CVE-2007-1453 - OpenCVE

Buffer underflow in the PHP_FILTER_TRIM_DEFAULT macro in the filtering extension (ext/filter) in PHP 5.2.0 allows context-dependent attackers to execute arbitrary code by calling filter_var with certain modes such as FILTER_VALIDATE_INT, which causes filter to write a null byte in whitespace that precedes the buffer.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Php	Php

Configuration 1 [-]

cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*

References

Link	Resource
http://secunia.com/advisories/25056
http://secunia.com/advisories/25062
http://www.debian.org/security/2007/dsa-1283
http://www.novell.com/linux/security/advisories/2007_32_php.html
http://www.php-security.org/MOPB/MOPB-19-2007.html
http://www.php.net/releases/5_2_1.php
http://www.securityfocus.com/bid/22922	Exploit

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2007-03-14T18:00:00

Updated: 2007-05-02T09:00:00

Reserved: 2007-03-14T00:00:00

Link: CVE-2007-1453

JSON object: View

NVD Information

Status : Analyzed

Published: 2007-03-14T18:19:00.000

Modified: 2008-09-05T21:20:32.187

Link: CVE-2007-1453

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-Other

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-03-12T00:00:00", "descriptions": [{"lang": "en", "value": "Buffer underflow in the PHP_FILTER_TRIM_DEFAULT macro in the filtering extension (ext/filter) in PHP 5.2.0 allows context-dependent attackers to execute arbitrary code by calling filter_var with certain modes such as FILTER_VALIDATE_INT, which causes filter to write a null byte in whitespace that precedes the buffer."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2007-05-02T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "25056", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25056"}, {"name": "DSA-1283", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2007/dsa-1283"}, {"tags": ["x_refsource_MISC"], "url": "http://www.php.net/releases/5_2_1.php"}, {"name": "22922", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/22922"}, {"tags": ["x_refsource_MISC"], "url": "http://www.php-security.org/MOPB/MOPB-19-2007.html"}, {"name": "25062", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25062"}, {"name": "SUSE-SA:2007:032", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://www.novell.com/linux/security/advisories/2007_32_php.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-1453", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Buffer underflow in the PHP_FILTER_TRIM_DEFAULT macro in the filtering extension (ext/filter) in PHP 5.2.0 allows context-dependent attackers to execute arbitrary code by calling filter_var with certain modes such as FILTER_VALIDATE_INT, which causes filter to write a null byte in whitespace that precedes the buffer."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "25056", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25056"}, {"name": "DSA-1283", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2007/dsa-1283"}, {"name": "http://www.php.net/releases/5_2_1.php", "refsource": "MISC", "url": "http://www.php.net/releases/5_2_1.php"}, {"name": "22922", "refsource": "BID", "url": "http://www.securityfocus.com/bid/22922"}, {"name": "http://www.php-security.org/MOPB/MOPB-19-2007.html", "refsource": "MISC", "url": "http://www.php-security.org/MOPB/MOPB-19-2007.html"}, {"name": "25062", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25062"}, {"name": "SUSE-SA:2007:032", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2007_32_php.html"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-1453", "datePublished": "2007-03-14T18:00:00", "dateReserved": "2007-03-14T00:00:00", "dateUpdated": "2007-05-02T09:00:00", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "CD02D837-FD28-4E0F-93F8-25E8D1C84A99", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Buffer underflow in the PHP_FILTER_TRIM_DEFAULT macro in the filtering extension (ext/filter) in PHP 5.2.0 allows context-dependent attackers to execute arbitrary code by calling filter_var with certain modes such as FILTER_VALIDATE_INT, which causes filter to write a null byte in whitespace that precedes the buffer."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer en la macro HP_FILTER_TRIM_DEFAULT en el filtro de extensiones (ext/filter) del PHP 5.2.0 permite a atacantes dependientes del contexto ejecutar c\u00f3digo de su elecci\u00f3n llamando al filter_var con ciertos modos como el FILTER_VALIDATE_INT, lo que provoca que el filtro escriba un byte NULL en el espacio en blanco que precede al b\u00fafer."}], "id": "CVE-2007-1453", "lastModified": "2008-09-05T21:20:32.187", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-03-14T18:19:00.000", "references": [{"source": "cve@mitre.org", "url": "http://secunia.com/advisories/25056"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/25062"}, {"source": "cve@mitre.org", "url": "http://www.debian.org/security/2007/dsa-1283"}, {"source": "cve@mitre.org", "url": "http://www.novell.com/linux/security/advisories/2007_32_php.html"}, {"source": "cve@mitre.org", "url": "http://www.php-security.org/MOPB/MOPB-19-2007.html"}, {"source": "cve@mitre.org", "url": "http://www.php.net/releases/5_2_1.php"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/22922"}], "sourceIdentifier": "cve@mitre.org", "vendorComments": [{"comment": "Not vulnerable. The filter extension was not shipped in versions of PHP \nprovided for Red Hat Enterprise Linux 2.1, 3, 4, 5, Stronghold 4.0, or\nRed Hat Application Stack 1.", "lastModified": "2007-04-16T00:00:00", "organization": "Red Hat"}], "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}