Attacker Value
Unknown
CVE-2007-1583
Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
MITRE ATT&CK
Log in to add MITRE ATT&CK tag
Add MITRE ATT&CK tactics and techniques that apply to this CVE.
Description
The mb_parse_str function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 sets the internal register_globals flag and does not disable it in certain cases when a script terminates, which allows remote attackers to invoke available PHP scripts with register_globals functionality that is not detectable by these scripts, as demonstrated by forcing a memory_limit violation.
Add Assessment
No one has assessed this topic. Be the first to add your voice to the community.
CVSS V3 Severity and Metrics
Data provided by the National Vulnerability Database (NVD)
Base Score:
None
Impact Score:
Unknown
Exploitability Score:
Unknown
Attack Vector (AV):
Unknown
Attack Complexity (AC):
Unknown
Privileges Required (PR):
Unknown
User Interaction (UI):
Unknown
Scope (S):
Unknown
Confidentiality (C):
Unknown
Integrity (I):
Unknown
Availability (A):
Unknown
General Information
Vendors
Products
- php 4.0,
- php 4.0.0,
- php 4.0.1,
- php 4.0.2,
- php 4.0.3,
- php 4.0.4,
- php 4.0.5,
- php 4.0.6,
- php 4.0.7,
- php 4.1.0,
- php 4.1.1,
- php 4.1.2,
- php 4.2,
- php 4.2.0,
- php 4.2.1,
- php 4.2.2,
- php 4.2.3,
- php 4.3.0,
- php 4.3.1,
- php 4.3.10,
- php 4.3.11,
- php 4.3.2,
- php 4.3.3,
- php 4.3.4,
- php 4.3.5,
- php 4.3.6,
- php 4.3.7,
- php 4.3.8,
- php 4.3.9,
- php 4.4.0,
- php 4.4.1,
- php 4.4.2,
- php 4.4.3,
- php 4.4.4,
- php 4.4.5,
- php 4.4.6,
- php 5.0,
- php 5.0.0,
- php 5.0.1,
- php 5.0.2,
- php 5.0.3,
- php 5.0.4,
- php 5.0.5,
- php 5.1.0,
- php 5.1.1,
- php 5.1.2,
- php 5.1.3,
- php 5.1.4,
- php 5.1.5,
- php 5.1.6,
- php 5.2.0,
- php 5.2.1
References
Advisory
Miscellaneous
