CVE-2007-1864 — Improper Restriction of Operations within the Bounds of a Memory Buffer in PHP

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer10 documents5 sources

Severity

7.5HIGHNVD

EPSS

7.8%

top 8.04%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

PHP Canonical Ubuntu Linux Debian Linux +2 more

Timeline

PublishedMay 9

Latest updateMay 1

Description

Buffer overflow in the bundled libxmlrpc library in PHP before 4.4.7, and 5.x before 5.2.2, has unknown impact and remote attack vectors.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages3 packages

▶NVDphp/php5.2.0 — 5.2.2+2

▶NVDredhat/enterprise_linux_server5.0

▶NVDredhat/enterprise_linux_workstation5.0

Also affects: Debian Linux 3.1, 4.0, Ubuntu Linux 6.06, 6.10, 7.04

Patches

Patch: us2.php.net ↗Patch: us2.php.net ↗Patch: us2.php.net ↗

🔴Vulnerability Details

GHSA

GHSA-c645-h8hj-wvjj: Buffer overflow in the bundled libxmlrpc library in PHP before 4↗2022-05-01

▶

📋Vendor Advisories

Ubuntu

PHP vulnerabilities↗2007-07-17

▶

Red Hat

php libxmlrpc library overflow↗2007-05-03

▶

💬Community

Bugzilla

CVE-2007-1864 php libxmlrpc library overflow↗2007-05-04

▶

Bugzilla

CVE-2007-1864 various PHP security issues (CVE-2007-2509 CVE-2007-2510)↗2007-05-04

▶

Bugzilla

CVE-2007-1864 various PHP security issues (CVE-2007-2509)↗2007-05-04

▶

Bugzilla

CVE-2007-1864: various PHP security issues (CVE-2007-2509 CVE-2007-2510)↗2007-05-04

▶

Bugzilla

CVE-2007-1864 various PHP security issues (CVE-2007-2509 CVE-2007-2510)↗2007-05-04

▶