CVE-2007-2728 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2007-2728
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-2728

Description: The soap extension in PHP calls php_rand_r with an uninitialized seed variable, which has unknown impact and attack vectors, a related issue to the mcrypt_create_iv issue covered by CVE-2007-2727.

CVE Status: Candidate

References: UBUNTU http://www.ubuntu.com/usn/usn-485-1 SUSE http://www.novell.com/linux/security/advisories/2007_15_sr.html SAID Secunia Advisory: SA25306 Secunia Advisory: SA26102 Secunia Advisory: SA26895 MISC http://blog.php-security.org/archives/80-Watching-the-PHP-CVS.html MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2007:187

Return to the previous page.