Vulnerability Description
The output_add_rewrite_var function in PHP before 5.2.5 rewrites local forms in which the ACTION attribute references a non-local URL, which allows remote attackers to obtain potentially sensitive information by reading the requests for this URL, as demonstrated by a rewritten form containing a local session ID.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Php | Php | <= 5.2.4 |
Related Weaknesses (CWE)
References
- http://bugs.php.net/bug.php?id=42869
- http://osvdb.org/38918
- http://secunia.com/advisories/27659
- http://secunia.com/advisories/27864
- http://secunia.com/advisories/28249
- http://secunia.com/advisories/30040
- http://secunia.com/advisories/30828
- http://secunia.com/advisories/31119
- http://secunia.com/advisories/31124
- http://secunia.com/advisories/31200
- http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0242
- http://www.debian.org/security/2008/dsa-1444
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:125
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:126
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:127
FAQ
What is CVE-2007-5899?
CVE-2007-5899 is a vulnerability with a CVSS score of 4.3 (MEDIUM). The output_add_rewrite_var function in PHP before 5.2.5 rewrites local forms in which the ACTION attribute references a non-local URL, which allows remote attackers to obtain potentially sensitive inf...
How severe is CVE-2007-5899?
CVE-2007-5899 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-5899?
Check the references section above for vendor advisories and patch information. Affected products include: Php Php.