Back to search

ELSA-2007-0889 Moderate: Enterprise Linux php security update

Severity	CVSS	Published	Added	Modified
8	(AV:N/AC:L/Au:N/C:P/I:P/A:P)	May 08, 2007	December 20, 2011	April 11, 2019

Description

The money_format function in PHP 5 before 5.2.4, and PHP 4 before 4.4.8, permits multiple (1) %i and (2) %n tokens, which has unknown impact and attack vectors, possibly related to a format string vulnerability.

Scan For This Vulnerability

Use our top-rated tool to discover, prioritize, and remediate your vulnerabilities

Free InsightVM Trial

References

OVAL-OVAL10839
APPLE-APPLE-SA-2008-03-18
BID-23813
BID-23818
BID-24089
BID-24261
BID-24268
CVE-2007-2509
CVE-2007-2756
CVE-2007-2872
CVE-2007-3799
CVE-2007-3996
CVE-2007-3998
CVE-2007-4658
DEBIAN-DSA-1295
DEBIAN-DSA-1296
DEBIAN-DSA-1444
DEBIAN-DSA-1578
DEBIAN-DSA-1613
OVAL-OVAL10363
OVAL-OVAL10603
OVAL-OVAL10779
OVAL-OVAL11147
OVAL-OVAL9424
OVAL-OVAL9792
REDHAT-RHSA-2007:0348
REDHAT-RHSA-2007:0349
REDHAT-RHSA-2007:0355
REDHAT-RHSA-2007:0888
REDHAT-RHSA-2007:0889
REDHAT-RHSA-2007:0890
REDHAT-RHSA-2007:0891
REDHAT-RHSA-2008:0146
SUSE-SUSE-SA:2007:044
SUSE-SUSE-SA:2008:004
URL: http://oss.oracle.com/pipermail/el-errata/2007-September/000339.html
XF-34413
XF-34420
XF-36377
XF-36382
XF-36383
XF-39398

Solution

oracle-linux-upgrade-php

Related Vulnerabilities

ELSA-2008-0146 Moderate: Enterprise Linux gd security update
CESA-2007:0890: php security update
SUSE Linux Security Advisory: SUSE-SR:2007:013
PHP Fixed an integer overflow inside chunk_split()
CESA-2007:0889: php security update
Gentoo Linux: CVE-2007-4658: PHP: Multiple vulnerabilities
Gentoo Linux: CVE-2007-3998: PHP: Multiple vulnerabilities
PHP Vulnerability: CVE-2007-2509
ELSA-2007-0349 Important: Enterprise Linux php security update
Amazon Linux AMI: Security patch for libwmf (ALAS-2015-604) (multiple CVEs)
RHSA-2007:0355: php security update
PHP Multiple Vulnerabilities Fixed in version 5.2.4
PHP Multiple Vulnerabilities Fixed in version 5.2.2
CESA-2007:0348: php security update
SUSE Linux Security Vulnerability: CVE-2007-3998
Gentoo Linux: CVE-2007-2509: PHP: Multiple vulnerabilities
USN-557-1: GD library vulnerability
ELSA-2009-0338 Moderate: Enterprise Linux php security update
SUSE Linux Security Advisory: SUSE-SA:2008:004
PHP Fixed an integer overflow inside chunk_split()
ELSA-2007-0890 Moderate: Enterprise Linux php security update
Gentoo Linux: CVE-2007-2756: PHP: Multiple vulnerabilities
RHSA-2007:0889: php security update
PHP Vulnerability: CVE-2007-2510
OS X security update 2008-002 for PHP (CVE-2007-3799)
Gentoo Linux: CVE-2007-2872: PHP: Multiple vulnerabilities
PHP Vulnerability: CVE-2007-1864
RHSA-2007:0917: php security update
Gentoo Linux: CVE-2007-3996: PHP: Multiple vulnerabilities
SUSE Linux Security Vulnerability: CVE-2007-2872
Gentoo Linux: CVE-2007-1864: PHP: Multiple vulnerabilities
RHSA-2007:0888: php security update
FreeBSD: php -- multiple vulnerabilities (Multiple CVEs)
SUSE Linux Security Vulnerability: CVE-2007-4658
PHP Fixed possible infinite loop in imagecreatefrompng
CESA-2007:0888: php security update
SUSE Linux Security Vulnerability: CVE-2007-3996
USN-473-1: libgd2 vulnerabilities
FreeBSD: libwmf -- multiple vulnerabilities (Multiple CVEs)
SUSE Linux Security Vulnerability: CVE-2007-2756
CESA-2007:0349: php security update
PHP Vulnerability: CVE-2007-3996
Gentoo Linux: CVE-2007-2510: PHP: Multiple vulnerabilities
F5 Networks: K7859 (CVE-2007-2509): Multiple PHP vulnerabilities
RHSA-2007:0890: php security update
SUSE-SA:2008:004: php4, php5
RHSA-2007:0348: php security update
PHP Vulnerability: CVE-2007-4658
PHP Vulnerability: CVE-2007-2872
SUSE Linux Security Advisory: SUSE-SR:2007:015
CESA-2008:0146: RHSA-2008:0146
USN-462-1: PHP vulnerabilities
SUSE Linux Security Advisory: SUSE-SA:2007:044
RHSA-2008:0146: gd security update
ELSA-2007-0348 Important: Enterprise Linux php security update
F5 Networks: K13519 (CVE-2007-3799): Multiple PHP vulnerabilities
SUSE Linux Security Vulnerability: CVE-2007-1864
SUSE Linux Security Vulnerability: CVE-2007-3799
SUSE Linux Security Vulnerability: CVE-2007-2510
RHSA-2007:0891: php security update
USN-485-1: PHP vulnerabilities
USN-549-1: PHP vulnerabilities
USN-720-1: PHP vulnerabilities
RHSA-2007:0349: php security update
PHP Vulnerability: CVE-2007-3799
PHP Vulnerability: CVE-2007-3998
SUSE Linux Security Vulnerability: CVE-2007-2509

Vulnerability & Exploit Database

ELSA-2007-0889 Moderate: Enterprise Linux php security update

Description

Scan For This Vulnerability

References

Solution

Related Vulnerabilities

Legal

Resources & Help

Connect With Us

Stay in touch:

Quick Cookie Notification

Vulnerability & Exploit Database

ELSA-2007-0889 Moderate: Enterprise Linux php security update

Description

Scan For This Vulnerability

References

Solution

Related Vulnerabilities

Legal

Resources & Help

Connect With Us

Stay in touch: