CVE-2007-3806
N/A
N/A
Summary
The glob function in PHP 5.2.3 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via an invalid value of the flags parameter, probably related to memory corruption or an invalid read on win32 platforms, and possibly related to lack of initialization for a glob structure.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://secunia.com/advisories/30288
- http://cvs.php.net/viewvc.cgi/php-src/ext/standard/dir.c?r1=1.166&r2=1.167
- http://osvdb.org/36085
- http://www.vupen.com/english/advisories/2007/2547
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35437
- http://www.exploit-db.com/exploits/4181
- http://www.debian.org/security/2008/dsa-1572
- http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml
- http://www.php.net/ChangeLog-5.php#5.2.4
- http://secunia.com/advisories/30158
- http://secunia.com/advisories/26085
- http://www.debian.org/security/2008/dsa-1578
- http://secunia.com/advisories/27102
- http://cvs.php.net/viewvc.cgi/php-src/ext/standard/dir.c?view=log
- http://www.php.net/releases/5_2_4.php
- http://www.securityfocus.com/bid/24922
- http://www.securityfocus.com/bid/25498
- http://secunia.com/advisories/26642
References
- http://secunia.com/advisories/30288
- http://cvs.php.net/viewvc.cgi/php-src/ext/standard/dir.c?r1=1.166&r2=1.167
- http://osvdb.org/36085
- http://www.vupen.com/english/advisories/2007/2547
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35437
- http://www.exploit-db.com/exploits/4181
- http://www.debian.org/security/2008/dsa-1572
- http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml
- http://www.php.net/ChangeLog-5.php#5.2.4
- http://secunia.com/advisories/30158
- http://secunia.com/advisories/26085
- http://www.debian.org/security/2008/dsa-1578
- http://secunia.com/advisories/27102
- http://cvs.php.net/viewvc.cgi/php-src/ext/standard/dir.c?view=log
- http://www.php.net/releases/5_2_4.php
- http://www.securityfocus.com/bid/24922
- http://www.securityfocus.com/bid/25498
- http://secunia.com/advisories/26642
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.