Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2007-0908

The WDDX deserializer in the wddx extension in PHP 5 before 5.2.1 and PHP 4 before 4.4.5 does not properly initialize the key_length variable for a numerical key, which allows context-dependent attackers to read stack memory via a wddxPacket element that contains a variable with a string name before a numerical variable.

Published

2007-02-13T23:28:00.000

Last Modified

2025-04-09T00:30:58.490

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 5.0 (MEDIUM)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: NONE
Availability Impact: NONE

Exploitability Score

10.0

Impact Score

2.9

Weaknesses

Type: Primary
CWE-20

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	php	php	< 4.4.5	Yes
Application	php	php	< 5.2.1	Yes
Application	php	php	4.0	Yes
Application	php	php	4.0	Yes
Application	php	php	4.0	Yes
Application	php	php	4.0	Yes
Application	php	php	4.0	Yes
Application	php	php	4.0	Yes
Application	php	php	4.0	Yes
Application	php	php	4.0	Yes
Operating System	canonical	ubuntu_linux	5.10	Yes
Operating System	canonical	ubuntu_linux	6.06	Yes
Operating System	canonical	ubuntu_linux	6.10	Yes

References

ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc Broken Link ([email protected])
http://lists.suse.com/archive/suse-security-announce/2007-Mar/0003.html Broken Link ([email protected])
http://osvdb.org/32766 Broken Link ([email protected])
http://rhn.redhat.com/errata/RHSA-2007-0089.html Third Party Advisory ([email protected])
http://secunia.com/advisories/24089 Third Party Advisory ([email protected])
http://secunia.com/advisories/24195 Third Party Advisory ([email protected])
http://secunia.com/advisories/24217 Third Party Advisory ([email protected])
http://secunia.com/advisories/24236 Third Party Advisory ([email protected])
http://secunia.com/advisories/24248 Third Party Advisory ([email protected])
http://secunia.com/advisories/24284 Third Party Advisory ([email protected])
http://secunia.com/advisories/24295 Third Party Advisory ([email protected])
http://secunia.com/advisories/24322 Third Party Advisory ([email protected])
http://secunia.com/advisories/24419 Third Party Advisory ([email protected])
http://secunia.com/advisories/24421 Third Party Advisory ([email protected])
http://secunia.com/advisories/24432 Third Party Advisory ([email protected])
http://secunia.com/advisories/24514 Third Party Advisory ([email protected])
http://secunia.com/advisories/24606 Third Party Advisory ([email protected])
http://secunia.com/advisories/24642 Third Party Advisory ([email protected])
http://security.gentoo.org/glsa/glsa-200703-21.xml Third Party Advisory ([email protected])
http://securityreason.com/securityalert/2321 Third Party Advisory ([email protected])
http://support.avaya.com/elmodocs2/security/ASA-2007-101.htm Third Party Advisory ([email protected])
http://support.avaya.com/elmodocs2/security/ASA-2007-136.htm Third Party Advisory ([email protected])
http://www.mandriva.com/security/advisories?name=MDKSA-2007:048 Third Party Advisory ([email protected])
http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.010.html Third Party Advisory ([email protected])
http://www.php-security.org/MOPB/MOPB-11-2007.html Third Party Advisory ([email protected])
http://www.php.net/ChangeLog-5.php#5.2.1 Third Party Advisory ([email protected])
http://www.php.net/releases/5_2_1.php Third Party Advisory ([email protected])
http://www.redhat.com/support/errata/RHSA-2007-0076.html Third Party Advisory ([email protected])
http://www.redhat.com/support/errata/RHSA-2007-0081.html Third Party Advisory ([email protected])
http://www.redhat.com/support/errata/RHSA-2007-0082.html Third Party Advisory ([email protected])
http://www.redhat.com/support/errata/RHSA-2007-0088.html Third Party Advisory ([email protected])
http://www.securityfocus.com/archive/1/461462/100/0/threaded Third Party Advisory, VDB Entry ([email protected])
http://www.securityfocus.com/bid/22496 Patch, Third Party Advisory, VDB Entry ([email protected])
http://www.securityfocus.com/bid/22806 Third Party Advisory, VDB Entry ([email protected])
http://www.securitytracker.com/id?1017671 Third Party Advisory, VDB Entry ([email protected])
http://www.trustix.org/errata/2007/0009/ Broken Link ([email protected])
http://www.ubuntu.com/usn/usn-424-1 Third Party Advisory ([email protected])
http://www.ubuntu.com/usn/usn-424-2 Third Party Advisory ([email protected])
http://www.us.debian.org/security/2007/dsa-1264 Broken Link ([email protected])
http://www.vupen.com/english/advisories/2007/0546 Permissions Required, Third Party Advisory ([email protected])
https://exchange.xforce.ibmcloud.com/vulnerabilities/32493 Third Party Advisory, VDB Entry ([email protected])
https://issues.rpath.com/browse/RPL-1088 Broken Link ([email protected])
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11185 Third Party Advisory ([email protected])
ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://lists.suse.com/archive/suse-security-announce/2007-Mar/0003.html Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://osvdb.org/32766 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2007-0089.html Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/24089 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/24195 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/24217 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/24236 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/24248 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/24284 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/24295 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/24322 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/24419 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/24421 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/24432 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/24514 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/24606 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/24642 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://security.gentoo.org/glsa/glsa-200703-21.xml Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://securityreason.com/securityalert/2321 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://support.avaya.com/elmodocs2/security/ASA-2007-101.htm Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://support.avaya.com/elmodocs2/security/ASA-2007-136.htm Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.mandriva.com/security/advisories?name=MDKSA-2007:048 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.010.html Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.php-security.org/MOPB/MOPB-11-2007.html Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.php.net/ChangeLog-5.php#5.2.1 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.php.net/releases/5_2_1.php Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.redhat.com/support/errata/RHSA-2007-0076.html Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.redhat.com/support/errata/RHSA-2007-0081.html Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.redhat.com/support/errata/RHSA-2007-0082.html Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.redhat.com/support/errata/RHSA-2007-0088.html Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/461462/100/0/threaded Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/22496 Patch, Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/22806 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id?1017671 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.trustix.org/errata/2007/0009/ Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://www.ubuntu.com/usn/usn-424-1 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.ubuntu.com/usn/usn-424-2 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.us.debian.org/security/2007/dsa-1264 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2007/0546 Permissions Required, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/32493 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
https://issues.rpath.com/browse/RPL-1088 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11185 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)