CVE-2007-1886 - Vulnerability Details

Vendors	Products
Php	Php

Link	Providers
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137
http://secunia.com/advisories/25423
http://secunia.com/advisories/25850
http://www.php-security.org/MOPB/MOPB-39-2007.html
http://www.vupen.com/english/advisories/2007/1991
http://www.vupen.com/english/advisories/2007/2374
https://exchange.xforce.ibmcloud.com/vulnerabilities/33768

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-03-31T00:00:00", "descriptions": [{"lang": "en", "value": "Integer overflow in the str_replace function in PHP 4.4.5 and PHP 5.2.1 allows context-dependent attackers to have an unknown impact via a single character search string in conjunction with a single character replacement string, which causes an \"off by one overflow.\""}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-28T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "php-strreplace-single-unspecified(33768)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33768"}, {"name": "ADV-2007-1991", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/1991"}, {"name": "SSRT071423", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506"}, {"name": "HPSBTU02232", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137"}, {"name": "SSRT071429", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137"}, {"name": "ADV-2007-2374", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/2374"}, {"name": "25423", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25423"}, {"name": "HPSBMA02215", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506"}, {"name": "25850", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25850"}, {"tags": ["x_refsource_MISC"], "url": "http://www.php-security.org/MOPB/MOPB-39-2007.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-1886", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Integer overflow in the str_replace function in PHP 4.4.5 and PHP 5.2.1 allows context-dependent attackers to have an unknown impact via a single character search string in conjunction with a single character replacement string, which causes an \"off by one overflow.\""}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "php-strreplace-single-unspecified(33768)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33768"}, {"name": "ADV-2007-1991", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/1991"}, {"name": "SSRT071423", "refsource": "HP", "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506"}, {"name": "HPSBTU02232", "refsource": "HP", "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137"}, {"name": "SSRT071429", "refsource": "HP", "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137"}, {"name": "ADV-2007-2374", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/2374"}, {"name": "25423", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25423"}, {"name": "HPSBMA02215", "refsource": "HP", "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506"}, {"name": "25850", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25850"}, {"name": "http://www.php-security.org/MOPB/MOPB-39-2007.html", "refsource": "MISC", "url": "http://www.php-security.org/MOPB/MOPB-39-2007.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T13:13:41.976Z"}, "title": "CVE Program Container", "references": [{"name": "php-strreplace-single-unspecified(33768)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33768"}, {"name": "ADV-2007-1991", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/1991"}, {"name": "SSRT071423", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506"}, {"name": "HPSBTU02232", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137"}, {"name": "SSRT071429", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137"}, {"name": "ADV-2007-2374", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/2374"}, {"name": "25423", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/25423"}, {"name": "HPSBMA02215", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506"}, {"name": "25850", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/25850"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.php-security.org/MOPB/MOPB-39-2007.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-1886", "datePublished": "2007-04-06T01:00:00", "dateReserved": "2007-04-05T00:00:00", "dateUpdated": "2024-08-07T13:13:41.976Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : n/a (string)

vendor : n/a (string)

versions : [ »

0 : { »

status : affected (string)

version : n/a (string)

}

]

}

]

datePublic : 2007-03-31T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : Integer overflow in the str_replace function in PHP 4.4.5 and PHP 5.2.1 allows context-dependent attackers to have an unknown impact via a single character search string in conjunction with a single character replacement string, which causes an "off by one overflow." (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : n/a (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2017-07-28T12:57:01 (string)

orgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

shortName : mitre (string)

}

references : [ »

0 : { »

name : php-strreplace-single-unspecified(33768) (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_XF (string)

]

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/33768 (string)

}

1 : { »

name : ADV-2007-1991 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_VUPEN (string)

]

url : http://www.vupen.com/english/advisories/2007/1991 (string)

}

2 : { »

name : SSRT071423 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_HP (string)

]

url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506 (string)

}

3 : { »

name : HPSBTU02232 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_HP (string)

]

url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137 (string)

}

4 : { »

name : SSRT071429 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_HP (string)

]

url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137 (string)

}

5 : { »

name : ADV-2007-2374 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_VUPEN (string)

]

url : http://www.vupen.com/english/advisories/2007/2374 (string)

}

6 : { »

name : 25423 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

]

url : http://secunia.com/advisories/25423 (string)

}

7 : { »

name : HPSBMA02215 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_HP (string)

]

url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506 (string)

}

8 : { »

name : 25850 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

]

url : http://secunia.com/advisories/25850 (string)

}

9 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : http://www.php-security.org/MOPB/MOPB-39-2007.html (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : cve@mitre.org (string)

ID : CVE-2007-1886 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : n/a (string)

version : { »

version_data : [ »

0 : { »

version_value : n/a (string)

}

]

}

]

}

vendor_name : n/a (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : Integer overflow in the str_replace function in PHP 4.4.5 and PHP 5.2.1 allows context-dependent attackers to have an unknown impact via a single character search string in conjunction with a single character replacement string, which causes an "off by one overflow." (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : n/a (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : php-strreplace-single-unspecified(33768) (string)

refsource : XF (string)

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/33768 (string)

}

1 : { »

name : ADV-2007-1991 (string)

refsource : VUPEN (string)

url : http://www.vupen.com/english/advisories/2007/1991 (string)

}

2 : { »

name : SSRT071423 (string)

refsource : HP (string)

url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506 (string)

}

3 : { »

name : HPSBTU02232 (string)

refsource : HP (string)

url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137 (string)

}

4 : { »

name : SSRT071429 (string)

refsource : HP (string)

url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137 (string)

}

5 : { »

name : ADV-2007-2374 (string)

refsource : VUPEN (string)

url : http://www.vupen.com/english/advisories/2007/2374 (string)

}

6 : { »

name : 25423 (string)

refsource : SECUNIA (string)

url : http://secunia.com/advisories/25423 (string)

}

7 : { »

name : HPSBMA02215 (string)

refsource : HP (string)

url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506 (string)

}

8 : { »

name : 25850 (string)

refsource : SECUNIA (string)

url : http://secunia.com/advisories/25850 (string)

}

9 : { »

name : http://www.php-security.org/MOPB/MOPB-39-2007.html (string)

refsource : MISC (string)

url : http://www.php-security.org/MOPB/MOPB-39-2007.html (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-07T13:13:41.976Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

name : php-strreplace-single-unspecified(33768) (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_XF (string)

2 : x_transferred (string)

]

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/33768 (string)

}

1 : { »

name : ADV-2007-1991 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_VUPEN (string)

2 : x_transferred (string)

]

url : http://www.vupen.com/english/advisories/2007/1991 (string)

}

2 : { »

name : SSRT071423 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_HP (string)

2 : x_transferred (string)

]

url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506 (string)

}

3 : { »

name : HPSBTU02232 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_HP (string)

2 : x_transferred (string)

]

url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137 (string)

}

4 : { »

name : SSRT071429 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_HP (string)

2 : x_transferred (string)

]

url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137 (string)

}

5 : { »

name : ADV-2007-2374 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_VUPEN (string)

2 : x_transferred (string)

]

url : http://www.vupen.com/english/advisories/2007/2374 (string)

}

6 : { »

name : 25423 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

2 : x_transferred (string)

]

url : http://secunia.com/advisories/25423 (string)

}

7 : { »

name : HPSBMA02215 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_HP (string)

2 : x_transferred (string)

]

url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506 (string)

}

8 : { »

name : 25850 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

2 : x_transferred (string)

]

url : http://secunia.com/advisories/25850 (string)

}

9 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : http://www.php-security.org/MOPB/MOPB-39-2007.html (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

assignerShortName : mitre (string)

cveId : CVE-2007-1886 (string)

datePublished : 2007-04-06T01:00:00 (string)

dateReserved : 2007-04-05T00:00:00 (string)

dateUpdated : 2024-08-07T13:13:41.976Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:php:php:4.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "4C2AF1D9-33B6-4B2C-9269-426B6B720164", "vulnerable": true}, {"criteria": "cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "88358D1E-BE6F-4CE3-A522-83D1FA4739E3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Integer overflow in the str_replace function in PHP 4.4.5 and PHP 5.2.1 allows context-dependent attackers to have an unknown impact via a single character search string in conjunction with a single character replacement string, which causes an \"off by one overflow.\""}, {"lang": "es", "value": "Desbordamiento de enteros en la funci\u00f3n str_replace del PHP 4.4.5 y PHP 5.2.1 permite a los atacantes dependientes del contexto tener un impacto desconocido mediante una cadena de b\u00fasqueda de un solo car\u00e1cter en conjunci\u00f3n con una cadena de sustituci\u00f3n de un solo car\u00e1cter, lo que provoca un \"error de superaci\u00f3n de l\u00edmite (off-by-one)\"."}], "id": "CVE-2007-1886", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-04-06T01:19:00.000", "references": [{"source": "cve@mitre.org", "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506"}, {"source": "cve@mitre.org", "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506"}, {"source": "cve@mitre.org", "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137"}, {"source": "cve@mitre.org", "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/25423"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/25850"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.php-security.org/MOPB/MOPB-39-2007.html"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2007/1991"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2007/2374"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33768"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/25423"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/25850"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.php-security.org/MOPB/MOPB-39-2007.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/1991"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/2374"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33768"}], "sourceIdentifier": "cve@mitre.org", "vendorComments": [{"comment": "We do not consider this flaw to be a security issue as it is only exploitable by the script author. No trust boundary is crossed.\n\nFor more information please see:\nhttps://bugzilla.redhat.com/show_bug.cgi?id=mopb#c37", "lastModified": "2007-11-30T00:00:00", "organization": "Red Hat"}], "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:php:php:4.4.5:*:*:*:*:*:*:* (string)

matchCriteriaId : 4C2AF1D9-33B6-4B2C-9269-426B6B720164 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 88358D1E-BE6F-4CE3-A522-83D1FA4739E3 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : Integer overflow in the str_replace function in PHP 4.4.5 and PHP 5.2.1 allows context-dependent attackers to have an unknown impact via a single character search string in conjunction with a single character replacement string, which causes an "off by one overflow." (string)

}

1 : { »

lang : es (string)

value : Desbordamiento de enteros en la función str_replace del PHP 4.4.5 y PHP 5.2.1 permite a los atacantes dependientes del contexto tener un impacto desconocido mediante una cadena de búsqueda de un solo carácter en conjunción con una cadena de sustitución de un solo carácter, lo que provoca un "error de superación de límite (off-by-one)". (string)

}

]

id : CVE-2007-1886 (string)

lastModified : 2025-04-09T00:30:58.490 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : MEDIUM (string)

cvssData : { »

accessComplexity : MEDIUM (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : PARTIAL (string)

baseScore : 6.8 (number)

confidentialityImpact : PARTIAL (string)

integrityImpact : PARTIAL (string)

vectorString : AV:N/AC:M/Au:N/C:P/I:P/A:P (string)

version : 2.0 (string)

}

exploitabilityScore : 8.6 (number)

impactScore : 6.4 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

}

published : 2007-04-06T01:19:00.000 (string)

references : [ »

0 : { »

source : cve@mitre.org (string)

url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506 (string)

}

1 : { »

source : cve@mitre.org (string)

url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506 (string)

}

2 : { »

source : cve@mitre.org (string)

url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137 (string)

}

3 : { »

source : cve@mitre.org (string)

url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137 (string)

}

4 : { »

source : cve@mitre.org (string)

url : http://secunia.com/advisories/25423 (string)

}

5 : { »

source : cve@mitre.org (string)

url : http://secunia.com/advisories/25850 (string)

}

6 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Patch (string)

1 : Vendor Advisory (string)

]

url : http://www.php-security.org/MOPB/MOPB-39-2007.html (string)

}

7 : { »

source : cve@mitre.org (string)

url : http://www.vupen.com/english/advisories/2007/1991 (string)

}

8 : { »

source : cve@mitre.org (string)

url : http://www.vupen.com/english/advisories/2007/2374 (string)

}

9 : { »

source : cve@mitre.org (string)

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/33768 (string)

}

10 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506 (string)

}

11 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506 (string)

}

12 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137 (string)

}

13 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137 (string)

}

14 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://secunia.com/advisories/25423 (string)

}

15 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://secunia.com/advisories/25850 (string)

}

16 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

1 : Vendor Advisory (string)

]

url : http://www.php-security.org/MOPB/MOPB-39-2007.html (string)

}

17 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://www.vupen.com/english/advisories/2007/1991 (string)

}

18 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://www.vupen.com/english/advisories/2007/2374 (string)

}

19 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://exchange.xforce.ibmcloud.com/vulnerabilities/33768 (string)

}

]

sourceIdentifier : cve@mitre.org (string)

vendorComments : [ »

0 : { »

comment : We do not consider this flaw to be a security issue as it is only exploitable by the script author. No trust boundary is crossed. For more information please see: https://bugzilla.redhat.com/show_bug.cgi?id=mopb#c37 (string)

lastModified : 2007-11-30T00:00:00 (string)

organization : Red Hat (string)

}

]

vulnStatus : Deferred (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : NVD-CWE-Other (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object