Search 202850 CVE descriptions
and 87302 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:CGI abuses
Title:PHP < 4.4.7/5.2.3 Multiple Vulnerabilities

The remote host is vulnerable to denial of service attacks and
arbitrary code execution vulnerabilities via the 'chunk_split'
function. As well, open_basedir and safe_mode restrictions
are not enforced under certain situations.

Versions up to and including 4.4.6 and 5.2.2 are vulnerable.

Solution : Upgrade to PHP 5.2.3/4.4.7 or later.

Risk factor : High

CVSS Score:

Cross-Ref: BugTraq ID: 24261
BugTraq ID: 24259
Common Vulnerability Exposure (CVE) ID: CVE-2007-3007
SuSE Security Announcement: SUSE-SA:2007:044 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2007-2872
Bugtraq: 20070601 SEC Consult SA-20070601-0 :: PHP chunk_split() integer overflow (Google Search)
HPdes Security Advisory: HPSBUX02262
HPdes Security Advisory: HPSBUX02308
HPdes Security Advisory: HPSBUX02332
HPdes Security Advisory: SSRT071447
HPdes Security Advisory: SSRT080010
HPdes Security Advisory: SSRT080056
RedHat Security Advisories: RHSA-2007:0889
SuSE Security Announcement: SUSE-SA:2008:004 (Google Search)
XForce ISS Database: php-chunksplit-security-bypass(39398)
CopyrightCopyright (c) 2007 E-Soft Inc.

This is only one of 87302 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2021 E-Soft Inc. All rights reserved.