CVE-2007-1900 : CRLF injection vulnerability in the FILTER_VALIDATE

CRLF injection vulnerability in the FILTER_VALIDATE_EMAIL filter in ext/filter in PHP 5.2.0 and 5.2.1 allows context-dependent attackers to inject arbitrary e-mail headers via an e-mail address with a '\n' character, which causes a regular expression to ignore the subsequent part of the address string.

Published 2007-04-10 18:19:00

Updated 2017-10-11 01:32:02

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2007-1900

PHP » PHP » Version: 5.2.0
cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*
Matching versions
PHP » PHP » Version: 5.2.1
cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*
Matching versions

Threat overview for CVE-2007-1900

Top countries where our scanners detected CVE-2007-1900

Top open port discovered on systems with this issue 80

IPs affected by CVE-2007-1900 2,823

Threat actors abusing to this issue? Yes

Find out if you^* are affected by CVE-2007-1900!

^*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2007-1900

EPSS FAQ

0.78%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 72 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2007-1900

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
5.0	MEDIUM	AV:N/AC:L/Au:N/C:N/I:P/A:N	10.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: Partial Availability Impact: None

Vendor statements for CVE-2007-1900

Red Hat 2007-04-16

Not vulnerable. The filter extension was not shipped in the versions of PHP supplied for Red Hat Enterprise Linux 2.1, 3, 4, 5, Stronghold 4.0, or Red Hat Application Stack 1.

References for CVE-2007-1900

http://security.gentoo.org/glsa/glsa-200705-19.xml

PHP: Multiple vulnerabilities (GLSA 200705-19) — Gentoo security

CVEs referencing this url
http://www.novell.com/linux/security/advisories/2007_32_php.html

404 Page Not Found | SUSE

CVEs referencing this url
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.482863

The Slackware Linux Project: Slackware Security Advisories

CVEs referencing this url
http://www.vupen.com/english/advisories/2007/2016

Site en construction

CVEs referencing this url
http://www.trustix.org/errata/2007/0023/

Trustix | Empowering Trust and Security in the Digital Age

CVEs referencing this url
http://www.securityfocus.com/bid/23359
https://exchange.xforce.ibmcloud.com/vulnerabilities/33510
http://www.php.net/releases/5_2_3.php

PHP: PHP 5.2.3 Release Announcement

CVEs referencing this url
http://www.ubuntu.com/usn/usn-455-1

USN-455-1: PHP vulnerabilities | Ubuntu security notices | Ubuntu

CVEs referencing this url
http://www.vupen.com/english/advisories/2007/3386

Webmail: access your OVH emails on ovhcloud.com | OVHcloud

CVEs referencing this url
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795

CVEs referencing this url
http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml

PHP: Multiple vulnerabilities (GLSA 200710-02) — Gentoo security

CVEs referencing this url
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6067
https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00397.html

[SECURITY] Fedora 7 Update: php-5.2.4-1.fc7

CVEs referencing this url
http://www.php-security.org/MOPB/PMOPB-45-2007.html

Vendor Advisory
http://www.debian.org/security/2007/dsa-1283

CVEs referencing this url