CVE-2007-0909

12 documents6 sources
Severity
7.5HIGH
EPSS
3.5%
top 12.38%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
PHP PHPTrustix Secure Linux
Timeline
PublishedFeb 13
Latest updateMay 3

Description

Multiple format string vulnerabilities in PHP before 5.2.1 might allow attackers to execute arbitrary code via format string specifiers to (1) all of the *print functions on 64-bit systems, and (2) the odbc_result_all function.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

NVDphp/php67 versions+66
NVDtrustix/secure_linux2.2, 3.0+1

🔴Vulnerability Details

2
GHSA
GHSA-57q9-cw6p-2qrg: Multiple format string vulnerabilities in PHP before 52022-05-03
CVEList
CVE-2007-0909: Multiple format string vulnerabilities in PHP before 52007-02-13

📋Vendor Advisories

2
Ubuntu
PHP vulnerabilities2007-02-22
Red Hat
security flaw2007-02-14

💬Community

7
Bugzilla
CVE-2007-0909 security flaw2018-08-16
Bugzilla
CVE-2007-0906 PHP security issues (CVE-2007-0907, CVE-2007-0908, CVE-2007-0909, CVE-2007-0910, CVE-2007-0988)2007-02-23
Bugzilla
CVE-2007-0537 konqueror XSS2007-02-22
Bugzilla
CVE-2007-0906 PHP security issues (CVE-2007-0907, CVE-2007-0908, CVE-2007-0909, CVE-2007-0910, CVE-2007-0988)2007-02-20
Bugzilla
CVE-2007-0906 PHP security issues (CVE-2007-0907, CVE-2007-0908, CVE-2007-0909, CVE-2007-0910, CVE-2007-0988)2007-02-20
CVE-2007-0909 (HIGH CVSS 7.5) | Multiple format string vulnerabilit | cvebase.io