CVE Reference: CVE-2007-2510

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2007-2510

Description:
Buffer overflow in the make_http_soap_request function in PHP before 5.2.2 has unknown impact and remote attack vectors, possibly related to "/" (slash) characters.

CVE Status:
Candidate

References:

UBUNTU
  http://www.ubuntu.com/usn/usn-462-1

TRUSTIX
  http://www.trustix.org/errata/2007/0017/

SUSE
  http://lists.opensuse.org/opensuse-security-announce/2007-07/msg00006.html

ST
  1018023

SAID
  Secunia Advisory: SA25187
  Secunia Advisory: SA25191
  Secunia Advisory: SA25318
  Secunia Advisory: SA25255
  Secunia Advisory: SA25372
  Secunia Advisory: SA25445
  Secunia Advisory: SA26048

REDHAT
  http://www.redhat.com/support/errata/RHSA-2007-0355.html

OVAL
  http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10715

OSVDB
  34675

MANDRIVA
  http://www.mandriva.com/security/advisories?name=MDKSA-2007:102

GENTOO
  http://security.gentoo.org/glsa/glsa-200705-19.xml

DEBIAN
  http://www.debian.org/security/2007/dsa-1295

CONFIRM
  http://viewcvs.php.net/viewvc.cgi/php-src/ext/soap/php_http.c?r1=1.77.2.11.2.5&r2=1.77.2.11.2.6
  http://us2.php.net/releases/5_2_2.php

BID
  23813
  24034


Return to the previous page.