CVE-2007-0314
published 2007-01-18CVE-2007-0314: Multiple PHP remote file inclusion vulnerabilities in Article System 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the INCLUDE_DIR…
PriorityP341high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
2.34%
81.5th percentile
Multiple PHP remote file inclusion vulnerabilities in Article System 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the INCLUDE_DIR parameter to (1) forms.php, (2) issue_edit.php, (3) client.php, and (4) classes.php.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| article_system | article_system | — | — |
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vendor_redhat7.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-946x-7rf8-7gwg: Multiple PHP remote file inclusion vulnerabilities in Article System 1
ghsa_unreviewed·2022-05-01
CVE-2007-0314 [HIGH] GHSA-946x-7rf8-7gwg: Multiple PHP remote file inclusion vulnerabilities in Article System 1
Multiple PHP remote file inclusion vulnerabilities in Article System 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the INCLUDE_DIR parameter to (1) forms.php, (2) issue_edit.php, (3) client.php, and (4) classes.php.
Red Hat
kernel: ipv6_hop_jumbo remote system crash
vendor_redhat·2007-09-07·CVSS 7.8
CVE-2007-4567 [HIGH] CWE-228 kernel: ipv6_hop_jumbo remote system crash
kernel: ipv6_hop_jumbo remote system crash
The ipv6_hop_jumbo function in net/ipv6/exthdrs.c in the Linux kernel before 2.6.22 does not properly validate the hop-by-hop IPv6 extended header, which allows remote attackers to cause a denial of service (NULL pointer dereference and kernel panic) via a crafted IPv6 packet.
Statement: This issue did not affect the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 3, 4 and Red Hat Enterprise MRG. Shipped kernels do not include upstream commit a11d206d that introduced the problem.
This upstream commit was backported in Red Hat Enterprise Linux 5 via RHBA-2008:0314. It was reported and addressed in Red Hat Enterprise Linux 5 via RHSA-2010:0019.
No detection rules found.
Bugzilla
CVE-2007-4567 kernel: ipv6_hop_jumbo remote system crash
bugzilla·2009-12-18·CVSS 7.8
CVE-2007-4567 [HIGH] CVE-2007-4567 kernel: ipv6_hop_jumbo remote system crash
CVE-2007-4567 kernel: ipv6_hop_jumbo remote system crash
Originally discovered by Victor Julien that there is a way to crash the Linux kernel by sending a single IPv6 packet at it.
1) The CVE-2007-4567 issue was reported to Red Hat in September 2007. Red Hat Enterprise Linux 5 was found not to be affected.
2) On December 18, 2009, a customer reported to us that Red Hat Enterprise Linux 5 was vulnerable to CVE-2007-4567.
3) Investigations showed that the issue was introduced in the RHBA-2008-0314 update on May 21, 2008 via a backport of a collection of patches for DoD IPv6 conformance.
4) Updates released on January 7, 2010 for Red Hat Enterprise Linux 5, resolving CVE-2007-4567.
Note that the Linux kernels as shipped with Red Hat Enterprise Linux 3, 4, and Red Hat Enterprise MRG are
Bugzilla
CVE-2007-5938 NULL dereference in iwl driver
bugzilla·2007-11-15·CVSS 5.0
CVE-2007-5938 [MEDIUM] CVE-2007-5938 NULL dereference in iwl driver
CVE-2007-5938 NULL dereference in iwl driver
Common Vulnerabilities and Exposures assigned an identifier CVE-2007-5938 to the following vulnerability:
There is a NULL dereference vulnerability in function iwl_set_rate() in compatible/iwl3945-base.c. See References for original advisory:
References:
http://bugs.gentoo.org/show_bug.cgi?id=199209
Discussion:
Reporter changed to [email protected] by request of Jay Turner.
---
This issue does not affect Red Hat Enterprise Linux 3 or 4 due to not including the iwlwifi driver. It did affect Red Hat Enterprise Linux 5 and was addressed via:
https://rhn.redhat.com/errata/RHSA-2008-0154.html
and
https://rhn.redhat.com/errata/RHBA-2008-0314.html
Bugzilla
CVE-2007-5906 kernel-xen 3.1.1 virtual guest system denial of service (hypervisor crash) possibility
bugzilla·2007-11-12·CVSS 4.7
CVE-2007-5906 [MEDIUM] CVE-2007-5906 kernel-xen 3.1.1 virtual guest system denial of service (hypervisor crash) possibility
CVE-2007-5906 kernel-xen 3.1.1 virtual guest system denial of service (hypervisor crash) possibility
Description of problem:
Xen 3.1.1 allows virtual guest system users to cause a denial of
service (hypervisor crash) by using a debug register (DR7) to set
certain breakpoints. (CVE-2007-5906).
Discussion:
Will this bugzilla get the details needed to fix the bug, once those details
become available?
---
The official post is here -- there is also patch provided:
http://lists.xensource.com/archives/html/xen-devel/2007-10/msg01048.html
---
Note that the rebase of the Xen hypervisor to 3.1.2 in the 5.2 kernel
(RHBA-2008:0314) caused this issue to be fixed for Enterprise Linux 5. I'll
therefore update that advisory so that it references this CVE name.
---
This was fixed long ago in all
2007-01-18
Published