Vulnerability Description
Multiple buffer overflows in PHP before 5.2.1 allow attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors in the (1) session, (2) zip, (3) imap, and (4) sqlite extensions; (5) stream filters; and the (6) str_replace, (7) mail, (8) ibase_delete_user, (9) ibase_add_user, and (10) ibase_modify_user functions. NOTE: vector 6 might actually be an integer overflow (CVE-2007-1885). NOTE: as of 20070411, vector (3) might involve the imap_mail_compose function (CVE-2007-1825).
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Php | Php | 3.0 |
| Trustix | Secure Linux | 2.2 |
Related Weaknesses (CWE)
References
- ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc
- http://lists.opensuse.org/opensuse-security-announce/2007-07/msg00006.html
- http://lists.suse.com/archive/suse-security-announce/2007-Mar/0003.html
- http://osvdb.org/34706
- http://osvdb.org/34707
- http://osvdb.org/34708
- http://osvdb.org/34709
- http://osvdb.org/34710
- http://osvdb.org/34711
- http://osvdb.org/34712
- http://osvdb.org/34713
- http://osvdb.org/34714
- http://osvdb.org/34715
- http://rhn.redhat.com/errata/RHSA-2007-0089.htmlVendor Advisory
- http://secunia.com/advisories/24089Vendor Advisory
FAQ
What is CVE-2007-0906?
CVE-2007-0906 is a vulnerability with a CVSS score of 7.5 (HIGH). Multiple buffer overflows in PHP before 5.2.1 allow attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors in the (1) session, (2) zip, (3) imap, and (4) sq...
How severe is CVE-2007-0906?
CVE-2007-0906 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-0906?
Check the references section above for vendor advisories and patch information. Affected products include: Php Php, Trustix Secure Linux.