Attacker Value

Unknown

(0 users assessed)

Exploitability

Unknown

(0 users assessed)

User Interaction

Unknown

Privileges Required

Unknown

Attack Vector

Unknown

0

CVE-2007-0908

Disclosure Date: February 13, 2007 •

MITRE ATT&CK

Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

The WDDX deserializer in the wddx extension in PHP 5 before 5.2.1 and PHP 4 before 4.4.5 does not properly initialize the key_length variable for a numerical key, which allows context-dependent attackers to read stack memory via a wddxPacket element that contains a variable with a string name before a numerical variable.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics

Data provided by the National Vulnerability Database (NVD)

Base Score:

None

Impact Score:

Unknown

Exploitability Score:

Unknown

Vector:

Attack Vector (AV):

Unknown

Attack Complexity (AC):

Unknown

Privileges Required (PR):

Unknown

User Interaction (UI):

Unknown

Scope (S):

Unknown

Confidentiality (C):

Unknown

Integrity (I):

Unknown

Availability (A):

Unknown

Vendors

canonical,
php

Products

php,
php 4.0,
ubuntu linux 5.10,
ubuntu linux 6.06,
ubuntu linux 6.10

References

Canonical

CVE-2007-0908 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0908)

BID-22496 (http://www.securityfocus.com/bid/22496)

BID-22806 (http://www.securityfocus.com/bid/22806)

Advisory

DSA-1264 (http://www.us.debian.org/security/2007/dsa-1264)

SECUNIA-24295 (http://secunia.com/advisories/24295)

SECUNIA-24195 (http://secunia.com/advisories/24195)

SECTRACK-1017671 (http://www.securitytracker.com/id?1017671)

SECUNIA-24606 (http://secunia.com/advisories/24606)

SECUNIA-24642 (http://secunia.com/advisories/24642)

SECUNIA-24217 (http://secunia.com/advisories/24217)

OSVDB-32766 (http://osvdb.org/32766)

http://support.avaya.com/elmodocs2/security/ASA-2007-101.htm

SECUNIA-24248 (http://secunia.com/advisories/24248)

XF-php-wddx-information-disclosure(32493) (https://exchange.xforce.ibmcloud.com/vulnerabilities/32493)

SECUNIA-24514 (http://secunia.com/advisories/24514)

https://issues.rpath.com/browse/RPL-1088

SECUNIA-24284 (http://secunia.com/advisories/24284)

USN-424-2 (http://www.ubuntu.com/usn/usn-424-2)

http://www.php.net/releases/5_2_1.php

GLSA-200703-21 (http://security.gentoo.org/glsa/glsa-200703-21.xml)

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11185

SECUNIA-24432 (http://secunia.com/advisories/24432)

SECUNIA-24421 (http://secunia.com/advisories/24421)

SECUNIA-24089 (http://secunia.com/advisories/24089)

http://lists.suse.com/archive/suse-security-announce/2007-Mar/0003.html

SREASON-2321 (http://securityreason.com/securityalert/2321)

http://www.redhat.com/support/errata/RHSA-2007-0076.html

SECUNIA-24419 (http://secunia.com/advisories/24419)

http://rhn.redhat.com/errata/RHSA-2007-0089.html

http://www.redhat.com/support/errata/RHSA-2007-0088.html

20070227 rPSA-2007-0043-1 php php-mysql php-pgsql (http://www.securityfocus.com/archive/1/461462/100/0/threaded)

http://support.avaya.com/elmodocs2/security/ASA-2007-136.htm

http://www.redhat.com/support/errata/RHSA-2007-0082.html

http://www.php.net/ChangeLog-5.php#5.2.1

http://www.mandriva.com/security/advisories?name=MDKSA-2007:048

USN-424-1 (http://www.ubuntu.com/usn/usn-424-1)

http://www.redhat.com/support/errata/RHSA-2007-0081.html

SECUNIA-24322 (http://secunia.com/advisories/24322)

SECUNIA-24236 (http://secunia.com/advisories/24236)

ADV-2007-0546 (http://www.vupen.com/english/advisories/2007/0546)

Miscellaneous

2007-0009 (http://www.trustix.org/errata/2007/0009)

OpenPKG-SA-2007.010 (http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.010.html)

http://www.php-security.org/MOPB/MOPB-11-2007.html

Rapid7

Technical Analysis