CVE-2007-1396

PHP 4.0.7-4.4.6 and 5.x < 5.2.2 - Superglobal Overwrite via import_request_variables

Title source: llm
STIX 2.1

Description

The import_request_variables function in PHP 4.0.7 through 4.4.6, and 5.x before 5.2.2, when called without a prefix, does not prevent the (1) GET, (2) POST, (3) COOKIE, (4) FILES, (5) SERVER, (6) SESSION, and other superglobals from being overwritten, which allows remote attackers to spoof source IP address and Referer data, and have other unspecified impact. NOTE: it could be argued that this is a design limitation of PHP and that only the misuse of this feature, i.e. implementation bugs in applications, should be included in CVE. However, it has been fixed by the vendor.

References (10)

Core 10
Core References
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/462263/100/0/threaded
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/462800/100/0/threaded
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/26048
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/22886
Release Notes x_refsource_confirm
http://us2.php.net/releases/4_4_7.php
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/2406
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/462457/100/0/threaded
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/462658/100/0/threaded
Release Notes x_refsource_confirm
http://us2.php.net/releases/5_2_2.php

Scores

EPSS 0.0196
EPSS Percentile 83.7%

Details

Status published
Products (42)
php/php 4.0.7
php/php 4.1.0
php/php 4.1.1
php/php 4.1.2
php/php 4.2.0
php/php 4.2.1
php/php 4.2.2
php/php 4.2.3
php/php 4.3.0
php/php 4.3.1
... and 32 more
Published Mar 10, 2007
Tracked Since Feb 18, 2026