QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2007-2728

Back to search

CVE-2007-2728

Published: May 16, 2007

Modified: Aug 29, 2024

PUBLISHED

Description

The soap extension in PHP calls php_rand_r with an uninitialized seed variable, which has unknown impact and attack vectors, a related issue to the mcrypt_create_iv issue covered by CVE-2007-2727. Note: The PHP team argue that this is not a valid security issue.

VendorProductVersions

n/a

n/a

affected
n/a

References

25306
third-party-advisory
ADV-2007-1839
vdb-entry
USN-485-1
vendor-advisory
MDKSA-2007:187
vendor-advisory
26895
third-party-advisory
26102
third-party-advisory
36086
vdb-entry
SUSE-SR:2007:015
vendor-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now