PT-2007-3068 · Php+1 · Php+1

Published

2007-02-19

Updated

2019-10-09

CVE-2007-1701

CVSS v2.0

6.8

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions: PHP versions prior to 4.4.5 PHP versions prior to 5.2.1

Description: The issue allows context-dependent attackers to execute arbitrary code via deserialization of session data. This occurs when register globals is enabled, and it can overwrite arbitrary global variables. An example of exploitation is by calling session decode() on a string beginning with " SESSION|s:39:".

Recommendations: For PHP versions prior to 4.4.5, update to version 4.4.5 or later to resolve the issue. For PHP versions prior to 5.2.1, update to version 5.2.1 or later to resolve the issue. As a temporary workaround, consider disabling the register globals setting until a patch is available.

Exploit

Fix

Deserialization of Untrusted Data

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-502

Related Identifiers

CVE-2007-1701

RHSA-2007:0076

RHSA-2007:0081

RHSA-2007:0082

RHSA-2007:0088

RHSA-2007:0089

RHSA-2007_0076

RHSA-2007_0082

Affected Products

Php

Red Hat

PT-2007-3068 · Php+1 · Php+1

CVE-2007-1701

Weakness Enumeration

Related Identifiers

Affected Products

References · 32