CVE-2007-2511
PHP < 5.2.2 - Buffer Overflow in user_filter_factory_create
Title source: llmDescription
Buffer overflow in the user_filter_factory_create function in PHP before 5.2.2 has unknown impact and local attack vectors.
References (13)
Core 13
Core References
Various Sources x_refsource_confirm
http://viewcvs.php.net/viewvc.cgi/php-src/ext/standard/user_filters.c?r1=1.31.2.4.2.5&r2=1.31.2.4.2.6
Vendor Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/usn-462-1
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/34676
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/25191
Vendor Advisory vendor-advisory
x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDKSA-2007:102
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/26048
Third Party Advisory vendor-advisory
x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-200705-19.xml
Vendor Advisory vendor-advisory
x_refsource_trustix
http://www.trustix.org/errata/2007/0017/
Release Notes x_refsource_confirm
http://us2.php.net/releases/5_2_2.php
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/25255
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/25445
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/25372
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2007-07/msg00006.html
Scores
EPSS
0.0009
EPSS Percentile
24.9%
Details
Status
published
Products (36)
php/php
4.0.0
php/php
4.0.1 (3 CPE variants)
php/php
4.0.2
php/php
4.0.3 (2 CPE variants)
php/php
4.0.4 (2 CPE variants)
php/php
4.0.5
php/php
4.0.6
php/php
4.0.7 (4 CPE variants)
php/php
4.1.0
php/php
4.1.1
... and 26 more
Published
May 09, 2007
Tracked Since
Feb 18, 2026