Published: 02/04/2007 Updated: 30/10/2018

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Buffer overflow in the imap_mail_compose function in PHP 5 prior to 5.2.1, and PHP 4 prior to 4.4.5, allows remote malicious users to execute arbitrary code via a long boundary string in a type.parameters field. NOTE: as of 20070411, it appears that this issue might be subsumed by CVE-2007-0906.3.

Vulnerable Product	Search on Vulmon	Subscribe to Product
php php 4.0.0
php php 4.0.1
php php 4.0.2
php php 4.0.7
php php 4.2.2
php php 4.2.3
php php 4.3.3
php php 4.3.4
php php 4.4.1
php php 4.4.2
php php 5.0.5
php php 5.0
php php 5.1.3
php php 5.1.4
php php 4.0.5
php php 4.0.6
php php 4.2.0
php php 4.2.1
php php 4.3.11
php php 4.3.2
php php 4.3.9
php php 4.4.0
php php 5.0.3
php php 5.0.4
php php 5.1.1
php php 5.1.2
php php 4.0.4
php php 4.1.0
php php 4.1.1
php php 4.1.2
php php 4.3.1
php php 4.3.10
php php 4.3.7
php php 4.3.8
php php 5.0.0
php php 5.0.1
php php 5.0.2
php php 5.1.0
php php 4.0.3
php php 4.2
php php 4.3.0
php php 4.3.5
php php 4.3.6
php php 4.4.3
php php 4.4.4
php php 5.1.5
php php 5.1.6

source: wwwsecurityfocuscom/bid/23234/info PHP is prone to a buffer-overflow vulnerability because the application fails to perform boundary checks before copying user-supplied data to insufficiently sized memory buffers An attacker can exploit this issue to execute arbitrary machine code in the context of the affected webserver Failed ...

NVD-CWE-Other http://www.php-security.org/MOPB/MOPB-40-2007.html http://www.securityfocus.com/bid/23234 https://exchange.xforce.ibmcloud.com/vulnerabilities/33534 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10377 https://nvd.nist.gov https://www.exploit-db.com/exploits/29807/

CVE-2007-1825

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect