Vulnerability Description
Buffer overflow in the imap_mail_compose function in PHP 5 before 5.2.1, and PHP 4 before 4.4.5, allows remote attackers to execute arbitrary code via a long boundary string in a type.parameters field. NOTE: as of 20070411, it appears that this issue might be subsumed by CVE-2007-0906.3.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Php | Php | 4.0.0 |
References
- http://www.php-security.org/MOPB/MOPB-40-2007.htmlExploit
- http://www.securityfocus.com/bid/23234Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33534
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- http://www.php-security.org/MOPB/MOPB-40-2007.htmlExploit
- http://www.securityfocus.com/bid/23234Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33534
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
FAQ
What is CVE-2007-1825?
CVE-2007-1825 is a vulnerability with a CVSS score of 7.5 (HIGH). Buffer overflow in the imap_mail_compose function in PHP 5 before 5.2.1, and PHP 4 before 4.4.5, allows remote attackers to execute arbitrary code via a long boundary string in a type.parameters field...
How severe is CVE-2007-1825?
CVE-2007-1825 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-1825?
Check the references section above for vendor advisories and patch information. Affected products include: Php Php.