CVE-2008-2050

Published May 5, 2008

Last updated 2 years ago

Overview

Description: Stack-based buffer overflow in the FastCGI SAPI (fastcgi.c) in PHP before 5.2.6 has unknown impact and attack vectors.
Source: secalert@redhat.com
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 10
Impact score: 10
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-119

Vendor comments

Red HatThis issue does not affect the version of PHP shipped in Red Hat Enterprise Linux 2.1, 3, or 4. We do not consider this issue to be a security flaw for Red Hat Enterprise Linux 5 since no trust boundary is crossed. More information can be found here: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-2050

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "18255FF5-3F40-483F-85DC-21D9B6B4FE07",
            "versionEndIncluding": "5.2.5"
          },
          {
            "criteria": "cpe:2.3:a:php:php:5.0.0:beta1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E727CECE-E452-489A-A42F-5A069D6AF80E"
          },
          {
            "criteria": "cpe:2.3:a:php:php:5.0.0:beta2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "149A1FB8-593E-412B-8E1C-3E560301D500"
          },
          {
            "criteria": "cpe:2.3:a:php:php:5.0.0:beta3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5D6E8982-D7AE-4A52-8F7C-A4D59D2A2CA4"
          },
          {
            "criteria": "cpe:2.3:a:php:php:5.0.0:beta4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8FC144FA-8F84-44C0-B263-B639FEAD20FB"
          },
          {
            "criteria": "cpe:2.3:a:php:php:5.0.0:rc1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "295907B4-C3DE-4021-BE3B-A8826D4379E6"
          },
          {
            "criteria": "cpe:2.3:a:php:php:5.0.0:rc2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DBC98F82-6E1D-4A89-8ED4-ECD9BD954EB4"
          },
          {
            "criteria": "cpe:2.3:a:php:php:5.0.0:rc3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B881352D-954E-4FC0-9E42-93D02A3F3089"
          },
          {
            "criteria": "cpe:2.3:a:php:php:5.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "17437AED-816A-4CCF-96DE-8C3D0CC8DB2B"
          },
          {
            "criteria": "cpe:2.3:a:php:php:5.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "74E7AE59-1CB0-4300-BBE0-109F909789EF"
          },
          {
            "criteria": "cpe:2.3:a:php:php:5.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9222821E-370F-4616-B787-CC22C2F4E7CD"
          },
          {
            "criteria": "cpe:2.3:a:php:php:5.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9809449F-9A76-4318-B233-B4C2950A6EA9"
          },
          {
            "criteria": "cpe:2.3:a:php:php:5.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0AA962D4-A4EC-4DC3-B8A9-D10941B92781"
          },
          {
            "criteria": "cpe:2.3:a:php:php:5.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F8CDFEF9-C367-4800-8A2F-375C261FAE55"
          },
          {
            "criteria": "cpe:2.3:a:php:php:5.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "16E43B88-1563-4EFD-9267-AE3E8C35D67A"
          },
          {
            "criteria": "cpe:2.3:a:php:php:5.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "11E5715F-A8BC-49EF-836B-BB78E1BC0790"
          },
          {
            "criteria": "cpe:2.3:a:php:php:5.1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5FA68843-158E-463E-B68A-1ACF041C4E10"
          },
          {
            "criteria": "cpe:2.3:a:php:php:5.1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1874F637-77E2-4C4A-BF92-AEE96A60BFB0"
          },
          {
            "criteria": "cpe:2.3:a:php:php:5.1.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9592B32E-55CD-42D0-901E-8319823BC820"
          },
          {
            "criteria": "cpe:2.3:a:php:php:5.1.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A9BF34B5-F74C-4D56-9841-42452D60CB87"
          },
          {
            "criteria": "cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CD02D837-FD28-4E0F-93F8-25E8D1C84A99"
          },
          {
            "criteria": "cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "88358D1E-BE6F-4CE3-A522-83D1FA4739E3"
          },
          {
            "criteria": "cpe:2.3:a:php:php:5.2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D8B97B03-7DA7-4A5F-89B4-E78CAB20DE17"
          },
          {
            "criteria": "cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "86767200-6C9C-4C3E-B111-0E5BE61E197B"
          },
          {
            "criteria": "cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B00B416D-FF23-4C76-8751-26D305F0FA0F"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Vendor comments

Configurations

References