CVE-2007-5653

Published: Oct 23, 2007Modified: Apr 23, 2026

9.3

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability: 8.6 / Impact: 10.0

Source: NVD

Description

The Component Object Model (COM) functions in PHP 5.x on Windows do not follow safe_mode and disable_functions restrictions, which allows context-dependent attackers to bypass intended limitations, as demonstrated by executing objects with the kill bit set in the corresponding ActiveX control Compatibility Flags, executing programs via a function in compatUI.dll, invoking wscript.shell via wscript.exe, invoking Scripting.FileSystemObject via wshom.ocx, and adding users via a function in shgina.dll, related to the com_load_typelib function.

Affected (1)

Products: Php: Php

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Php Php	Up to 5.2.4

Related CWEs

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

References (8)

http://secunia.com/advisories/27280

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2007/3590

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/37368

Source: cve@mitre.org

https://www.exploit-db.com/exploits/4553

Source: cve@mitre.org

http://secunia.com/advisories/27280

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2007/3590

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/37368

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.exploit-db.com/exploits/4553

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.