CVE-2007-1325

Publication date 7 March 2007

Last updated 24 July 2024

Ubuntu priority

The PMA_ArrayWalkRecursive function in libraries/common.lib.php in phpMyAdmin before 2.10.0.2 does not limit recursion on arrays provided by users, which allows context-dependent attackers to cause a denial of service (web server crash) via an array with many dimensions. NOTE: it could be argued that this vulnerability is caused by a problem in PHP (CVE-2006-1549) and the proper fix should be in PHP; if so, then this should not be treated as a vulnerability in phpMyAdmin.

Read the notes from the security team

Status

Show unmaintained releases

No maintained releases are affected by this CVE.

Package	Ubuntu Release	Status
phpmyadmin	9.10 karmic	Not affected
	9.04 jaunty	Not affected
	8.10 intrepid	Not affected
	8.04 LTS hardy	Not affected
	7.10 gutsy	Not affected
	7.04 feisty	Fixed 2.9.1.1-2ubuntu1
	6.10 edgy	Ignored end of life, was needed
	6.06 LTS dapper	Ignored end of life

CVE-2007-1325

Status

Notes

wgrant

References

Other references