CVE-2007-5898

Published: Nov 20, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

The (1) htmlentities and (2) htmlspecialchars functions in PHP before 5.2.5 accept partial multibyte sequences, which has unknown impact and attack vectors, a different issue than CVE-2006-5465.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://www.php.net/ChangeLog-5.php#5.2.5

x_refsource_CONFIRM

https://launchpad.net/bugs/173043

x_refsource_CONFIRM

RHSA-2008:0546

vendor-advisory

x_refsource_REDHAT

FEDORA-2008-3864

vendor-advisory

x_refsource_FEDORA

SUSE-SA:2008:004

vendor-advisory

x_refsource_SUSE

https://issues.rpath.com/browse/RPL-1943

x_refsource_CONFIRM

28658

third-party-advisory

x_refsource_SECUNIA

30828

third-party-advisory

x_refsource_SECUNIA

DSA-1444

vendor-advisory

x_refsource_DEBIAN

RHSA-2008:0582

vendor-advisory

x_refsource_REDHAT

USN-628-1

vendor-advisory

x_refsource_UBUNTU

RHSA-2008:0545

vendor-advisory

x_refsource_REDHAT

27864

third-party-advisory

x_refsource_SECUNIA

1018934

vdb-entry

x_refsource_SECTRACK

31124

third-party-advisory

x_refsource_SECUNIA

31119

third-party-advisory

x_refsource_SECUNIA

30040

third-party-advisory

x_refsource_SECUNIA

http://www.php.net/releases/5_2_5.php

x_refsource_CONFIRM

27659

third-party-advisory

x_refsource_SECUNIA

31200

third-party-advisory

x_refsource_SECUNIA

USN-549-1

vendor-advisory

x_refsource_UBUNTU

oval:org.mitre.oval:def:10080

vdb-entry

signature

x_refsource_OVAL

SSRT080056

vendor-advisory

x_refsource_HP

RHSA-2008:0544

vendor-advisory

x_refsource_REDHAT

27648

third-party-advisory

x_refsource_SECUNIA

28249

third-party-advisory

x_refsource_SECUNIA

MDVSA-2008:125

vendor-advisory

x_refsource_MANDRIVA

HPSBUX02332

vendor-advisory

x_refsource_HP

http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0242

x_refsource_CONFIRM

RHSA-2008:0505

vendor-advisory

x_refsource_REDHAT

USN-549-2

vendor-advisory

x_refsource_UBUNTU

MDVSA-2008:126

vendor-advisory

x_refsource_MANDRIVA

MDVSA-2008:127

vendor-advisory

x_refsource_MANDRIVA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2007-5898

Description

Affected Products

References