CVE-2007-0907

Upstream information

CVE-2007-0907 at MITRE

Description

Buffer underflow in PHP before 5.2.1 allows attackers to cause a denial of service via unspecified vectors involving the sapi_header_op function.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having moderate severity.

CVSS v2 Scores
	National Vulnerability Database
Base Score	5
Vector	AV:N/AC:L/Au:N/C:N/I:N/A:P
Access Vector	Network
Access Complexity	Low
Authentication	None
Confidentiality Impact	None
Integrity Impact	None
Availability Impact	Partial

SUSE Bugzilla entries: 244034 [RESOLVED / FIXED], 255739 [RESOLVED / DUPLICATE]

SUSE Security Advisories:

SUSE-SA:2007:020, published Thu, 15 Mar 2007 12:00:00 +0000

List of released packages

Product(s)	Fixed package version(s)	References
SUSE Linux Enterprise Server 10 SP1 for AMD64 and Intel EM64T SUSE Linux Enterprise Server 10 SP1 for IBM POWER SUSE Linux Enterprise Server 10 SP1 for IBM zSeries 64bit SUSE Linux Enterprise Server 10 SP1 for IPF SUSE Linux Enterprise Server 10 SP1 for x86	`apache2 >= 2.2.3-16.9` `apache2-devel >= 2.2.3-16.9` `apache2-doc >= 2.2.3-16.9` `apache2-example-pages >= 2.2.3-16.9` `apache2-mod_php5 >= 5.1.2-29.35` `apache2-prefork >= 2.2.3-16.9` `apache2-worker >= 2.2.3-16.9` `php5 >= 5.1.2-29.35` `php5-bcmath >= 5.1.2-29.35` `php5-bz2 >= 5.1.2-29.35` `php5-calendar >= 5.1.2-29.35` `php5-ctype >= 5.1.2-29.35` `php5-curl >= 5.1.2-29.35` `php5-dba >= 5.1.2-29.35` `php5-dbase >= 5.1.2-29.35` `php5-devel >= 5.1.2-29.35` `php5-dom >= 5.1.2-29.35` `php5-exif >= 5.1.2-29.35` `php5-fastcgi >= 5.1.2-29.35` `php5-filepro >= 5.1.2-29.35` `php5-ftp >= 5.1.2-29.35` `php5-gd >= 5.1.2-29.35` `php5-gettext >= 5.1.2-29.35` `php5-gmp >= 5.1.2-29.35` `php5-iconv >= 5.1.2-29.35` `php5-imap >= 5.1.2-29.35` `php5-ldap >= 5.1.2-29.35` `php5-mbstring >= 5.1.2-29.35` `php5-mcrypt >= 5.1.2-29.35` `php5-mhash >= 5.1.2-29.35` `php5-mysql >= 5.1.2-29.35` `php5-mysqli >= 5.1.2-29.35` `php5-ncurses >= 5.1.2-29.35` `php5-odbc >= 5.1.2-29.35` `php5-openssl >= 5.1.2-29.35` `php5-pcntl >= 5.1.2-29.35` `php5-pdo >= 5.1.2-29.35` `php5-pear >= 5.1.2-29.35` `php5-pgsql >= 5.1.2-29.35` `php5-posix >= 5.1.2-29.35` `php5-pspell >= 5.1.2-29.35` `php5-shmop >= 5.1.2-29.35` `php5-snmp >= 5.1.2-29.35` `php5-soap >= 5.1.2-29.35` `php5-sockets >= 5.1.2-29.35` `php5-sqlite >= 5.1.2-29.35` `php5-sysvmsg >= 5.1.2-29.35` `php5-sysvsem >= 5.1.2-29.35` `php5-sysvshm >= 5.1.2-29.35` `php5-tokenizer >= 5.1.2-29.35` `php5-wddx >= 5.1.2-29.35` `php5-xmlreader >= 5.1.2-29.35` `php5-xmlrpc >= 5.1.2-29.35` `php5-xsl >= 5.1.2-29.35` `php5-zlib >= 5.1.2-29.35`	sles10.x86 sles10.s390x ZYPP Patch Nr: 2769
SUSE LINUX Retail Solution 8 SuSE Linux Enterprise Server 8 for AMD64 SuSE Linux Enterprise Server 8 for IBM iSeries and IBM pSeries SuSE Linux Enterprise Server 8 for IBM zSeries SuSE Linux Enterprise Server 8 for IPF SuSE Linux Openexchange Server 4 SuSE Linux School Server for i386 SuSE Linux Standard Server 8 UnitedLinux 1.0	`mod_php4 >= 4.2.2-522` `mod_php4-core >= 4.2.2-522` `mod_php4-devel >= 4.2.2-522` `mod_php4-servlet >= 4.2.2-522`	ul1.s390 slrs8.x86 YOU Patch Nr: 11455
SUSE LINUX 10.0	`apache2-mod_php4 >= 4.4.0-6.25` `mod_php4-core >= 4.4.0-6.25` `mod_php4-servlet >= 4.4.0-6.25` `php4 >= 4.4.0-6.25` `php4-32bit >= 4.4.0-6.25` `php4-64bit >= 4.4.0-6.25` `php4-devel >= 4.4.0-6.25` `php4-exif >= 4.4.0-6.25` `php4-fastcgi >= 4.4.0-6.25` `php4-imap >= 4.4.0-6.25` `php4-mhash >= 4.4.0-6.25` `php4-mysql >= 4.4.0-6.25` `php4-pear >= 4.4.0-6.25` `php4-servlet >= 4.4.0-6.25` `php4-session >= 4.4.0-6.25` `php4-sysvshm >= 4.4.0-6.25` `php4-unixODBC >= 4.4.0-6.25` `php4-wddx >= 4.4.0-6.25`
SUSE LINUX 9.3	`apache2-mod_php4 >= 4.3.10-14.35` `mod_php4-core >= 4.3.10-14.35` `mod_php4-servlet >= 4.3.10-14.35` `php4 >= 4.3.10-14.35` `php4-32bit >= 9.3-7.15` `php4-devel >= 4.3.10-14.35` `php4-exif >= 4.3.10-14.35` `php4-fastcgi >= 4.3.10-14.35` `php4-imap >= 4.3.10-14.35` `php4-mhash >= 4.3.10-14.35` `php4-mysql >= 4.3.10-14.35` `php4-pear >= 4.3.10-14.35` `php4-servlet >= 4.3.10-14.35` `php4-session >= 4.3.10-14.35` `php4-sysvshm >= 4.3.10-14.35` `php4-unixODBC >= 4.3.10-14.35` `php4-wddx >= 4.3.10-14.35`
Open Enterprise Server	`apache-mod_php4 >= 4.3.4-43.75` `apache2-mod_php4 >= 4.3.4-43.75` `mod_php4-core >= 4.3.4-43.75` `mod_php4-servlet >= 4.3.4-43.75` `php4 >= 4.3.4-43.75` `php4-devel >= 4.3.4-43.75` `php4-exif >= 4.3.4-43.75` `php4-fastcgi >= 4.3.4-43.75` `php4-imap >= 4.3.4-43.75` `php4-mhash >= 4.3.4-43.75` `php4-mysql >= 4.3.4-43.75` `php4-pear >= 4.3.4-43.75` `php4-servlet >= 4.3.4-43.75` `php4-session >= 4.3.4-43.75` `php4-sysvshm >= 4.3.4-43.75` `php4-unixODBC >= 4.3.4-43.75` `php4-wddx >= 4.3.4-43.75`	core9.s390 core9.x86 YOU Patch Nr: 11444
SUSE Linux Enterprise Server 10 SP1 for AMD64 and Intel EM64T SUSE Linux Enterprise Server 10 SP1 for IBM POWER SUSE Linux Enterprise Server 10 SP1 for IBM zSeries 64bit SUSE Linux Enterprise Server 10 SP1 for IPF SUSE Linux Enterprise Server 10 SP1 for x86	`php5-suhosin >= 5.1.2-29.35`	sles10.x86 sles10.s390x ZYPP Patch Nr: 2875
SUSE LINUX 10.0	`apache2-mod_php5 >= 5.0.4-9.25` `php5 >= 5.0.4-9.25` `php5-bcmath >= 5.0.4-9.25` `php5-curl >= 5.0.4-9.25` `php5-devel >= 5.0.4-9.25` `php5-dom >= 5.0.4-9.25` `php5-exif >= 5.0.4-9.25` `php5-fastcgi >= 5.0.4-9.25` `php5-ftp >= 5.0.4-9.25` `php5-gd >= 5.0.4-9.25` `php5-iconv >= 5.0.4-9.25` `php5-imap >= 5.0.4-9.25` `php5-ldap >= 5.0.4-9.25` `php5-mbstring >= 5.0.4-9.25` `php5-mhash >= 5.0.4-9.25` `php5-mysql >= 5.0.4-9.25` `php5-mysqli >= 5.0.4-9.25` `php5-odbc >= 5.0.4-9.25` `php5-pear >= 5.0.4-9.25` `php5-pgsql >= 5.0.4-9.25` `php5-soap >= 5.0.4-9.25` `php5-sysvmsg >= 5.0.4-9.25` `php5-sysvshm >= 5.0.4-9.25` `php5-wddx >= 5.0.4-9.25` `php5-xmlrpc >= 5.0.4-9.25`
SUSE LINUX 10.1	`apache2-mod_php5 >= 5.1.2-29.25.3` `php5 >= 5.1.2-29.25.3` `php5-bcmath >= 5.1.2-29.25.3` `php5-curl >= 5.1.2-29.25.3` `php5-dba >= 5.1.2-29.25.3` `php5-devel >= 5.1.2-29.25.3` `php5-dom >= 5.1.2-29.25.3` `php5-exif >= 5.1.2-29.25.3` `php5-fastcgi >= 5.1.2-29.25.3` `php5-ftp >= 5.1.2-29.25.3` `php5-gd >= 5.1.2-29.25.3` `php5-iconv >= 5.1.2-29.25.3` `php5-imap >= 5.1.2-29.25.3` `php5-ldap >= 5.1.2-29.25.3` `php5-mbstring >= 5.1.2-29.25.3` `php5-mhash >= 5.1.2-29.25.3` `php5-mysql >= 5.1.2-29.25.3` `php5-mysqli >= 5.1.2-29.25.3` `php5-odbc >= 5.1.2-29.25.3` `php5-pear >= 5.1.2-29.25.3` `php5-pgsql >= 5.1.2-29.25.3` `php5-soap >= 5.1.2-29.25.3` `php5-sysvmsg >= 5.1.2-29.25.3` `php5-sysvshm >= 5.1.2-29.25.3` `php5-wddx >= 5.1.2-29.25.3` `php5-xmlrpc >= 5.1.2-29.25.3`
SUSE LINUX 9.3	`apache2-mod_php5 >= 5.0.3-14.35` `php5 >= 5.0.3-14.35` `php5-bcmath >= 5.0.3-14.35` `php5-curl >= 5.0.3-14.35` `php5-dba >= 5.0.3-14.35` `php5-devel >= 5.0.3-14.35` `php5-dom >= 5.0.3-14.35` `php5-exif >= 5.0.3-14.35` `php5-fastcgi >= 5.0.3-14.35` `php5-ftp >= 5.0.3-14.35` `php5-gd >= 5.0.3-14.35` `php5-iconv >= 5.0.3-14.35` `php5-imap >= 5.0.3-14.35` `php5-ldap >= 5.0.3-14.35` `php5-mbstring >= 5.0.3-14.35` `php5-mhash >= 5.0.3-14.35` `php5-mysql >= 5.0.3-14.35` `php5-mysqli >= 5.0.3-14.35` `php5-odbc >= 5.0.3-14.35` `php5-pear >= 5.0.3-14.35` `php5-pgsql >= 5.0.3-14.35` `php5-soap >= 5.0.3-14.35` `php5-sysvmsg >= 5.0.3-14.35` `php5-sysvshm >= 5.0.3-14.35` `php5-wddx >= 5.0.3-14.35` `php5-xmlrpc >= 5.0.3-14.35`

CVE-2007-0907

Common Vulnerabilities and Exposures

Upstream information

Description

SUSE information

List of released packages

Soluções

Enterprise Linux

Computação essencial

Soluções na nuvem

Armazenamento definido por software

Soluções SAP

Gerenciamento da infraestrutura de TI

Produtos

Tópicos frequentes

Tópicos frequentes

Tópicos frequentes

Tópicos frequentes

Tópicos frequentes

Tópicos frequentes

Ofertas de suporte

Recursos de suporte

Serviços

Parceiros