Vulnerability Name:

CVE-2007-1864 (CCN-34411)

Assigned:2007-05-03
Published:2007-05-03
Updated:2019-05-22
Summary:Buffer overflow in the bundled libxmlrpc library in PHP before 4.4.7, and 5.x before 5.2.2, has unknown impact and remote attack vectors.
CVSS v3 Severity:5.6 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
5.5 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
5.1 Medium (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P)
3.8 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-119
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2007-1864

Source: SUSE
Type: Mailing List, Third Party Advisory
SUSE-SA:2007:044

Source: OSVDB
Type: Broken Link
34674

Source: CCN
Type: RHSA-2007-0348
Important: php security update

Source: CCN
Type: RHSA-2007-0349
Important: php security update

Source: CCN
Type: RHSA-2007-0355
Important: php security update

Source: CCN
Type: SA25123
PHP Multiple Vulnerabilities

Source: SECUNIA
Type: Permissions Required, Third Party Advisory
25187

Source: SECUNIA
Type: Permissions Required, Third Party Advisory
25191

Source: SECUNIA
Type: Permissions Required, Third Party Advisory
25255

Source: SECUNIA
Type: Permissions Required, Third Party Advisory
25445

Source: CCN
Type: SA25660
Avaya Products PHP Multiple Vulnerabilities

Source: SECUNIA
Type: Permissions Required, Third Party Advisory
25660

Source: SECUNIA
Type: Permissions Required, Third Party Advisory
25938

Source: SECUNIA
Type: Permissions Required, Third Party Advisory
25945

Source: SECUNIA
Type: Permissions Required, Third Party Advisory
26048

Source: SECUNIA
Type: Permissions Required, Third Party Advisory
26102

Source: SECUNIA
Type: Permissions Required, Third Party Advisory
27377

Source: GENTOO
Type: Third Party Advisory
GLSA-200705-19

Source: CCN
Type: SECTRACK ID: 1018024
PHP libxmlrpc Buffer Overflow May Let Remote Users Execute Arbitrary Code

Source: CCN
Type: ASA-2007-230
PHP security update (RHSA-2007-0355)

Source: CONFIRM
Type: Third Party Advisory
http://support.avaya.com/elmodocs2/security/ASA-2007-231.htm

Source: CCN
Type: ASA-2007-231
PHP security update (RHSA-2007-0349)

Source: CCN
Type: PHP 4.4.7 Release Announcement
Security Enhancements and Fixes in PHP 4.4.7

Source: CONFIRM
Type: Patch, Vendor Advisory
http://us2.php.net/releases/4_4_7.php

Source: CCN
Type: PHP 5.2.2 Release Announcement
Security Enhancements and Fixes in PHP 5.2.2

Source: CONFIRM
Type: Patch, Vendor Advisory
http://us2.php.net/releases/5_2_2.php

Source: DEBIAN
Type: Third Party Advisory
DSA-1330

Source: DEBIAN
Type: Third Party Advisory
DSA-1331

Source: DEBIAN
Type: DSA-1330
php5 -- several vulnerabilities

Source: DEBIAN
Type: DSA-1331
php4 -- several vulnerabilities

Source: CCN
Type: GLSA-200705-19
PHP: Multiple vulnerabilities

Source: MANDRIVA
Type: Third Party Advisory
MDKSA-2007:102

Source: MANDRIVA
Type: Third Party Advisory
MDKSA-2007:103

Source: CCN
Type: OSVDB ID: 34674
PHP libxmlrpc Unspecified Remote Overflow

Source: CCN
Type: PHP Web site
PHP: Hypertext Preprocessor

Source: REDHAT
Type: Third Party Advisory
RHSA-2007:0349

Source: REDHAT
Type: Third Party Advisory
RHSA-2007:0355

Source: BID
Type: Third Party Advisory, VDB Entry
23813

Source: CCN
Type: BID-23813
PHP Prior to 5.2.2/4.4.7 Multiple Remote Buffer Overflow Vulnerabilities

Source: SECTRACK
Type: Third Party Advisory, VDB Entry
1018024

Source: TRUSTIX
Type: Broken Link
2007-0017

Source: CCN
Type: USN-485-1
PHP vulnerabilities

Source: UBUNTU
Type: Third Party Advisory
USN-485-1

Source: VUPEN
Type: Permissions Required, Third Party Advisory
ADV-2007-2187

Source: XF
Type: UNKNOWN
php-libxmlrpc-bo(34411)

Source: CONFIRM
Type: Broken Link
https://issues.rpath.com/browse/RPL-1693

Source: OVAL
Type: Third Party Advisory
oval:org.mitre.oval:def:11257

Source: REDHAT
Type: Third Party Advisory
RHSA-2007:0348

Vulnerable Configuration:Configuration 1:
  • cpe:/a:php:php:*:*:*:*:*:*:*:* (Version < 4.4.7)
  • OR cpe:/a:php:php:*:*:*:*:*:*:*:* (Version >= 5.1.0 and <= 5.1.6)
  • OR cpe:/a:php:php:*:*:*:*:*:*:*:* (Version >= 5.2.0 and < 5.2.2)

    • Configuration 2:
  • cpe:/o:debian:debian_linux:3.1:*:*:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:4.0:*:*:*:*:*:*:*

    • Configuration 3:
  • cpe:/o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*
  • OR cpe:/o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*

    • Configuration 4:
  • cpe:/o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*

    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

    • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

    • Configuration RedHat 6:
  • cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

    • Configuration RedHat 7:
  • cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

    • Configuration RedHat 8:
  • cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:php:php:4.0.5:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.2.0:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.2.1:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.2.3:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.3.0:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.3.4:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.3.9:*:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.3.10:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.0.3:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.3.11:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.0.4:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.0.0:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.4.0:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.0.5:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.1.2:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.1.4:*:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.4.2:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.3.3:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.0.2:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.4.3:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.1.6:*:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.2.1:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.4.6:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.4.5:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.0:beta1:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.0.1:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.0.4:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.0.6:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.0.7:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.0:beta_4_patch1:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.0:beta1:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.0:beta2:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.0:beta3:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.0:beta4:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.1.0:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.3.2:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.3.5:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.3.6:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.3.7:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.3.8:*:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.4.1:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.4.4:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.0.0:beta1:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.0.0:beta2:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.0.0:beta3:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.0.0:beta4:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.0.0:rc1:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.0.0:rc2:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.0.0:rc3:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.0.1:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.1.0:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.1.3:*:*:*:*:*:*:*
  • OR cpe:/a:php:php:5.1.5:-:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.0:rc1:*:*:*:*:*:*
  • OR cpe:/a:php:php:4.0:rc2:*:*:*:*:*:*
  • AND
  • cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:3.1:*:*:*:*:*:*:*
  • OR cpe:/a:mandrakesoft:mandrake_multi_network_firewall:2.0:*:*:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu:6.06::lts:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2007:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2007::x86_64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0::x86_64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0::x86_64:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2007.1:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.0::x86-64:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:4.0:*:*:*:*:*:*:*
  • OR cpe:/a:avaya:communication_manager:3.1:*:*:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu:7.04:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2007.1::x86-64:*:*:*:*:*
  • OR cpe:/a:avaya:communication_manager:2.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4.5.z::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4.5.z::es:*:*:*:*:*
  • OR cpe:/a:avaya:communication_manager:4.0:*:*:*:*:*:*:*
  • OR cpe:/a:avaya:communication_manager:2.0.1:*:*:*:*:*:*:*
  • OR cpe:/h:avaya:converged_communications_server:2.0:*:*:*:*:*:*:*
  • OR cpe:/a:avaya:communication_manager:3.1.1:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20071864
    V
    		CVE-2007-1864
    2015-11-16
    oval:org.mitre.oval:def:18613
    P
    		DSA-1330-1 php5 - several vulnerabilities
    2014-06-23
    oval:org.mitre.oval:def:20488
    P
    		DSA-1331-1 php4 - several vulnerabilities
    2014-06-23
    oval:org.mitre.oval:def:21802
    P
    		ELSA-2007:0348: php security update (Important)
    2014-05-26
    oval:org.mitre.oval:def:11257
    V
    		Buffer overflow in the bundled libxmlrpc library in PHP before 4.4.7, and 5.x before 5.2.2, has unknown impact and remote attack vectors.
    2013-04-29
    oval:org.debian:def:1330
    V
    		several vulnerabilities
    2007-07-07
    oval:org.debian:def:1331
    V
    		several vulnerabilities
    2007-07-07
    oval:com.redhat.rhsa:def:20070349
    P
    		RHSA-2007:0349: php security update (Important)
    2007-05-09
    oval:com.redhat.rhsa:def:20070348
    P
    		RHSA-2007:0348: php security update (Important)
    2007-05-08
    BACK
    php php *
    php php *
    php php *
    debian debian linux 3.1
    debian debian linux 4.0
    canonical ubuntu linux 6.06
    canonical ubuntu linux 6.10
    canonical ubuntu linux 7.04
    redhat enterprise linux server 5.0
    redhat enterprise linux workstation 5.0
    php php 4.0.5
    php php 4.1.1
    php php 4.2.0
    php php 4.2.1
    php php 4.2.3
    php php 4.2.2
    php php 4.3.0
    php php 4.3.4
    php php 4.3.9
    php php 4.3.10
    php php 5.0.3
    php php 4.3.11
    php php 5.0.4
    php php 5.0.0
    php php 4.4.0
    php php 5.0.5
    php php 5.1.1
    php php 5.1.2
    php php 5.1.4
    php php 4.4.2
    php php 4.3.3
    php php 5.0.2
    php php 4.4.3
    php php 5.1.6
    php php 5.2.0
    php php 5.2.1
    php php 4.4.6
    php php 4.4.5
    php php 4.0 beta1
    php php 4.0.1
    php php 4.0.2
    php php 4.0.3
    php php 4.0.4
    php php 4.0.6
    php php 4.0.7
    php php 4.0 beta_4_patch1
    php php 4.0 beta1
    php php 4.0 beta2
    php php 4.0 beta3
    php php 4.0 beta4
    php php 4.1.0
    php php 4.1.2
    php php 4.3.1
    php php 4.3.2
    php php 4.3.5
    php php 4.3.6
    php php 4.3.7
    php php 4.3.8
    php php 4.4.1
    php php 4.4.4
    php php 5.0.0 beta1
    php php 5.0.0 beta2
    php php 5.0.0 beta3
    php php 5.0.0 beta4
    php php 5.0.0 rc1
    php php 5.0.0 rc2
    php php 5.0.0 rc3
    php php 5.0.1
    php php 5.1.0
    php php 5.1.3
    php php 5.1.5
    php php 4.0 rc1
    php php 4.0 rc2
    gentoo linux *
    mandrakesoft mandrake linux corporate server 3.0
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    debian debian linux 3.1
    mandrakesoft mandrake multi network firewall 2.0
    canonical ubuntu 6.06
    mandrakesoft mandrake linux 2007
    mandrakesoft mandrake linux 2007
    mandrakesoft mandrake linux corporate server 4.0
    mandrakesoft mandrake linux corporate server 4.0
    mandrakesoft mandrake linux corporate server 3.0
    redhat enterprise linux 5
    redhat enterprise linux 5
    mandrakesoft mandrake linux 2007.1
    mandrakesoft mandrake linux 2008.0
    debian debian linux 4.0
    avaya communication manager 3.1
    canonical ubuntu 7.04
    mandrakesoft mandrake linux 2007.1
    avaya communication manager 2.0
    redhat enterprise linux 4.5.z
    redhat enterprise linux 4.5.z
    avaya communication manager 4.0
    avaya communication manager 2.0.1
    avaya converged communications server 2.0
    avaya communication manager 3.1.1