VDB
CVE-2007-4657
CVE-2007-4657
PUBLISHED
CVSS 7.5 HIGH
Multiple integer overflows in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, allow remote attackers to obtain sensitive information (memory contents) or cause a denial of service (thread crash) via a large len value to the (1) strspn or (2) strcspn function, which triggers an out-of-bounds read. NOTE: this affects different product versions than CVE-2007-3996.
EPSS 3.14% · 87.1th percentile
Risk Scores
CVSS v2.0
7.5
EPSS Score
3.14%
87.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| canonical | ubuntu_linux | 6.06, 6.10, 7.04 |
| debian | debian_linux | 3.1, 4.0 |
| php | php | 4.0.0, 5.0.0 |
Timeline
- Sep 4, 2007 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 17, 2022 EPSS Score
- Feb 8, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- May 24, 2023 EPSS Score
- Jul 15, 2023 EPSS Score
- Sep 6, 2023 EPSS Score
References
- 30288 third-party-advisory
- php-strcspn-overflow(36388) vdb
- 26822 third-party-advisory
- https://launchpad.net/bugs/173043 url
- ADV-2008-0059 vdb
- DSA-1444 vendor-advisory
- GLSA-200710-02 vendor-advisory
- 27864 third-party-advisory
- http://www.php.net/releases/4_4_8.php url
- SSA:2008-045-03 vendor-advisory
- http://www.php.net/ChangeLog-5.php#5.2.4 url
- 28936 third-party-advisory
- 2007-0026 vendor-advisory
- USN-549-1 vendor-advisory
- https://issues.rpath.com/browse/RPL-1693 url
- http://secweb.se/en/advisories/php-strcspn-information-leak-vulnerability/ url
- 28249 third-party-advisory
- DSA-1578 vendor-advisory
- https://issues.rpath.com/browse/RPL-1702 url
- 26838 third-party-advisory
…and 13 more