Multiple vulnerabilities in PHP

Published: 2017-10-11 | Updated: 2025-06-14

Risk	Medium
Patch available	YES
Number of vulnerabilities	2
CVE-ID	CVE-2007-1710 CVE-2007-1286
CWE-ID	CWE-20
Exploitation vector	Network
Public exploit	Vulnerability #2 is being exploited in the wild.
Vulnerable software	PHP Universal components / Libraries / Scripting languages
Vendor	PHP Group

Security Bulletin

This security bulletin contains information about 2 vulnerabilities.

1) Input validation error

EUVDB-ID: #VU110425

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2007-1710

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to read and manipulate data.

The readfile function in PHP 4.4.4, 5.1.6, and 5.2.1 allows context-dependent attackers to bypass safe_mode restrictions and read arbitrary files by referring to local files with a certain URL syntax instead of a pathname syntax, as demonstrated by a filename preceded a "php://../../" sequence.

Mitigation

Install update from vendor's website.

Vulnerable software versions

PHP: 4.4.4 - 5.2.1

CPE2.3

External links

https://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506
https://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137
https://secunia.com/advisories/25423
https://secunia.com/advisories/25850
https://www.vupen.com/english/advisories/2007/1991
https://www.vupen.com/english/advisories/2007/2374
https://www.exploit-db.com/exploits/3573

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Input validation error

EUVDB-ID: #VU110455

Risk: Medium

CVSSv4.0: 6.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:A/U:Green]

CVE-ID: CVE-2007-1286

CWE-ID: CWE-20 - Improper input validation

Exploit availability: Yes

Description

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

Integer overflow in PHP 4.4.4 and earlier allows remote context-dependent attackers to execute arbitrary code via a long string to the unserialize function, which triggers the overflow in the ZVAL reference counter.