CVE-2007-1825
published 2007-04-02CVE-2007-1825: Buffer overflow in the imap_mail_compose function in PHP 5 before 5.2.1, and PHP 4 before 4.4.5, allows remote attackers to execute arbitrary code via a long…
PriorityP341high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
10.38%
95.2th percentile
Buffer overflow in the imap_mail_compose function in PHP 5 before 5.2.1, and PHP 4 before 4.4.5, allows remote attackers to execute arbitrary code via a long boundary string in a type.parameters field. NOTE: as of 20070411, it appears that this issue might be subsumed by CVE-2007-0906.3.
Affected
70 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
| php | php | — | — |
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vendor_redhat7.5HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
security flaw
vendor_redhat·2007-02-14·CVSS 7.5
CVE-2007-0906 [HIGH] security flaw
security flaw
Multiple buffer overflows in PHP before 5.2.1 allow attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors in the (1) session, (2) zip, (3) imap, and (4) sqlite extensions; (5) stream filters; and the (6) str_replace, (7) mail, (8) ibase_delete_user, (9) ibase_add_user, and (10) ibase_modify_user functions. NOTE: vector 6 might actually be an integer overflow (CVE-2007-1885). NOTE: as of 20070411, vector (3) might involve the imap_mail_compose function (CVE-2007-1825).
Red Hat
php imap_mail_compose() buffer overflow via type.parameters
vendor_redhat·2007-02-14·CVSS 7.5
CVE-2007-1825 [HIGH] php imap_mail_compose() buffer overflow via type.parameters
php imap_mail_compose() buffer overflow via type.parameters
Buffer overflow in the imap_mail_compose function in PHP 5 before 5.2.1, and PHP 4 before 4.4.5, allows remote attackers to execute arbitrary code via a long boundary string in a type.parameters field. NOTE: as of 20070411, it appears that this issue might be subsumed by CVE-2007-0906.3.
Statement: This CVE name is a duplicate as the vulnerability is addressed by CVE-2007-0906.
GHSA
GHSA-f8vv-w522-3v4v: Multiple buffer overflows in PHP before 5
ghsa_unreviewed·2022-05-03·CVSS 7.5
CVE-2007-0906 [HIGH] CWE-119 GHSA-f8vv-w522-3v4v: Multiple buffer overflows in PHP before 5
Multiple buffer overflows in PHP before 5.2.1 allow attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors in the (1) session, (2) zip, (3) imap, and (4) sqlite extensions; (5) stream filters; and the (6) str_replace, (7) mail, (8) ibase_delete_user, (9) ibase_add_user, and (10) ibase_modify_user functions. NOTE: vector 6 might actually be an integer overflow (CVE-2007-1885). NOTE: as of 20070411, vector (3) might involve the imap_mail_compose function (CVE-2007-1825).
GHSA
GHSA-mpvc-cmfr-5chg: Buffer overflow in the imap_mail_compose function in PHP 5 before 5
ghsa_unreviewed·2022-05-01·CVSS 7.5
CVE-2007-1825 [HIGH] GHSA-mpvc-cmfr-5chg: Buffer overflow in the imap_mail_compose function in PHP 5 before 5
Buffer overflow in the imap_mail_compose function in PHP 5 before 5.2.1, and PHP 4 before 4.4.5, allows remote attackers to execute arbitrary code via a long boundary string in a type.parameters field. NOTE: as of 20070411, it appears that this issue might be subsumed by CVE-2007-0906.3.
No detection rules found.
Bugzilla
CVE-2007-0906 security flaw
bugzilla·2018-08-16·CVSS 7.5
CVE-2007-0906 [HIGH] CVE-2007-0906 security flaw
CVE-2007-0906 security flaw
Flaw bug created to hold information about an old flaw we knew something about. For more details see the MITRE CVE description.
Discussion:
MITRE description:
Multiple buffer overflows in PHP before 5.2.1 allow attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors in the (1) session, (2) zip, (3) imap, and (4) sqlite extensions; (5) stream filters; and the (6) str_replace, (7) mail, (8) ibase_delete_user, (9) ibase_add_user, and (10) ibase_modify_user functions. NOTE: vector 6 might actually be an integer overflow (CVE-2007-1885). NOTE: as of 20070411, vector (3) might involve the imap_mail_compose function (CVE-2007-1825).
Bugzilla
CVE-2007-1285 "Month of PHP Bugs" security issues (CVE-2007-1286 CVE-2007-1583 CVE-2007-1711 CVE-2007-1718)
bugzilla·2007-03-01·CVSS 2.1
CVE-2007-1285 [LOW] CVE-2007-1285 "Month of PHP Bugs" security issues (CVE-2007-1286 CVE-2007-1583 CVE-2007-1711 CVE-2007-1718)
CVE-2007-1285 "Month of PHP Bugs" security issues (CVE-2007-1286 CVE-2007-1583 CVE-2007-1711 CVE-2007-1718)
Description of problem:
This bug will be used to provide tracking information for the issues reported
during the "Month of PHP Bugs" initiative, http://www.php-security.org/
Discussion:
Introduction: The PHP interpreter does not offer a reliable
"sandboxed" security layer (as found in, say, a JVM) in which
untrusted scripts can be run; any script run by the PHP interpreter
must be trusted with the privileges of the interpreter itself. In
analysis of these issues, bugs which rely on an "untrusted local
attacker" will therefore not be classified as being
security-sensitive, since no trust boundary is crossed.
---
MOPB-01-2007 describes an issue in the PHP interpreter regarding the
http://www.php-security.org/MOPB/MOPB-40-2007.htmlhttp://www.securityfocus.com/bid/23234https://exchange.xforce.ibmcloud.com/vulnerabilities/33534https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10377http://www.php-security.org/MOPB/MOPB-40-2007.htmlhttp://www.securityfocus.com/bid/23234https://exchange.xforce.ibmcloud.com/vulnerabilities/33534https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10377
2007-04-02
Published