Rapid7 Vulnerability & Exploit Database

PHP Vulnerability: CVE-2007-3806

Back to Search

PHP Vulnerability: CVE-2007-3806

Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
07/16/2007
Created
07/25/2018
Added
10/01/2012
Modified
07/21/2021

Description

The glob function in PHP 5.2.3 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via an invalid value of the flags parameter, probably related to memory corruption or an invalid read on win32 platforms, and possibly related to lack of initialization for a glob structure.

Solution(s)

  • php-upgrade-5_2_4

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;