1. Home
  2. CVE Database
  3. CVE-2007-5898
MEDIUM · 6.4

CVE-2007-5898

The (1) htmlentities and (2) htmlspecialchars functions in PHP before 5.2.5 accept partial multibyte sequences, which has unknown impact and attack vectors, a different issue than CVE-2006-5465.

Vulnerability Description

The (1) htmlentities and (2) htmlspecialchars functions in PHP before 5.2.5 accept partial multibyte sequences, which has unknown impact and attack vectors, a different issue than CVE-2006-5465.

CVSS Score

6.4

MEDIUM

AV:N/AC:L/Au:N/C:P/I:P/A:N
Confidentiality
PARTIAL
Integrity
PARTIAL
Availability
NONE

Affected Products

VendorProductVersions
PhpPhp<= 5.2.4

References

FAQ

What is CVE-2007-5898?

CVE-2007-5898 is a vulnerability with a CVSS score of 6.4 (MEDIUM). The (1) htmlentities and (2) htmlspecialchars functions in PHP before 5.2.5 accept partial multibyte sequences, which has unknown impact and attack vectors, a different issue than CVE-2006-5465.

How severe is CVE-2007-5898?

CVE-2007-5898 has been rated MEDIUM with a CVSS base score of 6.4/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2007-5898?

Check the references section above for vendor advisories and patch information. Affected products include: Php Php.