
              "name": "24941",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24941"
            },
            {
              "name": "25062",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25062"
            },
            {
              "name": "oval:org.mitre.oval:def:10406",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10406"
            },
            {
              "name": "MDKSA-2007:087",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:087"
            },
            {
              "name": "24945",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24945"
            },
            {
              "name": "DSA-1282",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2007/dsa-1282"
            },
            {
              "name": "https://issues.rpath.com/browse/RPL-1268",
              "refsource": "CONFIRM",
              "url": "https://issues.rpath.com/browse/RPL-1268"
            },
            {
              "name": "http://docs.info.apple.com/article.html?artnum=306172",
              "refsource": "CONFIRM",
              "url": "http://docs.info.apple.com/article.html?artnum=306172"
            },
            {
              "name": "php-deserializer-code-execution(33575)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33575"
            },
            {
              "name": "24924",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24924"
            },
            {
              "name": "RHSA-2007:0155",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2007-0155.html"
            },
            {
              "name": "24910",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24910"
            },
            {
              "name": "25159",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/25159"
            },
            {
              "name": "25445",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25445"
            },
            {
              "name": "http://www.php-security.org/MOPB/MOPB-32-2007.html",
              "refsource": "MISC",
              "url": "http://www.php-security.org/MOPB/MOPB-32-2007.html"
            },
            {
              "name": "RHSA-2007:0163",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2007-0163.html"
            },
            {
              "name": "25025",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25025"
            },
            {
              "name": "MDKSA-2007:088",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:088"
            },
            {
              "name": "26235",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/26235"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-1711",
    "datePublished": "2007-03-27T01:00:00",
    "dateReserved": "2007-03-26T00:00:00",
    "dateUpdated": "2024-08-07T13:06:25.850Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

rhsa-2007_0163

Vulnerability from csaf_redhat

cve-2007-1286

Vulnerability from cvelistv5

cve-2007-1285

Vulnerability from cvelistv5

cve-2007-1711

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature