Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2007-1900

Published: 10/04/2007 Updated: 11/10/2017
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Subscribe to Php

Vulnerability Summary

CRLF injection vulnerability in the FILTER_VALIDATE_EMAIL filter in ext/filter in PHP 5.2.0 and 5.2.1 allows context-dependent malicious users to inject arbitrary e-mail headers via an e-mail address with a '\n' character, which causes a regular expression to ignore the subsequent part of the address string.

Vulnerable Product Search on Vulmon Subscribe to Product

php php 5.2.1

php php 5.2.0

Vendor Advisories

Ubuntu Security Notice: php5 vulnerabilities
Stefan Esser discovered multiple vulnerabilities in the “Month of PHP bugs” ...
Debian Security Advisories: DSA-1283-1 php5 -- several vulnerabilities
Several remote vulnerabilities have been discovered in PHP, a server-side, HTML-embedded scripting language, which may lead to the execution of arbitrary code The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2007-1286 Stefan Esser discovered an overflow in the object reference handling code of the un ...

References

NVD-CWE-Otherhttp://www.php-security.org/MOPB/PMOPB-45-2007.htmlhttp://www.securityfocus.com/bid/23359http://secunia.com/advisories/24824http://www.debian.org/security/2007/dsa-1283http://www.ubuntu.com/usn/usn-455-1http://secunia.com/advisories/25062http://secunia.com/advisories/25057http://www.osvdb.org/33962http://www.php.net/releases/5_2_3.phphttps://www.redhat.com/archives/fedora-package-announce/2007-September/msg00397.htmlhttp://security.gentoo.org/glsa/glsa-200705-19.xmlhttp://www.gentoo.org/security/en/glsa/glsa-200710-02.xmlhttp://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.482863http://www.novell.com/linux/security/advisories/2007_32_php.htmlhttp://www.trustix.org/errata/2007/0023/http://secunia.com/advisories/25056http://secunia.com/advisories/25445http://secunia.com/advisories/25535http://secunia.com/advisories/26231http://secunia.com/advisories/27037http://secunia.com/advisories/27110http://secunia.com/advisories/27102http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795http://www.vupen.com/english/advisories/2007/3386http://www.vupen.com/english/advisories/2007/2016https://exchange.xforce.ibmcloud.com/vulnerabilities/33510https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6067https://usn.ubuntu.com/455-1/https://nvd.nist.gov
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypassCVE-2024-30051remoteCVE-2024-27954CVE-2023-51483CVE-2023-47782SSRFCVE-2024-24715CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook