CVE-2007-1325 - Vulnerability Details - OpenCVE

The PMA_ArrayWalkRecursive function in libraries/common.lib.php in phpMyAdmin before 2.10.0.2 does not limit recursion on arrays provided by users, which allows context-dependent attackers to cause a denial of service (web server crash) via an array with many dimensions. NOTE: it could be argued that this vulnerability is caused by a problem in PHP (CVE-2006-1549) and the proper fix should be in PHP; if so, then this should not be treated as a vulnerability in phpMyAdmin.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Phpmyadmin	Phpmyadmin

Configuration 1 [-]

cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://osvdb.org/36834
http://secunia.com/advisories/26733
http://sourceforge.net/tracker/index.php?func=detail&aid=1671813&group_id=23067&atid=377408
http://www.mandriva.com/security/advisories?name=MDKSA-2007:199
http://www.php-security.org/MOPB/MOPB-02-2007.html
http://www.php.net/ChangeLog-4.php
http://www.php.net/releases/4_4_8.php
http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-3
http://www.securityfocus.com/bid/22841
http://www.us.debian.org/security/2007/dsa-1370
http://www.vupen.com/english/advisories/2007/0831

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-03-07T21:00:00

Updated: 2024-08-07T12:50:34.991Z

Reserved: 2007-03-07T00:00:00

Link: CVE-2007-1325

Vulnrichment

No data.

NVD

Status : Modified

Published: 2007-03-07T21:19:00.000

Modified: 2024-11-21T00:28:02.060

Link: CVE-2007-1325

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-03-01T00:00:00", "descriptions": [{"lang": "en", "value": "The PMA_ArrayWalkRecursive function in libraries/common.lib.php in phpMyAdmin before 2.10.0.2 does not limit recursion on arrays provided by users, which allows context-dependent attackers to cause a denial of service (web server crash) via an array with many dimensions. NOTE: it could be argued that this vulnerability is caused by a problem in PHP (CVE-2006-1549) and the proper fix should be in PHP; if so, then this should not be treated as a vulnerability in phpMyAdmin."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2007-09-14T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.php.net/releases/4_4_8.php"}, {"name": "26733", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/26733"}, {"name": "22841", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/22841"}, {"name": "DSA-1370", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.us.debian.org/security/2007/dsa-1370"}, {"name": "MDKSA-2007:199", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:199"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-3"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.php.net/ChangeLog-4.php"}, {"name": "36834", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/36834"}, {"tags": ["x_refsource_MISC"], "url": "http://www.php-security.org/MOPB/MOPB-02-2007.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://sourceforge.net/tracker/index.php?func=detail&aid=1671813&group_id=23067&atid=377408"}, {"name": "ADV-2007-0831", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/0831"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-1325", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The PMA_ArrayWalkRecursive function in libraries/common.lib.php in phpMyAdmin before 2.10.0.2 does not limit recursion on arrays provided by users, which allows context-dependent attackers to cause a denial of service (web server crash) via an array with many dimensions. NOTE: it could be argued that this vulnerability is caused by a problem in PHP (CVE-2006-1549) and the proper fix should be in PHP; if so, then this should not be treated as a vulnerability in phpMyAdmin."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.php.net/releases/4_4_8.php", "refsource": "CONFIRM", "url": "http://www.php.net/releases/4_4_8.php"}, {"name": "26733", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/26733"}, {"name": "22841", "refsource": "BID", "url": "http://www.securityfocus.com/bid/22841"}, {"name": "DSA-1370", "refsource": "DEBIAN", "url": "http://www.us.debian.org/security/2007/dsa-1370"}, {"name": "MDKSA-2007:199", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:199"}, {"name": "http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-3", "refsource": "CONFIRM", "url": "http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-3"}, {"name": "http://www.php.net/ChangeLog-4.php", "refsource": "CONFIRM", "url": "http://www.php.net/ChangeLog-4.php"}, {"name": "36834", "refsource": "OSVDB", "url": "http://osvdb.org/36834"}, {"name": "http://www.php-security.org/MOPB/MOPB-02-2007.html", "refsource": "MISC", "url": "http://www.php-security.org/MOPB/MOPB-02-2007.html"}, {"name": "http://sourceforge.net/tracker/index.php?func=detail&aid=1671813&group_id=23067&atid=377408", "refsource": "CONFIRM", "url": "http://sourceforge.net/tracker/index.php?func=detail&aid=1671813&group_id=23067&atid=377408"}, {"name": "ADV-2007-0831", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/0831"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T12:50:34.991Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.php.net/releases/4_4_8.php"}, {"name": "26733", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/26733"}, {"name": "22841", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/22841"}, {"name": "DSA-1370", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.us.debian.org/security/2007/dsa-1370"}, {"name": "MDKSA-2007:199", "tags": ["vendor-advisory", "x_refsource_MANDRIVA", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:199"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-3"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.php.net/ChangeLog-4.php"}, {"name": "36834", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/36834"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.php-security.org/MOPB/MOPB-02-2007.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://sourceforge.net/tracker/index.php?func=detail&aid=1671813&group_id=23067&atid=377408"}, {"name": "ADV-2007-0831", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/0831"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-1325", "datePublished": "2007-03-07T21:00:00", "dateReserved": "2007-03-07T00:00:00", "dateUpdated": "2024-08-07T12:50:34.991Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*", "matchCriteriaId": "63623FC3-197D-4308-9077-F40B4B3F0F97", "versionEndIncluding": "2.10.0.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The PMA_ArrayWalkRecursive function in libraries/common.lib.php in phpMyAdmin before 2.10.0.2 does not limit recursion on arrays provided by users, which allows context-dependent attackers to cause a denial of service (web server crash) via an array with many dimensions. NOTE: it could be argued that this vulnerability is caused by a problem in PHP (CVE-2006-1549) and the proper fix should be in PHP; if so, then this should not be treated as a vulnerability in phpMyAdmin."}, {"lang": "es", "value": "La funci\u00f3n PMA_ArrayWalkRecursive en el libraries/common.lib.php del phpMyAdmin anterior al 2.10.0.2 no tiene l\u00edmite en la recursividad de los arrays proporcionados por los usuarios, lo que permite a atacantes dependientes del contexto provocar una denegaci\u00f3n de servicio (ca\u00edda del servidor web) mediante un array con m\u00faltiples dimensiones. NOTA: puede ser discutido que esta vulnerabilidad est\u00e1 provocada por un problema en el PHP (CVE-2006-1549) y la soluci\u00f3n adecuada debe de ser en PHP; con lo cual esto no deber\u00eda ser tratado como una vulnerabilidad en el phpMyAdmin."}], "evaluatorComment": "This vulnerability is addressed in the following product update:\r\nhttp://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-3", "id": "CVE-2007-1325", "lastModified": "2024-11-21T00:28:02.060", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-03-07T21:19:00.000", "references": [{"source": "cve@mitre.org", "url": "http://osvdb.org/36834"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/26733"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://sourceforge.net/tracker/index.php?func=detail&aid=1671813&group_id=23067&atid=377408"}, {"source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:199"}, {"source": "cve@mitre.org", "url": "http://www.php-security.org/MOPB/MOPB-02-2007.html"}, {"source": "cve@mitre.org", "url": "http://www.php.net/ChangeLog-4.php"}, {"source": "cve@mitre.org", "url": "http://www.php.net/releases/4_4_8.php"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-3"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.securityfocus.com/bid/22841"}, {"source": "cve@mitre.org", "url": "http://www.us.debian.org/security/2007/dsa-1370"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2007/0831"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/36834"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/26733"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://sourceforge.net/tracker/index.php?func=detail&aid=1671813&group_id=23067&atid=377408"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:199"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.php-security.org/MOPB/MOPB-02-2007.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.php.net/ChangeLog-4.php"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.php.net/releases/4_4_8.php"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-3"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://www.securityfocus.com/bid/22841"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.us.debian.org/security/2007/dsa-1370"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/0831"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}