CVE-2007-1581 Common Vulnerabilities and Exposures

Upstream information

CVE-2007-1581 at MITRE

Description

The resource system in PHP 5.0.0 through 5.2.1 allows context-dependent attackers to execute arbitrary code by interrupting the hash_update_file function via a userspace (1) error or (2) stream handler, which can then be used to destroy and modify internal resources. NOTE: it was later reported that PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 are also affected.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having critical severity.

CVSS v2 Scores
CVSS detail	National Vulnerability Database
Base Score	9.3
Vector	AV:N/AC:M/Au:N/C:C/I:C/A:C
Access Vector	Network
Access Complexity	Medium
Authentication	None
Confidentiality Impact	Complete
Integrity Impact	Complete
Availability Impact	Complete

SUSE Bugzilla entries: 256310 [RESOLVED / REMIND], 992991 [RESOLVED]

No SUSE Security Announcements cross referenced.

SUSE Timeline for this CVE

CVE page created: Fri Jun 28 02:48:46 2013
CVE page last modified: Mon Oct 6 18:14:54 2025