CVE-2007-4657 — HIGH (7.5) — White Hats Nepal

Q: How severe is CVE-2007-4657?

CVE-2007-4657 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2007-4657?

Check the references section above for vendor advisories and patch information. Affected products include: Php Php, Debian Debian Linux, Canonical Ubuntu Linux.

Vulnerability Description

Multiple integer overflows in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, allow remote attackers to obtain sensitive information (memory contents) or cause a denial of service (thread crash) via a large len value to the (1) strspn or (2) strcspn function, which triggers an out-of-bounds read. NOTE: this affects different product versions than CVE-2007-3996.

CVSS Score

7.5

HIGH

AV:N/AC:L/Au:N/C:P/I:P/A:P

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

Affected Products

Vendor	Product	Versions
Php	Php	>= 4.0.0, < 4.4.8
Debian	Debian Linux	3.1
Canonical	Ubuntu Linux	6.06

Related Weaknesses (CWE)

CWE-119 CWE-189

References

http://secunia.com/advisories/26642Third Party Advisory
http://secunia.com/advisories/26822Third Party Advisory
http://secunia.com/advisories/26838Third Party Advisory
http://secunia.com/advisories/27102Third Party Advisory
http://secunia.com/advisories/27377Third Party Advisory
http://secunia.com/advisories/27864Third Party Advisory
http://secunia.com/advisories/28249Third Party Advisory
http://secunia.com/advisories/28318Third Party Advisory
http://secunia.com/advisories/28936Third Party Advisory
http://secunia.com/advisories/30288Third Party Advisory
http://secweb.se/en/advisories/php-strcspn-information-leak-vulnerability/Third Party Advisory
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackwareMailing ListThird Party Advisory
http://www.debian.org/security/2008/dsa-1444Third Party Advisory
http://www.debian.org/security/2008/dsa-1578Third Party Advisory
http://www.gentoo.org/security/en/glsa/glsa-200710-02.xmlThird Party Advisory

FAQ

What is CVE-2007-4657?

CVE-2007-4657 is a vulnerability with a CVSS score of 7.5 (HIGH). Multiple integer overflows in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, allow remote attackers to obtain sensitive information (memory contents) or cause a denial of service (thread crash) via a lar...

How severe is CVE-2007-4657?

CVE-2007-4657 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2007-4657?

Check the references section above for vendor advisories and patch information. Affected products include: Php Php, Debian Debian Linux, Canonical Ubuntu Linux.