CVE-2007-0907
NONE EPSS 80.4%
Published Feb 13, 200719y ago ยท Modified Jun 16, 20262w ago
Published Feb 13, 2007 19y ago
Last Modified Jun 16, 2026 2w ago
Description
Buffer underflow in PHP before 5.2.1 allows attackers to cause a denial of service via unspecified vectors involving the sapi_header_op function.
Threat Intelligence
EPSS Exploit Probability
80.4% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Affected Products 77
| Vendor | Product | Version | Range |
|---|---|---|---|
| php | php | 3.0 | any |
| php | php | 3.0.1 | any |
| php | php | 3.0.2 | any |
| php | php | 3.0.3 | any |
| php | php | 3.0.4 | any |
| php | php | 3.0.5 | any |
| php | php | 3.0.6 | any |
| php | php | 3.0.7 | any |
| php | php | 3.0.8 | any |
| php | php | 3.0.9 | any |
| php | php | 3.0.10 | any |
| php | php | 3.0.11 | any |
| php | php | 3.0.12 | any |
| php | php | 3.0.13 | any |
| php | php | 3.0.14 | any |
| php | php | 3.0.15 | any |
| php | php | 3.0.16 | any |
| php | php | 3.0.17 | any |
| php | php | 3.0.18 | any |
| php | php | 4.0 | any |
| php | php | 4.0.1 | any |
| php | php | 4.0.1 | any |
| php | php | 4.0.1 | any |
| php | php | 4.0.2 | any |
| php | php | 4.0.3 | any |
| php | php | 4.0.3 | any |
| php | php | 4.0.4 | any |
| php | php | 4.0.5 | any |
| php | php | 4.0.6 | any |
| php | php | 4.0.7 | any |
| php | php | 4.0.7 | any |
| php | php | 4.0.7 | any |
| php | php | 4.0.7 | any |
| php | php | 4.1.0 | any |
| php | php | 4.1.1 | any |
| php | php | 4.1.2 | any |
| php | php | 4.2 | any |
| php | php | 4.2.0 | any |
| php | php | 4.2.1 | any |
| php | php | 4.2.2 | any |
| php | php | 4.2.3 | any |
| php | php | 4.3.0 | any |
| php | php | 4.3.1 | any |
| php | php | 4.3.2 | any |
| php | php | 4.3.3 | any |
| php | php | 4.3.4 | any |
| php | php | 4.3.5 | any |
| php | php | 4.3.6 | any |
| php | php | 4.3.7 | any |
| php | php | 4.3.8 | any |
| php | php | 4.3.9 | any |
| php | php | 4.3.10 | any |
| php | php | 4.3.11 | any |
| php | php | 4.4.0 | any |
| php | php | 4.4.1 | any |
| php | php | 4.4.2 | any |
| php | php | 4.4.3 | any |
| php | php | 4.4.4 | any |
| php | php | 5.0 | any |
| php | php | 5.0 | any |
| php | php | 5.0 | any |
| php | php | 5.0.0 | any |
| php | php | 5.0.1 | any |
| php | php | 5.0.2 | any |
| php | php | 5.0.3 | any |
| php | php | 5.0.4 | any |
| php | php | 5.0.5 | any |
| php | php | 5.1.0 | any |
| php | php | 5.1.1 | any |
| php | php | 5.1.2 | any |
| php | php | 5.1.3 | any |
| php | php | 5.1.4 | any |
| php | php | 5.1.5 | any |
| php | php | 5.1.6 | any |
| php | php | 5.2.0 | any |
| trustix | secure_linux | 2.2 | any |
| trustix | secure_linux | 3.0 | any |
References 39
- patches.sgi.com ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc
- lists.suse.com http://lists.suse.com/archive/suse-security-announce/2007-Mar/0003.html
- osvdb.org http://osvdb.org/32767
- rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2007-0089.html
- secunia.com http://secunia.com/advisories/24089
- secunia.com http://secunia.com/advisories/24195
- secunia.com http://secunia.com/advisories/24217
- secunia.com http://secunia.com/advisories/24236
- secunia.com http://secunia.com/advisories/24248
- secunia.com http://secunia.com/advisories/24284
- secunia.com http://secunia.com/advisories/24295
- secunia.com http://secunia.com/advisories/24322
- secunia.com http://secunia.com/advisories/24419
- secunia.com http://secunia.com/advisories/24421
- secunia.com http://secunia.com/advisories/24432
- secunia.com http://secunia.com/advisories/24514
- secunia.com http://secunia.com/advisories/24606
- secunia.com http://secunia.com/advisories/24642
- security.gentoo.org http://security.gentoo.org/glsa/glsa-200703-21.xml
- support.avaya.com http://support.avaya.com/elmodocs2/security/ASA-2007-101.htm
- support.avaya.com http://support.avaya.com/elmodocs2/security/ASA-2007-136.htm
- mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2007:048
- openpkg.com http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.010.html
- php.net http://www.php.net/ChangeLog-5.php#5.2.1
- php.net http://www.php.net/releases/5_2_1.php
- redhat.com http://www.redhat.com/support/errata/RHSA-2007-0076.html
- redhat.com http://www.redhat.com/support/errata/RHSA-2007-0081.html
- redhat.com http://www.redhat.com/support/errata/RHSA-2007-0082.html
- redhat.com http://www.redhat.com/support/errata/RHSA-2007-0088.html
- securityfocus.com http://www.securityfocus.com/archive/1/461462/100/0/threaded
- securityfocus.com http://www.securityfocus.com/bid/22496
- securitytracker.com http://www.securitytracker.com/id?1017671
- trustix.org http://www.trustix.org/errata/2007/0009/
- ubuntu.com http://www.ubuntu.com/usn/usn-424-1
- ubuntu.com http://www.ubuntu.com/usn/usn-424-2
- us.debian.org http://www.us.debian.org/security/2007/dsa-1264
- vupen.com http://www.vupen.com/english/advisories/2007/0546
- issues.rpath.com https://issues.rpath.com/browse/RPL-1088
- oval.cisecurity.org https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11321
Remediation
- securityfocus.com http://www.securityfocus.com/bid/22496