Back to search
CVE-2007-3806
Published: Jul 17, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
The glob function in PHP 5.2.3 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via an invalid value of the flags parameter, probably related to memory corruption or an invalid read on win32 platforms, and possibly related to lack of initialization for a glob structure.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
30288
third-party-advisory
x_refsource_SECUNIA
36085
vdb-entry
x_refsource_OSVDB
ADV-2007-2547
vdb-entry
x_refsource_VUPEN
php-glob-security-bypass(35437)
vdb-entry
x_refsource_XF
4181
exploit
x_refsource_EXPLOIT-DB
DSA-1572
vendor-advisory
x_refsource_DEBIAN
GLSA-200710-02
vendor-advisory
x_refsource_GENTOO
http://www.php.net/ChangeLog-5.php#5.2.4
x_refsource_CONFIRM
30158
third-party-advisory
x_refsource_SECUNIA
26085
third-party-advisory
x_refsource_SECUNIA
DSA-1578
vendor-advisory
x_refsource_DEBIAN
27102
third-party-advisory
x_refsource_SECUNIA
http://www.php.net/releases/5_2_4.php
x_refsource_CONFIRM
24922
vdb-entry
x_refsource_BID
25498
vdb-entry
x_refsource_BID
26642
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now