Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-u2gv-h542-9bbt

Summary

PHP contains several vulnerabilities including buffer and integer overflows
    which could under certain conditions lead to the remote execution of
    arbitrary code.

Aliases

alias	CVE-2007-1285

Fixed_packages

url	pkg:ebuild/dev-lang/php@5.2.2
purl	pkg:ebuild/dev-lang/php@5.2.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/php@5.2.2

Affected_packages

url pkg:rpm/redhat/php@4.1.2-2?arch=17

purl pkg:rpm/redhat/php@4.1.2-2?arch=17

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-dyru-p94k-w7gp

vulnerability	VCID-pfc1-97fv-gugu

vulnerability	VCID-u2gv-h542-9bbt

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/php@4.1.2-2%3Farch=17

url pkg:rpm/redhat/php@4.3.2-40?arch=ent

purl pkg:rpm/redhat/php@4.3.2-40?arch=ent

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-49jr-gtjs-1ba9

vulnerability	VCID-4dt6-x8pa-yfh3

vulnerability	VCID-96m2-stv4-j7bj

vulnerability	VCID-busj-qfth-v7e3

vulnerability	VCID-dyru-p94k-w7gp

vulnerability	VCID-pfc1-97fv-gugu

vulnerability	VCID-u2gv-h542-9bbt

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/php@4.3.2-40%3Farch=ent

url pkg:rpm/redhat/php@4.3.9-3.22?arch=4

purl pkg:rpm/redhat/php@4.3.9-3.22?arch=4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-49jr-gtjs-1ba9

vulnerability	VCID-4dt6-x8pa-yfh3

vulnerability	VCID-96m2-stv4-j7bj

vulnerability	VCID-busj-qfth-v7e3

vulnerability	VCID-dyru-p94k-w7gp

vulnerability	VCID-pfc1-97fv-gugu

vulnerability	VCID-u2gv-h542-9bbt

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/php@4.3.9-3.22%3Farch=4

url pkg:rpm/redhat/php@5.1.6-3.el4s1?arch=6

purl pkg:rpm/redhat/php@5.1.6-3.el4s1?arch=6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-49jr-gtjs-1ba9

vulnerability	VCID-4dt6-x8pa-yfh3

vulnerability	VCID-96m2-stv4-j7bj

vulnerability	VCID-busj-qfth-v7e3

vulnerability	VCID-u2gv-h542-9bbt

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/php@5.1.6-3.el4s1%3Farch=6

url pkg:rpm/redhat/php@5.1.6-7?arch=el5

purl pkg:rpm/redhat/php@5.1.6-7?arch=el5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-41ca-da3r-aufr

vulnerability	VCID-51uw-rhq6-q3fx

vulnerability	VCID-58h4-t4ym-ybe7

vulnerability	VCID-9y94-qc58-hqdu

vulnerability	VCID-f32h-wt19-vqbc

vulnerability	VCID-k9c3-pumr-xffr

vulnerability	VCID-rfk2-yaxz-bqeu

vulnerability	VCID-tcu4-hqs3-vqcq

vulnerability	VCID-u2gv-h542-9bbt

vulnerability	VCID-wrjc-wq1y-73ga

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/php@5.1.6-7%3Farch=el5

References

reference_url	http://lists.opensuse.org/opensuse-security-announce/2007-07/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2007-07/msg00006.html

reference_url	http://rhn.redhat.com/errata/RHSA-2007-0154.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2007-0154.html

reference_url	http://rhn.redhat.com/errata/RHSA-2007-0155.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2007-0155.html

reference_url	http://rhn.redhat.com/errata/RHSA-2007-0163.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2007-0163.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1285.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1285.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2007-1285

reference_id

reference_type

scores

value	0.06815
scoring_system	epss
scoring_elements	0.91356
published_at	2026-04-21T12:55:00Z

value	0.06815
scoring_system	epss
scoring_elements	0.91354
published_at	2026-04-18T12:55:00Z

value	0.06815
scoring_system	epss
scoring_elements	0.91283
published_at	2026-04-01T12:55:00Z

value	0.06815
scoring_system	epss
scoring_elements	0.91287
published_at	2026-04-02T12:55:00Z

value	0.06815
scoring_system	epss
scoring_elements	0.91298
published_at	2026-04-04T12:55:00Z

value	0.06815
scoring_system	epss
scoring_elements	0.91304
published_at	2026-04-07T12:55:00Z

value	0.06815
scoring_system	epss
scoring_elements	0.91317
published_at	2026-04-08T12:55:00Z

value	0.06815
scoring_system	epss
scoring_elements	0.91323
published_at	2026-04-09T12:55:00Z

value	0.06815
scoring_system	epss
scoring_elements	0.91329
published_at	2026-04-11T12:55:00Z

value	0.06815
scoring_system	epss
scoring_elements	0.91332
published_at	2026-04-12T12:55:00Z

value	0.06815
scoring_system	epss
scoring_elements	0.9133
published_at	2026-04-13T12:55:00Z

value	0.06815
scoring_system	epss
scoring_elements	0.91355
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2007-1285

reference_url	http://secunia.com/advisories/24909
reference_id
reference_type
scores
url	http://secunia.com/advisories/24909

reference_url	http://secunia.com/advisories/24910
reference_id
reference_type
scores
url	http://secunia.com/advisories/24910

reference_url	http://secunia.com/advisories/24924
reference_id
reference_type
scores
url	http://secunia.com/advisories/24924

reference_url	http://secunia.com/advisories/24941
reference_id
reference_type
scores
url	http://secunia.com/advisories/24941

reference_url	http://secunia.com/advisories/24945
reference_id
reference_type
scores
url	http://secunia.com/advisories/24945

reference_url	http://secunia.com/advisories/25445
reference_id
reference_type
scores
url	http://secunia.com/advisories/25445

reference_url	http://secunia.com/advisories/26048
reference_id
reference_type
scores
url	http://secunia.com/advisories/26048

reference_url	http://secunia.com/advisories/26642
reference_id
reference_type
scores
url	http://secunia.com/advisories/26642

reference_url	http://secunia.com/advisories/27864
reference_id
reference_type
scores
url	http://secunia.com/advisories/27864

reference_url	http://secunia.com/advisories/28936
reference_id
reference_type
scores
url	http://secunia.com/advisories/28936

reference_url	http://security.gentoo.org/glsa/glsa-200705-19.xml
reference_id
reference_type
scores
url	http://security.gentoo.org/glsa/glsa-200705-19.xml

reference_url	https://issues.rpath.com/browse/RPL-1268
reference_id
reference_type
scores
url	https://issues.rpath.com/browse/RPL-1268

reference_url	http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.335136
reference_id
reference_type
scores
url	http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.335136

reference_url	https://launchpad.net/bugs/173043
reference_id
reference_type
scores
url	https://launchpad.net/bugs/173043

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11017
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11017

reference_url	http://us2.php.net/releases/4_4_7.php
reference_id
reference_type
scores
url	http://us2.php.net/releases/4_4_7.php

reference_url	http://us2.php.net/releases/5_2_2.php
reference_id
reference_type
scores
url	http://us2.php.net/releases/5_2_2.php

reference_url	http://www.mandriva.com/security/advisories?name=MDKSA-2007:087
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDKSA-2007:087

reference_url	http://www.mandriva.com/security/advisories?name=MDKSA-2007:088
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDKSA-2007:088

reference_url	http://www.mandriva.com/security/advisories?name=MDKSA-2007:089
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDKSA-2007:089

reference_url	http://www.mandriva.com/security/advisories?name=MDKSA-2007:090
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDKSA-2007:090

reference_url	http://www.osvdb.org/32769
reference_id
reference_type
scores
url	http://www.osvdb.org/32769

reference_url	http://www.php.net/ChangeLog-4.php
reference_id
reference_type
scores
url	http://www.php.net/ChangeLog-4.php

reference_url	http://www.php.net/ChangeLog-5.php#5.2.4
reference_id
reference_type
scores
url	http://www.php.net/ChangeLog-5.php#5.2.4

reference_url	http://www.php.net/releases/4_4_8.php
reference_id
reference_type
scores
url	http://www.php.net/releases/4_4_8.php

reference_url	http://www.php.net/releases/5_2_4.php
reference_id
reference_type
scores
url	http://www.php.net/releases/5_2_4.php

reference_url	http://www.php-security.org/MOPB/MOPB-03-2007.html
reference_id
reference_type
scores
url	http://www.php-security.org/MOPB/MOPB-03-2007.html

reference_url	http://www.redhat.com/support/errata/RHSA-2007-0082.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2007-0082.html

reference_url	http://www.redhat.com/support/errata/RHSA-2007-0162.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2007-0162.html

reference_url	http://www.securityfocus.com/archive/1/466166/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/466166/100/0/threaded

reference_url	http://www.securityfocus.com/bid/22764
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/22764

reference_url	http://www.securitytracker.com/id?1017771
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1017771

reference_url	http://www.ubuntu.com/usn/usn-549-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/usn-549-2

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1618296
reference_id	1618296
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1618296

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php::::::::
reference_id	cpe:2.3:a:php:php::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:7.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux:10.0:::::::*
reference_id	cpe:2.3:o:novell:suse_linux:10.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux:10.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux:10.1:::::::*
reference_id	cpe:2.3:o:novell:suse_linux:10.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux:10.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:2.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:3.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:4.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:2.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:10:sp1::::::
reference_id	cpe:2.3:o:suse:linux_enterprise_server:10:sp1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:10:sp1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:8:::::::*
reference_id	cpe:2.3:o:suse:linux_enterprise_server:8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:8:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2007-1285

reference_id

CVE-2007-1285

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2007-1285

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/dos/29692.txt
reference_id	CVE-2007-1285;OSVDB-32769
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/dos/29692.txt

reference_url	https://www.securityfocus.com/bid/22764/info
reference_id	CVE-2007-1285;OSVDB-32769
reference_type	exploit
scores
url	https://www.securityfocus.com/bid/22764/info

reference_url	https://security.gentoo.org/glsa/200705-19
reference_id	GLSA-200705-19
reference_type
scores
url	https://security.gentoo.org/glsa/200705-19

reference_url	https://access.redhat.com/errata/RHSA-2007:0082
reference_id	RHSA-2007:0082
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0082

reference_url	https://access.redhat.com/errata/RHSA-2007:0154
reference_id	RHSA-2007:0154
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0154

reference_url	https://access.redhat.com/errata/RHSA-2007:0155
reference_id	RHSA-2007:0155
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0155

reference_url	https://access.redhat.com/errata/RHSA-2007:0162
reference_id	RHSA-2007:0162
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0162

reference_url	https://access.redhat.com/errata/RHSA-2007:0163
reference_id	RHSA-2007:0163
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0163

reference_url	https://usn.ubuntu.com/549-1/
reference_id	USN-549-1
reference_type
scores
url	https://usn.ubuntu.com/549-1/

Weaknesses

cwe_id	674
name	Uncontrolled Recursion
description	The product does not properly control the amount of recursion that takes place, consuming excessive resources, such as allocated memory or the program stack.

Exploits

date_added	2007-03-01
description	PHP 3/4/5 - ZendEngine Variable Destruction Remote Denial of Service
required_action	`null`
due_date	`null`
notes	`null`
known_ransomware_campaign_use	`true`
source_date_published	2007-03-01
exploit_type	dos
platform	php
source_date_updated	2016-12-02
data_source	Exploit-DB
source_url	https://www.securityfocus.com/bid/22764/info

Severity_range_score 5.0 - 7.5

Exploitability 2.0

Weighted_severity 6.8

Risk_score 10.0

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u2gv-h542-9bbt

Vulnerability Instance