CVE-2007-1864

PHP < 4.4.7 and 5.x < 5.2.2 - Buffer Overflow in Bundled libxmlrpc Library

Title source: llm
STIX 2.1

Description

Buffer overflow in the bundled libxmlrpc library in PHP before 4.4.7, and 5.x before 5.2.2, has unknown impact and remote attack vectors.

References (30)

Core 30
Core References
Permissions Required, Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2007/2187
Third Party Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2007-0355.html
Permissions Required, Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/25660
Third Party Advisory vendor-advisory x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDKSA-2007:103
Permissions Required, Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/25187
Permissions Required, Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/25191
Third Party Advisory vendor-advisory x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDKSA-2007:102
Permissions Required, Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/26048
Third Party Advisory vendor-advisory x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-200705-19.xml
Broken Link vendor-advisory x_refsource_trustix
http://www.trustix.org/errata/2007/0017/
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/23813
Patch, Vendor Advisory x_refsource_confirm
http://us2.php.net/releases/4_4_7.php
Third Party Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2007-0349.html
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2007/dsa-1331
Broken Link x_refsource_confirm
https://issues.rpath.com/browse/RPL-1693
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2007/dsa-1330
Patch, Vendor Advisory x_refsource_confirm
http://us2.php.net/releases/5_2_2.php
Third Party Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/usn-485-1
Permissions Required, Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/27377
Permissions Required, Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/25945
Permissions Required, Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/25255
Permissions Required, Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/26102
Permissions Required, Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/25445
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1018024
Third Party Advisory x_refsource_confirm
http://support.avaya.com/elmodocs2/security/ASA-2007-231.htm
Broken Link vdb-entry x_refsource_osvdb
http://osvdb.org/34674
Third Party Advisory vendor-advisory x_refsource_redhat
https://rhn.redhat.com/errata/RHSA-2007-0348.html
Permissions Required, Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/25938
Mailing List, Third Party Advisory vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2007-07/msg00006.html

Scores

EPSS 0.0775
EPSS Percentile 92.0%

Details

CWE
CWE-119
Status published
Products (8)
canonical/ubuntu_linux 6.06
canonical/ubuntu_linux 6.10
canonical/ubuntu_linux 7.04
debian/debian_linux 3.1
debian/debian_linux 4.0
php/php < 4.4.7
redhat/enterprise_linux_server 5.0
redhat/enterprise_linux_workstation 5.0
Published May 09, 2007
Tracked Since Feb 18, 2026