4.3 - CVE-2007-0988

Executive Summary

Informations
Name	CVE-2007-0988	First vendor Publication	2007-02-20
Vendor	Cve	Last vendor Modification	2019-10-09

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:N/I:N/A:P)
Cvss Base Score	4.3	Attack Range	Network
Cvss Impact Score	2.9	Attack Complexity	Medium
Cvss Expoit Score	8.6	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

The zend_hash_init function in PHP 5 before 5.2.1 and PHP 4 before 4.4.5, when running on a 64-bit platform, allows context-dependent attackers to cause a denial of service (infinite loop) by unserializing certain integer expressions, which only cause 32-bit arguments to be used after the check for a negative value, as demonstrated by an "a:2147483649:{" argument.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0988

CWE : Common Weakness Enumeration

%	Id	Name
100 %	CWE-119	Failure to Constrain Operations within the Bounds of a Memory Buffer

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:11092

Oval ID:	oval:org.mitre.oval:def:11092
Title:	The zend_hash_init function in PHP 5 before 5.2.1 and PHP 4 before 4.4.5, when running on a 64-bit platform, allows context-dependent attackers to cause a denial of service (infinite loop) by unserializing certain integer expressions, which only cause 32-bit arguments to be used after the check for a negative value, as demonstrated by an "a:2147483649:{" argument.
Description:	The zend_hash_init function in PHP 5 before 5.2.1 and PHP 4 before 4.4.5, when running on a 64-bit platform, allows context-dependent attackers to cause a denial of service (infinite loop) by unserializing certain integer expressions, which only cause 32-bit arguments to be used after the check for a negative value, as demonstrated by an "a:2147483649:{" argument.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2007-0988	Version:	5
Platform(s):	Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5	Product(s):
Definition Synopsis:
OS Section: RHEL3, CentOS3 RHEL3 or CentOS3 The operating system installed on the system is Red Hat Enterprise Linux 3 AND CentOS Linux 3.x AND Configuration section php is earlier than 0:4.3.2-39.ent AND php-pgsql is earlier than 0:4.3.2-39.ent AND php-mysql is earlier than 0:4.3.2-39.ent AND php-ldap is earlier than 0:4.3.2-39.ent AND php-imap is earlier than 0:4.3.2-39.ent AND php-odbc is earlier than 0:4.3.2-39.ent AND php-devel is earlier than 0:4.3.2-39.ent OR OS Section: RHEL4, CentOS4, Oracle Linux 4 RHEL4, CentOS4 or Oracle Linux 4 The operating system installed on the system is Red Hat Enterprise Linux 4 AND CentOS Linux 4.x AND Oracle Linux 4.x AND Configuration section php-xmlrpc is earlier than 0:4.3.9-3.22.3 AND php-snmp is earlier than 0:4.3.9-3.22.3 AND php-domxml is earlier than 0:4.3.9-3.22.3 AND php-mysql is earlier than 0:4.3.9-3.22.3 AND php-imap is earlier than 0:4.3.9-3.22.3 AND php-gd is earlier than 0:4.3.9-3.22.3 AND php is earlier than 0:4.3.9-3.22.3 AND php-mbstring is earlier than 0:4.3.9-3.22.3 AND php-pgsql is earlier than 0:4.3.9-3.22.3 AND php-pear is earlier than 0:4.3.9-3.22.3 AND php-ldap is earlier than 0:4.3.9-3.22.3 AND php-odbc is earlier than 0:4.3.9-3.22.3 AND php-ncurses is earlier than 0:4.3.9-3.22.3 AND php-devel is earlier than 0:4.3.9-3.22.3 OR OS Section: RHEL5, CentOS5, Oracle Linux 5 RHEL5, CentOS5 or Oracle Linux 5 The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x AND Oracle Linux 5.x AND Configuration section php-bcmath is earlier than 0:5.1.6-7.el5 AND php-soap is earlier than 0:5.1.6-7.el5 AND php-common is earlier than 0:5.1.6-7.el5 AND php-mysql is earlier than 0:5.1.6-7.el5 AND php-imap is earlier than 0:5.1.6-7.el5 AND php-gd is earlier than 0:5.1.6-7.el5 AND php is earlier than 0:5.1.6-7.el5 AND php-mbstring is earlier than 0:5.1.6-7.el5 AND php-pgsql is earlier than 0:5.1.6-7.el5 AND php-xml is earlier than 0:5.1.6-7.el5 AND php-ldap is earlier than 0:5.1.6-7.el5 AND php-odbc is earlier than 0:5.1.6-7.el5 AND php-ncurses is earlier than 0:5.1.6-7.el5 AND php-devel is earlier than 0:5.1.6-7.el5 AND php-xmlrpc is earlier than 0:5.1.6-7.el5 AND php-snmp is earlier than 0:5.1.6-7.el5 AND php-pdo is earlier than 0:5.1.6-7.el5 AND php-dba is earlier than 0:5.1.6-7.el5 AND php-cli is earlier than 0:5.1.6-7.el5

CPE : Common Platform Enumeration

Type	Description	Count
Application	Php cpe:2.3:a:php:php:5.2.0:::::::* cpe:2.3:a:php:php:5.2.0:rc1:::::: cpe:2.3:a:php:php:5.2.0:rc2:::::: cpe:2.3:a:php:php:5.2.0:rc3:::::: cpe:2.3:a:php:php:5.2.0:rc4:::::: cpe:2.3:a:php:php:5.2.0:rc5:::::: cpe:2.3:a:php:php:5.2.0:rc6:::::: cpe:2.3:a:php:php:5.1.6:::::::* cpe:2.3:a:php:php:5.1.5:-:::::: cpe:2.3:a:php:php:5.1.5:rc1:::::: cpe:2.3:a:php:php:5.1.4:::::::* cpe:2.3:a:php:php:5.1.3:::::::* cpe:2.3:a:php:php:5.1.3:rc1:::::: cpe:2.3:a:php:php:5.1.3:rc2:::::: cpe:2.3:a:php:php:5.1.3:rc3:::::: cpe:2.3:a:php:php:5.1.2:-:::::: cpe:2.3:a:php:php:5.1.2:rc1:::::: cpe:2.3:a:php:php:5.1.2:rc2:::::: cpe:2.3:a:php:php:5.1.1:::::::* cpe:2.3:a:php:php:5.1.0:-:::::: cpe:2.3:a:php:php:5.1.0:beta1:::::: cpe:2.3:a:php:php:5.1.0:beta2:::::: cpe:2.3:a:php:php:5.1.0:beta3:::::: cpe:2.3:a:php:php:5.1.0:rc1:::::: cpe:2.3:a:php:php:5.1.0:rc2:::::: cpe:2.3:a:php:php:5.1.0:rc2-pre:::::: cpe:2.3:a:php:php:5.1.0:rc3:::::: cpe:2.3:a:php:php:5.1.0:rc4:::::: cpe:2.3:a:php:php:5.1.0:rc5:::::: cpe:2.3:a:php:php:5.1.0:rc6:::::: cpe:2.3:a:php:php:5.0.5:-:::::: cpe:2.3:a:php:php:5.0.5:rc1:::::: cpe:2.3:a:php:php:5.0.5:rc2:::::: cpe:2.3:a:php:php:5.0.4:-:::::: cpe:2.3:a:php:php:5.0.4:rc1:::::: cpe:2.3:a:php:php:5.0.4:rc2:::::: cpe:2.3:a:php:php:5.0.3:-:::::: cpe:2.3:a:php:php:5.0.3:rc1:::::: cpe:2.3:a:php:php:5.0.3:rc2:::::: cpe:2.3:a:php:php:5.0.2:-:::::: cpe:2.3:a:php:php:5.0.2:rc1:::::: cpe:2.3:a:php:php:5.0.1:-:::::: cpe:2.3:a:php:php:5.0.1:beta1:::::: cpe:2.3:a:php:php:5.0.1:rc1:::::: cpe:2.3:a:php:php:5.0.1:rc2:::::: cpe:2.3:a:php:php:5.0.0:beta3:::::: cpe:2.3:a:php:php:5.0.0:rc3:::::: cpe:2.3:a:php:php:5.0.0:beta1:::::: cpe:2.3:a:php:php:5.0.0:beta4:::::: cpe:2.3:a:php:php:5.0.0:rc1:::::: cpe:2.3:a:php:php:5.0.0:beta2:::::: cpe:2.3:a:php:php:5.0.0:rc2:::::: cpe:2.3:a:php:php:5.0.0:-:::::: cpe:2.3:a:php:php:5.0:rc1:::::: cpe:2.3:a:php:php:5.0:rc3:::::: cpe:2.3:a:php:php:5.0:rc2:::::: cpe:2.3:a:php:php:5:::::::* cpe:2.3:a:php:php:4.4.9:-:::::: cpe:2.3:a:php:php:4.4.9:rc1:::::: cpe:2.3:a:php:php:4.4.8:-:::::: cpe:2.3:a:php:php:4.4.8:rc1:::::: cpe:2.3:a:php:php:4.4.7:-:::::: cpe:2.3:a:php:php:4.4.7:rc1:::::: cpe:2.3:a:php:php:4.4.6:-:::::: cpe:2.3:a:php:php:4.4.6:rc1:::::: cpe:2.3:a:php:php:4.4.5:-:::::: cpe:2.3:a:php:php:4.4.5:rc1:::::: cpe:2.3:a:php:php:4.4.5:rc2:::::: cpe:2.3:a:php:php:4.4.4:-:::::: cpe:2.3:a:php:php:4.4.4:rc1:::::: cpe:2.3:a:php:php:4.4.3:-:::::: cpe:2.3:a:php:php:4.4.3:rc1:::::: cpe:2.3:a:php:php:4.4.3:rc2:::::: cpe:2.3:a:php:php:4.4.2:-:::::: cpe:2.3:a:php:php:4.4.2:rc1:::::: cpe:2.3:a:php:php:4.4.2:rc2:::::: cpe:2.3:a:php:php:4.4.1:-:::::: cpe:2.3:a:php:php:4.4.1:rc1:::::: cpe:2.3:a:php:php:4.4.0:-:::::: cpe:2.3:a:php:php:4.4.0:rc1:::::: cpe:2.3:a:php:php:4.4.0:rc2:::::: cpe:2.3:a:php:php:4.3.9:::::::* cpe:2.3:a:php:php:4.3.9:rc1:::::: cpe:2.3:a:php:php:4.3.9:rc2:::::: cpe:2.3:a:php:php:4.3.9:rc3:::::: cpe:2.3:a:php:php:4.3.8:::::::* cpe:2.3:a:php:php:4.3.7:-:::::: cpe:2.3:a:php:php:4.3.7:rc1:::::: cpe:2.3:a:php:php:4.3.6:-:::::: cpe:2.3:a:php:php:4.3.6:rc1:::::: cpe:2.3:a:php:php:4.3.6:rc2:::::: cpe:2.3:a:php:php:4.3.6:rc3:::::: cpe:2.3:a:php:php:4.3.5:-:::::: cpe:2.3:a:php:php:4.3.5:rc1:::::: cpe:2.3:a:php:php:4.3.5:rc2:::::: cpe:2.3:a:php:php:4.3.5:rc3:::::: cpe:2.3:a:php:php:4.3.5:rc4:::::: cpe:2.3:a:php:php:4.3.4:-:::::: cpe:2.3:a:php:php:4.3.4:rc1:::::: cpe:2.3:a:php:php:4.3.4:rc2:::::: cpe:2.3:a:php:php:4.3.4:rc3:::::: cpe:2.3:a:php:php:4.3.3:-:::::: cpe:2.3:a:php:php:4.3.3:rc1:::::: cpe:2.3:a:php:php:4.3.3:rc2:::::: cpe:2.3:a:php:php:4.3.3:rc3:::::: cpe:2.3:a:php:php:4.3.3:rc4:::::: cpe:2.3:a:php:php:4.3.2:-:::::: cpe:2.3:a:php:php:4.3.2:rc1:::::: cpe:2.3:a:php:php:4.3.2:rc2:::::: cpe:2.3:a:php:php:4.3.2:rc3:::::: cpe:2.3:a:php:php:4.3.2:rc4:::::: cpe:2.3:a:php:php:4.3.11:-:::::: cpe:2.3:a:php:php:4.3.11:rc1:::::: cpe:2.3:a:php:php:4.3.11:rc2:::::: cpe:2.3:a:php:php:4.3.10:-:::::: cpe:2.3:a:php:php:4.3.10:rc1:::::: cpe:2.3:a:php:php:4.3.10:rc2:::::: cpe:2.3:a:php:php:4.3.1:::::::* cpe:2.3:a:php:php:4.3.0:-:::::: cpe:2.3:a:php:php:4.3.0:alpha1:::::: cpe:2.3:a:php:php:4.3.0:alpha2:::::: cpe:2.3:a:php:php:4.3.0:alpha3:::::: cpe:2.3:a:php:php:4.3.0:dev:::::: cpe:2.3:a:php:php:4.3.0:pre1:::::: cpe:2.3:a:php:php:4.3.0:pre2:::::: cpe:2.3:a:php:php:4.3.0:rc1:::::: cpe:2.3:a:php:php:4.3.0:rc2:::::: cpe:2.3:a:php:php:4.3.0:rc3:::::: cpe:2.3:a:php:php:4.3.0:rc4:::::: cpe:2.3:a:php:php:4.2.3:-:::::: cpe:2.3:a:php:php:4.2.3:rc1:::::: cpe:2.3:a:php:php:4.2.3:rc2:::::: cpe:2.3:a:php:php:4.2.2:::::::* cpe:2.3:a:php:php:4.2.1:-:::::: cpe:2.3:a:php:php:4.2.1:rc1:::::: cpe:2.3:a:php:php:4.2.1:rc2:::::: cpe:2.3:a:php:php:4.2.0:-:::::: cpe:2.3:a:php:php:4.2.0:rc1:::::: cpe:2.3:a:php:php:4.2.0:rc2:::::: cpe:2.3:a:php:php:4.2.0:rc3:::::: cpe:2.3:a:php:php:4.2.0:rc4:::::: cpe:2.3:a:php:php:4.2::dev::::: cpe:2.3:a:php:php:4.1.2:::::::* cpe:2.3:a:php:php:4.1.1:::::::* cpe:2.3:a:php:php:4.1.0:-:::::: cpe:2.3:a:php:php:4.1.0:rc1:::::: cpe:2.3:a:php:php:4.1.0:rc2:::::: cpe:2.3:a:php:php:4.1.0:rc3:::::: cpe:2.3:a:php:php:4.1.0:rc4:::::: cpe:2.3:a:php:php:4.1.0:rc5:::::: cpe:2.3:a:php:php:4.0.7:rc3:::::: cpe:2.3:a:php:php:4.0.7:rc2:::::: cpe:2.3:a:php:php:4.0.7:rc4:::::: cpe:2.3:a:php:php:4.0.7:rc1:::::: cpe:2.3:a:php:php:4.0.7:-:::::: cpe:2.3:a:php:php:4.0.6:-:::::: cpe:2.3:a:php:php:4.0.6:rc1:::::: cpe:2.3:a:php:php:4.0.6:rc2:::::: cpe:2.3:a:php:php:4.0.6:rc3:::::: cpe:2.3:a:php:php:4.0.6:rc4:::::: cpe:2.3:a:php:php:4.0.5:-:::::: cpe:2.3:a:php:php:4.0.5:rc1:::::: cpe:2.3:a:php:php:4.0.5:rc2:::::: cpe:2.3:a:php:php:4.0.5:rc3:::::: cpe:2.3:a:php:php:4.0.5:rc4:::::: cpe:2.3:a:php:php:4.0.5:rc5:::::: cpe:2.3:a:php:php:4.0.5:rc6:::::: cpe:2.3:a:php:php:4.0.5:rc7:::::: cpe:2.3:a:php:php:4.0.5:rc8:::::: cpe:2.3:a:php:php:4.0.4pl1:::::::* cpe:2.3:a:php:php:4.0.4:patch1:::::: cpe:2.3:a:php:php:4.0.4:-:::::: cpe:2.3:a:php:php:4.0.4:rc1:::::: cpe:2.3:a:php:php:4.0.4:rc2:::::: cpe:2.3:a:php:php:4.0.4:rc3:::::: cpe:2.3:a:php:php:4.0.4:rc4:::::: cpe:2.3:a:php:php:4.0.4:rc5:::::: cpe:2.3:a:php:php:4.0.4:rc6:::::: cpe:2.3:a:php:php:4.0.3:::::::* cpe:2.3:a:php:php:4.0.3:patch1:::::: cpe:2.3:a:php:php:4.0.3:rc1:::::: cpe:2.3:a:php:php:4.0.3:rc2:::::: cpe:2.3:a:php:php:4.0.2:::::::* cpe:2.3:a:php:php:4.0.2:rc1:::::: cpe:2.3:a:php:php:4.0.1:patch2:::::: cpe:2.3:a:php:php:4.0.1:patch1:::::: cpe:2.3:a:php:php:4.0.1:-:::::: cpe:2.3:a:php:php:4.0.1:rc:::::: cpe:2.3:a:php:php:4.0.1:rc2:::::: cpe:2.3:a:php:php:4.0.0:::::::* cpe:2.3:a:php:php:4.0:beta1:::::: cpe:2.3:a:php:php:4.0:beta2:::::: cpe:2.3:a:php:php:4.0:beta3:::::: cpe:2.3:a:php:php:4.0:beta4:::::: cpe:2.3:a:php:php:4.0:beta_4_patch1:::::: cpe:2.3:a:php:php:4.0:rc1:::::: cpe:2.3:a:php:php:4.0:rc2:::::: cpe:2.3:a:php:php:4.0:-:::::: cpe:2.3:a:php:php:4:::::::* cpe:2.3:a:php:php:3.0.9:::::::* cpe:2.3:a:php:php:3.0.8:::::::* cpe:2.3:a:php:php:3.0.7:::::::* cpe:2.3:a:php:php:3.0.6:::::::* cpe:2.3:a:php:php:3.0.5:::::::* cpe:2.3:a:php:php:3.0.4:::::::* cpe:2.3:a:php:php:3.0.3:::::::* cpe:2.3:a:php:php:3.0.2:::::::* cpe:2.3:a:php:php:3.0.18:::::::* cpe:2.3:a:php:php:3.0.17:::::::* cpe:2.3:a:php:php:3.0.16:::::::* cpe:2.3:a:php:php:3.0.15:::::::* cpe:2.3:a:php:php:3.0.14:::::::* cpe:2.3:a:php:php:3.0.13:::::::* cpe:2.3:a:php:php:3.0.12:::::::* cpe:2.3:a:php:php:3.0.11:::::::* cpe:2.3:a:php:php:3.0.10:::::::* cpe:2.3:a:php:php:3.0.1:::::::* cpe:2.3:a:php:php:3.0:::::::* cpe:2.3:a:php:php:2.0b10:::::::* cpe:2.3:a:php:php:2.0.2:::::::* cpe:2.3:a:php:php:2.0.1:::::::* cpe:2.3:a:php:php:2.0.0:-:::::: cpe:2.3:a:php:php:2.0.0:alpha1:::::: cpe:2.3:a:php:php:2.0.0:alpha2:::::: cpe:2.3:a:php:php:2.0.0:beta1:::::: cpe:2.3:a:php:php:2.0.0:rc1:::::: cpe:2.3:a:php:php:2.0:::::::* cpe:2.3:a:php:php:1.5:::::::* cpe:2.3:a:php:php:1.4:::::::* cpe:2.3:a:php:php:1.3.5:::::::* cpe:2.3:a:php:php:1.3.1:::::::* cpe:2.3:a:php:php:1.3:-:::::: cpe:2.3:a:php:php:1.3:beta2:::::: cpe:2.3:a:php:php:1.3:beta3:::::: cpe:2.3:a:php:php:1.3:beta6:::::: cpe:2.3:a:php:php:1.2.5:::::::* cpe:2.3:a:php:php:1.2.4:::::::* cpe:2.3:a:php:php:1.2.3:::::::* cpe:2.3:a:php:php:1.2.2:::::::* cpe:2.3:a:php:php:1.2.1:::::::* cpe:2.3:a:php:php:1.2.0:::::::* cpe:2.3:a:php:php:1.2:::::::* cpe:2.3:a:php:php:1.1.1:::::::* cpe:2.3:a:php:php:1.1.0:::::::* cpe:2.3:a:php:php:1.1:::::::* cpe:2.3:a:php:php:1.0.4:::::::* cpe:2.3:a:php:php:1.0.3:::::::* cpe:2.3:a:php:php:1.0.2:::::::* cpe:2.3:a:php:php:1.0.1:::::::* cpe:2.3:a:php:php:1.0.0:-:::::: cpe:2.3:a:php:php:1.0.0:rc1:::::: cpe:2.3:a:php:php:1.0:beta1:::::: cpe:2.3:a:php:php:1.0:beta2:::::: cpe:2.3:a:php:php:1.0:beta3:::::: cpe:2.3:a:php:php:1.0:rc1:::::: cpe:2.3:a:php:php:1.0:rc2:::::: cpe:2.3:a:php:php:0.91:::::::* cpe:2.3:a:php:php:0.90:::::::* cpe:2.3:a:php:php:0.9.4:::::::* cpe:2.3:a:php:php:0.9.3:::::::* cpe:2.3:a:php:php:0.9.2:::::::* cpe:2.3:a:php:php:0.9.1:::::::* cpe:2.3:a:php:php:0.9.0:::::::* cpe:2.3:a:php:php:0.9:::::::* cpe:2.3:a:php:php:0.7:::::::* cpe:2.3:a:php:php:0.6:::::::* cpe:2.3:a:php:php:0.5.3:::::::* cpe:2.3:a:php:php:0.5.2:::::::* cpe:2.3:a:php:php:0.5:::::::* cpe:2.3:a:php:php:0.4:::::::* cpe:2.3:a:php:php:0.3:::::::* cpe:2.3:a:php:php:0.2.4:::::::* cpe:2.3:a:php:php:0.2.3:::::::* cpe:2.3:a:php:php:0.2.2:::::::* cpe:2.3:a:php:php:0.2.1:::::::* cpe:2.3:a:php:php:0.2.0:::::::* cpe:2.3:a:php:php:0.2:::::::* cpe:2.3:a:php:php:0.11:::::::* cpe:2.3:a:php:php:0.10:::::::* cpe:2.3:a:php:php:0.1.1:::::::* cpe:2.3:a:php:php:0.1:::::::* cpe:2.3:a:php:php:::::::: cpe:2.3:a:php:php:-:::::::*	283
Os	Canonical Ubuntu Linux cpe:2.3:o:canonical:ubuntu_linux:6.10:::::::* cpe:2.3:o:canonical:ubuntu_linux:6.06::::lts::: cpe:2.3:o:canonical:ubuntu_linux:5.10:::::::*	3

OpenVAS Exploits

Date	Description
2012-06-21	Name : PHP version smaller than 4.4.5 File : nvt/nopsec_php_4_4_5.nasl
2012-06-21	Name : PHP version smaller than 5.2.1 File : nvt/nopsec_php_5_2_1.nasl
2010-04-23	Name : PHP 5.2.0 and Prior Versions Multiple Vulnerabilities File : nvt/gb_php_22496.nasl
2009-10-10	Name : SLES9: Security update for PHP4 File : nvt/sles9p5017282.nasl
2009-04-09	Name : Mandriva Update for php MDKSA-2007:048 (php) File : nvt/gb_mandriva_MDKSA_2007_048.nasl
2009-03-23	Name : Ubuntu Update for php5 vulnerabilities USN-424-1 File : nvt/gb_ubuntu_USN_424_1.nasl
2009-03-23	Name : Ubuntu Update for php5 regression USN-424-2 File : nvt/gb_ubuntu_USN_424_2.nasl
2009-02-27	Name : Fedora Update for php FEDORA-2007-261 File : nvt/gb_fedora_2007_261_php_fc6.nasl
2009-02-27	Name : Fedora Update for php FEDORA-2007-287 File : nvt/gb_fedora_2007_287_php_fc5.nasl
2009-02-27	Name : Fedora Update for php FEDORA-2007-455 File : nvt/gb_fedora_2007_455_php_fc5.nasl
2009-02-27	Name : Fedora Update for php FEDORA-2007-526 File : nvt/gb_fedora_2007_526_php_fc5.nasl
2009-01-28	Name : SuSE Update for php4,php5 SUSE-SA:2007:032 File : nvt/gb_suse_2007_032.nasl
2008-09-24	Name : Gentoo Security Advisory GLSA 200703-21 (php) File : nvt/glsa_200703_21.nasl
2008-09-04	Name : php -- multiple vulnerabilities File : nvt/freebsd_php5-imap.nasl
2008-01-17	Name : Debian Security Advisory DSA 1264-1 (php4) File : nvt/deb_1264_1.nasl
0000-00-00	Name : Slackware Advisory SSA:2007-053-01 php File : nvt/esoft_slk_ssa_2007_053_01.nasl

Open Source Vulnerability Database (OSVDB)

Id	Description
32762	PHP on 64-bit zend_hash_init Function Remote DoS PHP contains a flaw that may all a context-dependent attacker to deny service. The issue occurs on 64-bit platforms when the zend_hash_init function unserializing certain expressions causing 32-bit arguments to be used after the check for a negative value. This may cause the application to enter an infinite loop and require a restart.

Nessus® Vulnerability Scanner

Date	Description
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2007-0076.nasl - Type : ACT_GATHER_INFO
2007-12-13	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_apache2-mod_php5-3290.nasl - Type : ACT_GATHER_INFO
2007-11-10	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-424-2.nasl - Type : ACT_GATHER_INFO
2007-11-10	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-424-1.nasl - Type : ACT_GATHER_INFO
2007-10-17	Name : The remote openSUSE host is missing a security update. File : suse_apache2-mod_php5-3289.nasl - Type : ACT_GATHER_INFO
2007-05-25	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-0082.nasl - Type : ACT_GATHER_INFO
2007-04-02	Name : The remote web server uses a version of PHP that is affected by multiple flaws. File : php_4_4_5.nasl - Type : ACT_GATHER_INFO
2007-04-02	Name : The remote web server uses a version of PHP that is affected by multiple flaws. File : php_5_2_1.nasl - Type : ACT_GATHER_INFO
2007-03-26	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200703-21.nasl - Type : ACT_GATHER_INFO
2007-03-12	Name : The remote Debian host is missing a security-related update. File : debian_DSA-1264.nasl - Type : ACT_GATHER_INFO
2007-02-27	Name : The remote Fedora Core host is missing a security update. File : fedora_2007-287.nasl - Type : ACT_GATHER_INFO
2007-02-23	Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2007-048.nasl - Type : ACT_GATHER_INFO
2007-02-23	Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2007-053-01.nasl - Type : ACT_GATHER_INFO
2007-02-23	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-0081.nasl - Type : ACT_GATHER_INFO
2007-02-23	Name : The remote Fedora Core host is missing a security update. File : fedora_2007-261.nasl - Type : ACT_GATHER_INFO
2007-02-21	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-0076.nasl - Type : ACT_GATHER_INFO
2007-02-21	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2007-0076.nasl - Type : ACT_GATHER_INFO
2007-02-18	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_7fcf1727be7111dbb2ec000c6ec775d9.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

Source	Url
BUGTRAQ	http://www.securityfocus.com/archive/1/461462/100/0/threaded
CONFIRM	http://support.avaya.com/elmodocs2/security/ASA-2007-101.htm http://support.avaya.com/elmodocs2/security/ASA-2007-136.htm https://issues.rpath.com/browse/RPL-1088
DEBIAN	http://www.us.debian.org/security/2007/dsa-1264
GENTOO	http://security.gentoo.org/glsa/glsa-200703-21.xml
HP	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=... http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=...
MANDRIVA	http://www.mandriva.com/security/advisories?name=MDKSA-2007:048
MISC	http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=228858 http://www.php-security.org/MOPB/MOPB-05-2007.html http://www.php.net/releases/5_2_1.php
OPENPKG	http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.010.html
OSVDB	http://osvdb.org/32762
OVAL	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova...
REDHAT	http://rhn.redhat.com/errata/RHSA-2007-0089.html http://www.redhat.com/support/errata/RHSA-2007-0076.html http://www.redhat.com/support/errata/RHSA-2007-0081.html http://www.redhat.com/support/errata/RHSA-2007-0082.html http://www.redhat.com/support/errata/RHSA-2007-0088.html
SECTRACK	http://www.securitytracker.com/id?1017671
SECUNIA	http://secunia.com/advisories/24195 http://secunia.com/advisories/24217 http://secunia.com/advisories/24236 http://secunia.com/advisories/24248 http://secunia.com/advisories/24284 http://secunia.com/advisories/24295 http://secunia.com/advisories/24322 http://secunia.com/advisories/24419 http://secunia.com/advisories/24421 http://secunia.com/advisories/24432 http://secunia.com/advisories/24606 http://secunia.com/advisories/24642 http://secunia.com/advisories/25056 http://secunia.com/advisories/25423 http://secunia.com/advisories/25850
SGI	ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc
SREASON	http://securityreason.com/securityalert/2315
SUSE	http://www.novell.com/linux/security/advisories/2007_32_php.html
TRUSTIX	http://www.trustix.org/errata/2007/0009/
UBUNTU	http://www.ubuntu.com/usn/usn-424-1 http://www.ubuntu.com/usn/usn-424-2
VUPEN	http://www.vupen.com/english/advisories/2007/1991 http://www.vupen.com/english/advisories/2007/2374
XF	https://exchange.xforce.ibmcloud.com/vulnerabilities/32709

Alert History

If you want to see full details history, please login or register.

Date	Informations
2024-02-02 01:06:01	Multiple Updates
2024-02-01 12:02:11	Multiple Updates
2023-09-05 12:05:37	Multiple Updates
2023-09-05 01:02:02	Multiple Updates
2023-09-02 12:05:42	Multiple Updates
2023-09-02 01:02:03	Multiple Updates
2023-08-12 12:06:41	Multiple Updates
2023-08-12 01:02:03	Multiple Updates
2023-08-11 12:05:46	Multiple Updates
2023-08-11 01:02:06	Multiple Updates
2023-08-06 12:05:29	Multiple Updates
2023-08-06 01:02:04	Multiple Updates
2023-08-04 12:05:35	Multiple Updates
2023-08-04 01:02:07	Multiple Updates
2023-07-14 12:05:33	Multiple Updates
2023-07-14 01:02:05	Multiple Updates
2023-03-29 01:06:13	Multiple Updates
2023-03-28 12:02:10	Multiple Updates
2022-10-11 12:04:54	Multiple Updates
2022-10-11 01:01:55	Multiple Updates
2021-05-04 12:05:53	Multiple Updates
2021-04-22 01:06:25	Multiple Updates
2020-05-23 01:37:51	Multiple Updates
2020-05-23 00:19:18	Multiple Updates
2019-10-10 05:19:25	Multiple Updates
2019-06-08 12:02:00	Multiple Updates
2019-03-19 12:02:22	Multiple Updates
2018-11-30 12:02:00	Multiple Updates
2018-10-31 00:19:47	Multiple Updates
2018-10-20 00:19:36	Multiple Updates
2018-10-16 21:19:50	Multiple Updates
2018-10-04 12:04:37	Multiple Updates
2017-10-11 09:23:51	Multiple Updates
2017-07-29 12:02:02	Multiple Updates
2016-10-05 01:00:29	Multiple Updates
2016-06-28 16:12:43	Multiple Updates
2016-04-27 09:26:12	Multiple Updates
2016-04-26 15:46:53	Multiple Updates
2014-02-17 10:39:10	Multiple Updates
2013-05-11 10:19:27	Multiple Updates

Global Informations

Type	Count
CWE ID(s)	1
Oval ID(s)	1
CPE ID(s)	286
Sources(s)	45
osvdb(s)	1
Openvas Exploit(s)	16
Nessus® Exploit(s)	18

	Related
10	USN-424-2
10	USN-424-1
10	RHSA-2007:0088
10	RHSA-2007:0082
10	RHSA-2007:0081
10	RHSA-2007:0076
10	DSA-1264
7.5	HPSBTU02232 SSR...
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 8 more Alert(s)

4.3 - CVE-2007-0988

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

Original Source

CWE : Common Weakness Enumeration

OVAL Definitions

CPE : Common Platform Enumeration

OpenVAS Exploits

Open Source Vulnerability Database (OSVDB)

Nessus® Vulnerability Scanner

Sources (Detail)

Alert History

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU