CVE 2007-5898
The (1) htmlentities and (2) htmlspecialchars functions in PHP before 5.2.5 accept partial multibyte sequences, which has unknown impact and attack vectors, a different issue than CVE-2006-5465.
Related bugs and status
CVE-2007-5898 (Candidate) is related to these bugs:
Bug #227464: Please roll out security fixes from PHP 5.2.6
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
227464 | Please roll out security fixes from PHP 5.2.6 | php5 (Ubuntu) | Undecided | Fix Released | ||
227464 | Please roll out security fixes from PHP 5.2.6 | php5 (Debian) | Unknown | Fix Released | ||
227464 | Please roll out security fixes from PHP 5.2.6 | Hardy Backports | Undecided | Invalid | ||
227464 | Please roll out security fixes from PHP 5.2.6 | php5 (Ubuntu Hardy) | Undecided | Fix Released | ||
227464 | Please roll out security fixes from PHP 5.2.6 | php5 (Ubuntu Dapper) | Undecided | Fix Released | ||
227464 | Please roll out security fixes from PHP 5.2.6 | php5 (Ubuntu Feisty) | Undecided | Fix Released | ||
227464 | Please roll out security fixes from PHP 5.2.6 | php5 (Ubuntu Gutsy) | Undecided | Fix Released |
Bug #228095: php5 5.2.4 and lower vulnerable to several CVEs
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
228095 | php5 5.2.4 and lower vulnerable to several CVEs | php5 (Ubuntu) | Undecided | Fix Released | ||
228095 | php5 5.2.4 and lower vulnerable to several CVEs | php5 (Ubuntu Dapper) | Undecided | Fix Released | ||
228095 | php5 5.2.4 and lower vulnerable to several CVEs | php5 (Ubuntu Feisty) | Undecided | Fix Released | ||
228095 | php5 5.2.4 and lower vulnerable to several CVEs | php5 (Ubuntu Gutsy) | Undecided | Fix Released | ||
228095 | php5 5.2.4 and lower vulnerable to several CVEs | php5 (Ubuntu Hardy) | Undecided | Fix Released |
See the
CVE page on Mitre.org
for more details.