Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5898

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2007-5898
Last Modified 07 Mar 2011 10:01:28
Published 20 Nov 2007 01:46:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-5898

Summary

The (1) htmlentities and (2) htmlspecialchars functions in PHP before 5.2.5 accept partial multibyte sequences, which has unknown impact and attack vectors, a different issue than CVE-2006-5465.

Vulnerable Systems

Application

  • Php 5.2.4


References

SECUNIA - 27648

FEDORA - FEDORA-2008-3864

CONFIRM - https://launchpad.net/bugs/173043

CONFIRM - https://issues.rpath.com/browse/RPL-1943

UBUNTU - USN-549-1

UBUNTU - USN-628-1

UBUNTU - USN-549-2

HP - HPSBUX02332

REDHAT - RHSA-2008:0582

REDHAT - RHSA-2008:0546

REDHAT - RHSA-2008:0545

REDHAT - RHSA-2008:0544

REDHAT - RHSA-2008:0505

CONFIRM - http://www.php.net/releases/5_2_5.php

CONFIRM - http://www.php.net/ChangeLog-5.php#5.2.5

MANDRIVA - MDVSA-2008:127

MANDRIVA - MDVSA-2008:126

MANDRIVA - MDVSA-2008:125

DEBIAN - DSA-1444

CONFIRM - http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0242

SECTRACK - 1018934

SECUNIA - 31200

SECUNIA - 31124

SECUNIA - 31119

SECUNIA - 30828

SECUNIA - 30040

SECUNIA - 28658

SECUNIA - 28249

SECUNIA - 27864

SECUNIA - 27659

SUSE - SUSE-SA:2008:004

HP - SSRT080056

Related Patches

Red Hat 2008:0544-06 RHSA Moderate: php security update for RHEL 5 x86


Last Updated: 27 May 2016 10:47:27