CVE-2007-4657
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Multiple integer overflows in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, allow remote attackers to obtain sensitive information (memory contents) or cause a denial of service (thread crash) via a large len value to the (1) strspn or (2) strcspn function, which triggers an out-of-bounds read. NOTE: this affects different product versions than CVE-2007-3996.
Múltiples desbordamientos de entero en PHP 4 anterior a 4.4.8, y PHP 5 anterior a 5.2.4, permite a atacantes remotos obtener información sensible (contenido de memoria) o provocar denegación de servicio (caida de hilo) a través de un valor de len grande en la función (1) strspn o (2) strcspn, lo cual dispara un lectura fuera de límite. NOTA: estos afecta a diferentes versiones de producto que al CVE-2007-3996.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2007-09-04 CVE Reserved
- 2007-09-04 CVE Published
- 2024-08-07 CVE Updated
- 2024-08-15 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
- CWE-189: Numeric Errors
CAPEC
References (29)
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.php.net/ChangeLog-5.php#5.2.4 | 2018-10-26 |
| URL | Date | SRC |
|---|---|---|
| http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.335136 | 2018-10-26 | |
| http://www.debian.org/security/2008/dsa-1444 | 2018-10-26 | |
| http://www.debian.org/security/2008/dsa-1578 | 2018-10-26 | |
| http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml | 2018-10-26 | |
| http://www.php.net/ChangeLog-4.php | 2018-10-26 | |
| http://www.php.net/releases/4_4_8.php | 2018-10-26 | |
| http://www.php.net/releases/5_2_4.php | 2018-10-26 | |
| http://www.trustix.org/errata/2007/0026 | 2018-10-26 | |
| http://www.ubuntu.com/usn/usn-549-2 | 2018-10-26 | |
| https://usn.ubuntu.com/549-1 | 2018-10-26 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | >= 4.0.0 < 4.4.8 Search vendor "Php" for product "Php" and version " >= 4.0.0 < 4.4.8" | - |
Affected
| ||||||
| Php Search vendor "Php" | Php Search vendor "Php" for product "Php" | >= 5.0.0 < 5.2.4 Search vendor "Php" for product "Php" and version " >= 5.0.0 < 5.2.4" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 3.1 Search vendor "Debian" for product "Debian Linux" and version "3.1" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 4.0 Search vendor "Debian" for product "Debian Linux" and version "4.0" | - |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 6.06 Search vendor "Canonical" for product "Ubuntu Linux" and version "6.06" | lts |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 6.10 Search vendor "Canonical" for product "Ubuntu Linux" and version "6.10" | - |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 7.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "7.04" | - |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 7.10 Search vendor "Canonical" for product "Ubuntu Linux" and version "7.10" | - |
Affected
| ||||||