CVE-2007-1475
published 2007-03-16CVE-2007-1475: Multiple buffer overflows in the (1) ibase_connect and (2) ibase_pconnect functions in the interbase extension in PHP 4.4.6 and earlier allow context-dependent…
PriorityP431medium5.4CVSS 2.0
AVAACMAuNCPIPAP
EXPLOIT
EPSS
2.37%
81.7th percentile
Multiple buffer overflows in the (1) ibase_connect and (2) ibase_pconnect functions in the interbase extension in PHP 4.4.6 and earlier allow context-dependent attackers to execute arbitrary code via a long argument.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| php | php | <= 4.4.6 | — |
CVSS provenance
nvdv2.05.4MEDIUMAV:A/AC:M/Au:N/C:P/I:P/A:P
vendor_redhat5.4MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
CVE-2007-1475: Multiple buffer overflows in the (1) ibase_connect and (2) ibase_pconnect functions in the interbase extension in PHP 4
vendor_redhat·CVSS 5.4
CVE-2007-1475 [MEDIUM] CVE-2007-1475: Multiple buffer overflows in the (1) ibase_connect and (2) ibase_pconnect functions in the interbase extension in PHP 4
Multiple buffer overflows in the (1) ibase_connect and (2) ibase_pconnect functions in the interbase extension in PHP 4.4.6 and earlier allow context-dependent attackers to execute arbitrary code via a long argument.
Statement: Not vulnerable. PHP as shipped with Red Hat Enterprise Linux 2.1, 3, 4, and 5 does not include ibase support.
GHSA
GHSA-88vq-863j-fxfh: Multiple buffer overflows in the (1) ibase_connect and (2) ibase_pconnect functions in the interbase extension in PHP 4
ghsa_unreviewed·2022-05-01
CVE-2007-1475 [MEDIUM] GHSA-88vq-863j-fxfh: Multiple buffer overflows in the (1) ibase_connect and (2) ibase_pconnect functions in the interbase extension in PHP 4
Multiple buffer overflows in the (1) ibase_connect and (2) ibase_pconnect functions in the interbase extension in PHP 4.4.6 and earlier allow context-dependent attackers to execute arbitrary code via a long argument.
No detection rules found.
No writeups or analysis indexed.
http://retrogod.altervista.org/php_446_ibase_connect_bof.htmlhttp://secunia.com/advisories/24529http://securityreason.com/securityalert/2439http://www.securityfocus.com/archive/1/462931/100/0/threadedhttp://www.securityfocus.com/bid/22976https://exchange.xforce.ibmcloud.com/vulnerabilities/33019https://www.exploit-db.com/exploits/3488http://retrogod.altervista.org/php_446_ibase_connect_bof.htmlhttp://secunia.com/advisories/24529http://securityreason.com/securityalert/2439http://www.securityfocus.com/archive/1/462931/100/0/threadedhttp://www.securityfocus.com/bid/22976https://exchange.xforce.ibmcloud.com/vulnerabilities/33019https://www.exploit-db.com/exploits/3488
2007-03-16
Published