PHP 5.2.0 And Prior Versions Multiple Vulnerabilities Network Vulnerability

Summary

PHP 5.2.0 and prior versions are prone to multiple security vulnerabilities. Successful exploits could allow an attacker to write files in unauthorized locations, cause a denial-of-service condition, and potentially execute code. These issues are reported to affect PHP 4.4.4 and prior versions in the 4 branch, and 5.2.0 and prior versions in the 5 branch other versions may also be vulnerable.

Solution

The vendor has released updates to address these issues. Contact the vendor for details on obtaining and applying the appropriate updates. Please see the advisories for more information.

References

http://rhn.redhat.com/errata/RHSA-2007-0076.html
http://rhn.redhat.com/errata/RHSA-2007-0081.html#Red%20Hat%20Linux%20Advanced%20Workstation%202.1%20for%20the%20Itanium%20Processor
http://rhn.redhat.com/errata/RHSA-2007-0082.html
http://rhn.redhat.com/errata/RHSA-2007-0089.html
http://support.avaya.com/elmodocs2/security/ASA-2007-101.htm
http://support.avaya.com/elmodocs2/security/ASA-2007-136.htm
http://www.novell.com/linux/security/advisories/2007_44_php.html
http://www.php.net/ChangeLog-5.php#5.2.1
http://www.php.net/releases/5_2_1.php
http://www.securityfocus.com/bid/22496

Updated on 2015-03-25

Severity

Classification

CVE CVE-2007-0905, CVE-2007-0906, CVE-2007-0907, CVE-2007-0908, CVE-2007-0909, CVE-2007-0910

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

AstroSPACES profile.php SQL Injection Vulnerability
Adobe ColdFusion Multiple Vulnerabilities-01 May-2014
AWStats configdir parameter arbitrary cmd exec
aflog Cookie-Based Authentication Bypass Vulnerability
AdMentor Login Flaw

PHP 5.2.0 and Prior Versions Multiple Vulnerabilities

Take action and discover your vulnerabilities