CVE-2007-2748
PHP < 5.2.1 - Information Disclosure via substr_count Function
Title source: llmDescription
The substr_count function in PHP 5.2.1 and earlier allows context-dependent attackers to obtain sensitive information via unspecified vectors, a different affected function than CVE-2007-1375.
References (7)
Core 7
Core References
Broken Link vdb-entry
x_refsource_osvdb
http://osvdb.org/34730
Third Party Advisory mailing-list
x_refsource_vim
http://www.attrition.org/pipermail/vim/2007-May/001621.html
Third Party Advisory x_refsource_confirm
http://us2.php.net/releases/5_2_2.php
Third Party Advisory vendor-advisory
x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDKSA-2007:187
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/24012
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/26895
Third Party Advisory vendor-advisory
x_refsource_suse
http://www.novell.com/linux/security/advisories/2007_15_sr.html
Scores
EPSS
0.0056
EPSS Percentile
68.4%
Details
CWE
CWE-200
Status
published
Products (1)
php/php
< 5.2.1
Published
May 17, 2007
Tracked Since
Feb 18, 2026