CVE-2007-0988

{"id": "CVE-2007-0988", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2007-02-20T17:28:00.000", "references": [{"url": "ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc", "tags": ["Broken Link"], "source": "cve@mitre.org"}, {"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=228858", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506", "tags": ["Broken Link"], "source": "cve@mitre.org"}, {"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137", "tags": ["Broken Link"], "source": "cve@mitre.org"}, {"url": "http://osvdb.org/32762", "tags": ["Broken Link"], "source": "cve@mitre.org"}, {"url": "http://rhn.redhat.com/errata/RHSA-2007-0089.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/24195", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/24217", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/24236", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/24248", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/24284", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/24295", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/24322", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/24419", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/24421", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/24432", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/24606", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/24642", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/25056", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/25423", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/25850", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://security.gentoo.org/glsa/glsa-200703-21.xml", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://securityreason.com/securityalert/2315", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-101.htm", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-136.htm", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:048", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.novell.com/linux/security/advisories/2007_32_php.html", "tags": ["Broken Link"], "source": "cve@mitre.org"}, {"url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.010.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.php-security.org/MOPB/MOPB-05-2007.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.php.net/releases/5_2_1.php", "tags": ["Patch", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.redhat.com/support/errata/RHSA-2007-0076.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.redhat.com/support/errata/RHSA-2007-0081.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.redhat.com/support/errata/RHSA-2007-0082.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.redhat.com/support/errata/RHSA-2007-0088.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/461462/100/0/threaded", "tags": ["Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id?1017671", "tags": ["Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "http://www.trustix.org/errata/2007/0009/", "tags": ["Broken Link"], "source": "cve@mitre.org"}, {"url": "http://www.ubuntu.com/usn/usn-424-1", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.ubuntu.com/usn/usn-424-2", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.us.debian.org/security/2007/dsa-1264", "tags": ["Broken Link"], "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2007/1991", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2007/2374", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32709", "tags": ["Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "https://issues.rpath.com/browse/RPL-1088", "tags": ["Broken Link"], "source": "cve@mitre.org"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11092", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "The zend_hash_init function in PHP 5 before 5.2.1 and PHP 4 before 4.4.5, when running on a 64-bit platform, allows context-dependent attackers to cause a denial of service (infinite loop) by unserializing certain integer expressions, which only cause 32-bit arguments to be used after the check for a negative value, as demonstrated by an \"a:2147483649:{\" argument."}, {"lang": "es", "value": "La funci\u00f3n zend_hash_init en PHP versi\u00f3n 5 anterior a 5.2.1 y PHP versi\u00f3n 4 anterior a 4.4.5, cuando se ejecuta en una plataforma de 64 bits, permite a los atacantes dependiendo del contexto causar una denegaci\u00f3n de servicio (bucle infinito) al deserializar ciertas expresiones de enteros, que solo causa que argumentos de 32 bits sean usados despu\u00e9s de la comprobaci\u00f3n de un valor negativo, como es demostrado por un argumento \"a:2147483649:{\"."}], "lastModified": "2019-10-09T22:52:17.180", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FCAA3859-EAB8-4F6E-84FE-4DBBF9B1A251", "versionEndExcluding": "4.4.5", "versionStartIncluding": "4.0.0"}, {"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E8CF9623-B049-425F-ADC0-3E7E94E2F7A3", "versionEndExcluding": "5.2.1", "versionStartIncluding": "5.0.0"}, {"criteria": "cpe:2.3:a:php:php:4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EDBEC461-D553-41B7-8D85-20B6A933C21C"}, {"criteria": "cpe:2.3:a:php:php:4.0:beta_4_patch1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AEEF2298-98E8-409F-9205-84817CEF947B"}, {"criteria": "cpe:2.3:a:php:php:4.0:beta1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6AFC00BA-D64D-4407-AC69-FDD9FF013943"}, {"criteria": "cpe:2.3:a:php:php:4.0:beta2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D80F2A8B-B57F-4970-867A-55E8187C1502"}, {"criteria": "cpe:2.3:a:php:php:4.0:beta3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EF4E0EFE-4FF6-4E8F-8EC5-68B059FC0C42"}, {"criteria": "cpe:2.3:a:php:php:4.0:beta4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "49965B80-DC27-4864-BDF0-CBBFF16BFD80"}, {"criteria": "cpe:2.3:a:php:php:4.0:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8212495A-0F2A-4787-93F2-F6618F9A777B"}, {"criteria": "cpe:2.3:a:php:php:4.0:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C6F0F8FC-C57A-4AEA-A59F-41140347318A"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:5.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0FA3A32E-445A-4D39-A8D5-75F5370AD23D"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "vulnerable": true, "matchCriteriaId": "5C18C3CD-969B-4AA3-AE3A-BA4A188F8BFF"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "23E304C9-F780-4358-A58D-1E4C93977704"}], "operator": "OR"}]}], "evaluatorComment": "Availability also affected by time out alarm for the script, which helps prevent infinite loops.", "sourceIdentifier": "cve@mitre.org"}