QwikSec

Security Database

CVE

CWE

Training

CVE-2007-0906

Published: Feb 13, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

Multiple buffer overflows in PHP before 5.2.1 allow attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors in the (1) session, (2) zip, (3) imap, and (4) sqlite extensions; (5) stream filters; and the (6) str_replace, (7) mail, (8) ibase_delete_user, (9) ibase_add_user, and (10) ibase_modify_user functions. NOTE: vector 6 might actually be an integer overflow (CVE-2007-1885). NOTE: as of 20070411, vector (3) might involve the imap_mail_compose function (CVE-2007-1825).

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vendor-advisory

x_refsource_DEBIAN

third-party-advisory

x_refsource_SECUNIA

vendor-advisory

x_refsource_TRUSTIX

OpenPKG-SA-2007.010

vendor-advisory

x_refsource_OPENPKG

third-party-advisory

x_refsource_SECUNIA

vdb-entry

x_refsource_OSVDB

vdb-entry

x_refsource_SECTRACK

third-party-advisory

x_refsource_SECUNIA

third-party-advisory

x_refsource_SECUNIA

vdb-entry

x_refsource_OSVDB

third-party-advisory

x_refsource_SECUNIA

20070418 rPSA-2007-0073-1 php php-mysql php-pgsql

mailing-list

x_refsource_BUGTRAQ

third-party-advisory

x_refsource_SECUNIA

http://support.avaya.com/elmodocs2/security/ASA-2007-101.htm

x_refsource_CONFIRM

vdb-entry

x_refsource_OSVDB

third-party-advisory

x_refsource_SECUNIA

vdb-entry

x_refsource_OSVDB

third-party-advisory

x_refsource_SECUNIA

vdb-entry

x_refsource_BID

https://issues.rpath.com/browse/RPL-1088

x_refsource_CONFIRM

third-party-advisory

x_refsource_SECUNIA

vendor-advisory

x_refsource_UBUNTU

vdb-entry

x_refsource_OSVDB

http://www.php.net/releases/5_2_1.php

x_refsource_CONFIRM

vdb-entry

x_refsource_OSVDB

vendor-advisory

x_refsource_GENTOO

third-party-advisory

x_refsource_SECUNIA

third-party-advisory

x_refsource_SECUNIA

third-party-advisory

x_refsource_SECUNIA

SUSE-SA:2007:020

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_REDHAT

third-party-advisory

x_refsource_SECUNIA

third-party-advisory

x_refsource_SECUNIA

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_REDHAT

https://issues.rpath.com/browse/RPL-1268

x_refsource_CONFIRM

vdb-entry

x_refsource_OSVDB

vdb-entry

x_refsource_OSVDB

20070227 rPSA-2007-0043-1 php php-mysql php-pgsql

mailing-list

x_refsource_BUGTRAQ

http://support.avaya.com/elmodocs2/security/ASA-2007-136.htm

x_refsource_CONFIRM

vendor-advisory

x_refsource_REDHAT

vdb-entry

x_refsource_OSVDB

vdb-entry

x_refsource_OSVDB

vdb-entry

x_refsource_OSVDB

http://www.php.net/ChangeLog-5.php#5.2.1

x_refsource_CONFIRM

vendor-advisory

x_refsource_MANDRIVA

oval:org.mitre.oval:def:8992

vdb-entry

signature

x_refsource_OVAL

vendor-advisory

x_refsource_UBUNTU

vendor-advisory

x_refsource_REDHAT

third-party-advisory

x_refsource_SECUNIA

third-party-advisory

x_refsource_SECUNIA

vdb-entry

x_refsource_VUPEN

SUSE-SA:2007:044

vendor-advisory

x_refsource_SUSE

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.