7.5

CVE-2007-4662

Buffer overflow in the php_openssl_make_REQ function in PHP before 5.2.4 has unknown impact and attack vectors.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
PhpPhp Version <= 5.2.3
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.38% 0.872
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

http://secunia.com/advisories/26642
Patch
Vendor Advisory
http://secunia.com/advisories/27864
http://www.php.net/ChangeLog-5.php#5.2.4
http://www.php.net/releases/5_2_4.php
Patch
http://www.ubuntu.com/usn/usn-549-2
https://launchpad.net/bugs/173043
https://usn.ubuntu.com/549-1/
http://secunia.com/advisories/27102
http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml
http://secunia.com/advisories/27377
https://issues.rpath.com/browse/RPL-1693
http://secunia.com/advisories/26838
https://issues.rpath.com/browse/RPL-1702
http://secunia.com/advisories/26822
http://www.trustix.org/errata/2007/0026/
http://www.vupen.com/english/advisories/2007/3023
http://secunia.com/advisories/28249
http://www.debian.org/security/2008/dsa-1444
https://exchange.xforce.ibmcloud.com/vulnerabilities/36390