CVE-2007-1382

The PHP COM extensions for PHP on Windows systems allow context-dependent attackers to execute arbitrary code via a WScript.Shell COM object, as demonstrated by using the Run method of this object to execute cmd.exe, which bypasses PHP's safe mode.

CVSS v2.0 6.8 MEDIUM

6.8^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:L/Au:S/C:C/I:C/A:C

Exploitability : 3.1 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
https://www.exploit-db.com/exploits/3429

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:microsoft:all_windows:abstract_cpe:*:*:*:*:*:*:*

cpe:2.3:a:php:com_extensions:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2007-03-10 00:19

Updated : 2017-10-11 01:31

NVD link : CVE-2007-1382

Mitre link : CVE-2007-1382

CVE.ORG link : CVE-2007-1382

JSON object : View

Products Affected

microsoft

all_windows

php

com_extensions

CWE

NVD-CWE-Other

{"id": "CVE-2007-1382", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C", "authentication": "SINGLE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "MEDIUM", "obtainAllPrivilege": true, "exploitabilityScore": 3.1, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2007-03-10T00:19:00.000", "references": [{"url": "https://www.exploit-db.com/exploits/3429", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "The PHP COM extensions for PHP on Windows systems allow context-dependent attackers to execute arbitrary code via a WScript.Shell COM object, as demonstrated by using the Run method of this object to execute cmd.exe, which bypasses PHP's safe mode."}, {"lang": "es", "value": "La extensi\u00f3n PHP COM para PHP en los sistemas Windows permite a atacantes dependientes del contexto ejecutar c\u00f3digo de su elecci\u00f3n mediante el objeto COM WScript.Shell, como lo demostrado usando el m\u00e9todo Run de dicho objeto para ejecutar cmd.exe, que evita el modo seguro del PHP."}], "lastModified": "2017-10-11T01:31:50.813", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:all_windows:abstract_cpe:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "595E948E-30B9-4E08-B7A7-73AFD1C29FA2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:php:com_extensions:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "73BDC038-A61B-4383-A171-32DBC6328523"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}

6.8 /10