Oval Definition:oval:org.opensuse.security:def:20071454
Revision Date:2012-07-03Version:1
Title:CVE-2007-1454
Description:

ext/filter in PHP 5.2.0, when FILTER_SANITIZE_STRING is used with the FILTER_FLAG_STRIP_LOW flag, does not properly strip HTML tags, which allows remote attackers to conduct cross-site scripting (XSS) attacks via HTML with a '<' character followed by certain whitespace characters, which passes one filter but is collapsed into a valid tag, as demonstrated using %0b.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2007-1454
Platform(s):openSUSE 10.2
Product(s):
Definition Synopsis
  • suse102 is installed
  • AND Package Information
  • apache2-mod_php5 less than 5.2.0-14
  • OR php5-bcmath less than 5.2.0-14
  • OR php5-bz2 less than 5.2.0-14
  • OR php5-calendar less than 5.2.0-14
  • OR php5-ctype less than 5.2.0-14
  • OR php5-curl less than 5.2.0-14
  • OR php5-dba less than 5.2.0-14
  • OR php5-dbase less than 5.2.0-14
  • OR php5-devel less than 5.2.0-14
  • OR php5-dom less than 5.2.0-14
  • OR php5-exif less than 5.2.0-14
  • OR php5-fastcgi less than 5.2.0-14
  • OR php5-ftp less than 5.2.0-14
  • OR php5-gd less than 5.2.0-14
  • OR php5-gettext less than 5.2.0-14
  • OR php5-gmp less than 5.2.0-14
  • OR php5-hash less than 5.2.0-14
  • OR php5-iconv less than 5.2.0-14
  • OR php5-imap less than 5.2.0-14
  • OR php5-json less than 5.2.0-14
  • OR php5-ldap less than 5.2.0-14
  • OR php5-mbstring less than 5.2.0-14
  • OR php5-mcrypt less than 5.2.0-14
  • OR php5-mhash less than 5.2.0-14
  • OR php5-mysql less than 5.2.0-14
  • OR php5-ncurses less than 5.2.0-14
  • OR php5-odbc less than 5.2.0-14
  • OR php5-openssl less than 5.2.0-14
  • OR php5-pcntl less than 5.2.0-14
  • OR php5-pdo less than 5.2.0-14
  • OR php5-pear less than 5.2.0-14
  • OR php5-pgsql less than 5.2.0-14
  • OR php5-posix less than 5.2.0-14
  • OR php5-pspell less than 5.2.0-14
  • OR php5-shmop less than 5.2.0-14
  • OR php5-snmp less than 5.2.0-14
  • OR php5-soap less than 5.2.0-14
  • OR php5-sockets less than 5.2.0-14
  • OR php5-sqlite less than 5.2.0-14
  • OR php5-suhosin less than 5.2.0-14
  • OR php5-sysvmsg less than 5.2.0-14
  • OR php5-sysvsem less than 5.2.0-14
  • OR php5-sysvshm less than 5.2.0-14
  • OR php5-tidy less than 5.2.0-14
  • OR php5-tokenizer less than 5.2.0-14
  • OR php5-wddx less than 5.2.0-14
  • OR php5-xmlreader less than 5.2.0-14
  • OR php5-xmlrpc less than 5.2.0-14
  • OR php5-xmlwriter less than 5.2.0-14
  • OR php5-xsl less than 5.2.0-14
  • OR php5-zip less than 5.2.0-14
  • OR php5-zlib less than 5.2.0-14
    • BACK