CVE-2007-1582

First published: Wed Mar 21 2007(Updated: )

The resource system in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows context-dependent attackers to execute arbitrary code by interrupting certain functions in the GD (ext/gd) extension and unspecified other extensions via a userspace error handler, which can be used to destroy and modify internal resources.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
PHP PHP	=4.3.9
PHP PHP	=4.0-beta1
PHP PHP	=5.1.5
PHP PHP	=5.1.2
PHP PHP	=4.0-beta4
PHP PHP	=4.2.0
PHP PHP	=5.1.1
PHP PHP	=4.4.4
PHP PHP	=5.0.0-beta1
PHP PHP	=4.1.0
PHP PHP	=5.1.6
PHP PHP	=4.3.4
PHP PHP	=4.0.4
PHP PHP	=4.3.0
PHP PHP	=4.0.5
PHP PHP	=5.0-rc1
PHP PHP	=5.0.5
PHP PHP	=4.3.6
PHP PHP	=5.0.1
PHP PHP	=5.1.4
PHP PHP	=4.0.7-rc2
PHP PHP	=4.3.7
PHP PHP	=5.0.4
PHP PHP	=4.0.7-rc1
PHP PHP	=4.2.2
PHP PHP	=4.4.2
PHP PHP	=4.0-rc1
PHP PHP	=4.3.2
PHP PHP	=4.3.11
PHP PHP	=4.0.0
PHP PHP	=4.0.3-patch1
PHP PHP	=4.0.7
PHP PHP	=4.0.2
PHP PHP	=4.3.3
PHP PHP	=5.0-rc3
PHP PHP	=4.1.1
PHP PHP	=4.4.3
PHP PHP	=5.0.0-rc2
PHP PHP	=5.0.3
PHP PHP	=4.2.3
PHP PHP	=5.1.0
PHP PHP	=4.4.5
PHP PHP	=4.0.1-patch1
PHP PHP	=5.0.0-rc3
PHP PHP	=4.0
PHP PHP	=4.0-beta2
PHP PHP	=4.0.1-patch2
PHP PHP	=4.0.6
PHP PHP	=5.2.0
PHP PHP	=5.0-rc2
PHP PHP	=4.1.2
PHP PHP	=5.0.0-beta3
PHP PHP	=4.0.7-rc3
PHP PHP	=4.0-rc2
PHP PHP	=4.3.1
PHP PHP	=5.1.3
PHP PHP	=4.0-beta_4_patch1
PHP PHP	=4.4.0
PHP PHP	=4.3.10
PHP PHP	=4.2.1
PHP PHP	=5.0.0-rc1
PHP PHP	=4.0.4-patch1
PHP PHP	=4.0.1
PHP PHP	=5.0.2
PHP PHP	=4.4.6
PHP PHP	=4.2
PHP PHP	=4.4.1
PHP PHP	=4.0-beta3
PHP PHP	=5.2.1
PHP PHP	=4.0.3
PHP PHP	=5.0.0-beta4
PHP PHP	=5.0.0
PHP PHP	=4.3.8
PHP PHP	=4.3.5
PHP PHP	=5.0.0-beta2

Never miss a vulnerability like this again

Reference Links

collector/nvd-historical
collector/nvd-index
agent/references
agent/severity
agent/weakness
agent/author
agent/tags
agent/type
agent/event
agent/description
agent/last-modified-date
agent/first-publish-date
agent/softwarecombine
collector/mitre-cve
source/MITRE
vendor/php
canonical/php php
version/php php/4.3.9
version/php php/4.0-beta1
version/php php/5.1.5
version/php php/5.1.2
version/php php/4.0-beta4
version/php php/4.2.0
version/php php/5.1.1
version/php php/4.4.4
version/php php/5.0.0-beta1
version/php php/4.1.0
version/php php/5.1.6
version/php php/4.3.4
version/php php/4.0.4
version/php php/4.3.0
version/php php/4.0.5
version/php php/5.0-rc1
version/php php/5.0.5
version/php php/4.3.6
version/php php/5.0.1
version/php php/5.1.4
version/php php/4.0.7-rc2
version/php php/4.3.7
version/php php/5.0.4
version/php php/4.0.7-rc1
version/php php/4.2.2
version/php php/4.4.2
version/php php/4.0-rc1
version/php php/4.3.2
version/php php/4.3.11
version/php php/4.0.0
version/php php/4.0.3-patch1
version/php php/4.0.7
version/php php/4.0.2
version/php php/4.3.3
version/php php/5.0-rc3
version/php php/4.1.1
version/php php/4.4.3
version/php php/5.0.0-rc2
version/php php/5.0.3
version/php php/4.2.3
version/php php/5.1.0
version/php php/4.4.5
version/php php/4.0.1-patch1
version/php php/5.0.0-rc3
version/php php/4.0
version/php php/4.0-beta2
version/php php/4.0.1-patch2
version/php php/4.0.6
version/php php/5.2.0
version/php php/5.0-rc2
version/php php/4.1.2
version/php php/5.0.0-beta3
version/php php/4.0.7-rc3
version/php php/4.0-rc2
version/php php/4.3.1
version/php php/5.1.3
version/php php/4.0-beta_4_patch1
version/php php/4.4.0
version/php php/4.3.10
version/php php/4.2.1
version/php php/5.0.0-rc1
version/php php/4.0.4-patch1
version/php php/4.0.1
version/php php/5.0.2
version/php php/4.4.6
version/php php/4.2
version/php php/4.4.1
version/php php/4.0-beta3
version/php php/5.2.1
version/php php/4.0.3
version/php php/5.0.0-beta4
version/php php/5.0.0
version/php php/4.3.8
version/php php/4.3.5
version/php php/5.0.0-beta2

CVE-2007-1582

Never miss a vulnerability like this again

Reference Links

Company

Resources

Contact