Vulnerability Details : CVE-2007-0988
The zend_hash_init function in PHP 5 before 5.2.1 and PHP 4 before 4.4.5, when running on a 64-bit platform, allows context-dependent attackers to cause a denial of service (infinite loop) by unserializing certain integer expressions, which only cause 32-bit arguments to be used after the check for a negative value, as demonstrated by an "a:2147483649:{" argument.
Vulnerability category: OverflowDenial of service
Products affected by CVE-2007-0988
- cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:php:php:4.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:php:php:4.0:beta3:*:*:*:*:*:*
- cpe:2.3:a:php:php:4.0:beta4:*:*:*:*:*:*
- cpe:2.3:a:php:php:4.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:php:php:4.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:php:php:4.0:beta_4_patch1:*:*:*:*:*:*
- cpe:2.3:a:php:php:4.0:beta2:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:5.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*
Threat overview for CVE-2007-0988
Top countries where our scanners detected CVE-2007-0988
Top open port discovered on systems with this issue
80
IPs affected by CVE-2007-0988 21,158
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2007-0988!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2007-0988
0.85%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 82 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2007-0988
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:N/A:P |
8.6
|
2.9
|
NIST |
CWE ids for CVE-2007-0988
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2007-0988
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11092
Third Party Advisory
-
http://www.vupen.com/english/advisories/2007/1991
Third Party Advisory
-
http://www.redhat.com/support/errata/RHSA-2007-0081.html
Third Party Advisory
-
http://www.ubuntu.com/usn/usn-424-2
Third Party Advisory
-
http://www.novell.com/linux/security/advisories/2007_32_php.html
404 Page Not Found | SUSEBroken Link
-
http://www.ubuntu.com/usn/usn-424-1
Third Party Advisory
-
http://www.securityfocus.com/archive/1/461462/100/0/threaded
Third Party Advisory;VDB Entry
-
http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.010.html
Third Party Advisory
-
http://www.redhat.com/support/errata/RHSA-2007-0082.html
SupportThird Party Advisory
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/32709
Third Party Advisory;VDB Entry
-
http://security.gentoo.org/glsa/glsa-200703-21.xml
Third Party Advisory
-
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=228858
Issue Tracking;Third Party Advisory
-
http://www.trustix.org/errata/2007/0009/
Trustix | Empowering Trust and Security in the Digital AgeBroken Link
-
https://issues.rpath.com/browse/RPL-1088
Broken Link
-
http://www.us.debian.org/security/2007/dsa-1264
Broken Link
-
http://www.redhat.com/support/errata/RHSA-2007-0076.html
Third Party Advisory
-
http://www.php-security.org/MOPB/MOPB-05-2007.html
Third Party Advisory
-
http://support.avaya.com/elmodocs2/security/ASA-2007-136.htm
Third Party Advisory
-
http://support.avaya.com/elmodocs2/security/ASA-2007-101.htm
Third Party Advisory
-
http://www.vupen.com/english/advisories/2007/2374
Third Party Advisory
-
http://securityreason.com/securityalert/2315
Third Party Advisory
-
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137
Broken Link
-
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506
Broken Link
-
http://www.php.net/releases/5_2_1.php
Patch;Third Party Advisory
-
http://www.mandriva.com/security/advisories?name=MDKSA-2007:048
Third Party Advisory
-
http://www.securitytracker.com/id?1017671
Third Party Advisory;VDB Entry
-
http://www.redhat.com/support/errata/RHSA-2007-0088.html
Third Party Advisory
-
ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc
Broken Link
-
http://rhn.redhat.com/errata/RHSA-2007-0089.html
Third Party Advisory
Jump to