CVE-2007-1452
Published Mar 14, 2007
Last updated 16 years ago
Overview
- Description
- The FDF support (ext/fdf) in PHP 5.2.0 and earlier does not implement the input filtering hooks for ext/filter, which allows remote attackers to bypass web site filters via an application/vnd.fdf formatted POST.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Vendor comments
- Red HatNot vulnerable. The filter extension was not shipped in versions of PHP provided for Red Hat Enterprise Linux 2.1, 3, 4, 5, Stronghold 4.0, or Red Hat Application Stack 1.
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:5.0:rc1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0F9D7662-A5B6-41D0-B6A1-E5ABC5ABA47F"
},
{
"criteria": "cpe:2.3:a:php:php:5.0:rc2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E3797AB5-9E49-4251-A212-B6E5D9996764"
},
{
"criteria": "cpe:2.3:a:php:php:5.0:rc3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D61D9CE9-F7A3-4F52-9D4E-B2473804ECB7"
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7007E77F-60EF-44D8-9676-15B59DF1325F"
},
{
"criteria": "cpe:2.3:a:php:php:5.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "17437AED-816A-4CCF-96DE-8C3D0CC8DB2B"
},
{
"criteria": "cpe:2.3:a:php:php:5.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "74E7AE59-1CB0-4300-BBE0-109F909789EF"
},
{
"criteria": "cpe:2.3:a:php:php:5.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9222821E-370F-4616-B787-CC22C2F4E7CD"
},
{
"criteria": "cpe:2.3:a:php:php:5.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9809449F-9A76-4318-B233-B4C2950A6EA9"
},
{
"criteria": "cpe:2.3:a:php:php:5.0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0AA962D4-A4EC-4DC3-B8A9-D10941B92781"
},
{
"criteria": "cpe:2.3:a:php:php:5.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F8CDFEF9-C367-4800-8A2F-375C261FAE55"
},
{
"criteria": "cpe:2.3:a:php:php:5.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "16E43B88-1563-4EFD-9267-AE3E8C35D67A"
},
{
"criteria": "cpe:2.3:a:php:php:5.1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "11E5715F-A8BC-49EF-836B-BB78E1BC0790"
},
{
"criteria": "cpe:2.3:a:php:php:5.1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5FA68843-158E-463E-B68A-1ACF041C4E10"
},
{
"criteria": "cpe:2.3:a:php:php:5.1.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1874F637-77E2-4C4A-BF92-AEE96A60BFB0"
},
{
"criteria": "cpe:2.3:a:php:php:5.1.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9592B32E-55CD-42D0-901E-8319823BC820"
},
{
"criteria": "cpe:2.3:a:php:php:5.1.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A9BF34B5-F74C-4D56-9841-42452D60CB87"
},
{
"criteria": "cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CD02D837-FD28-4E0F-93F8-25E8D1C84A99"
}
],
"operator": "OR"
}
]
}
]