Unrated severityNVD Advisory· Published Mar 7, 2007· Updated Jun 16, 2026
CVE-2007-1325
CVE-2007-1325
Description
The PMA_ArrayWalkRecursive function in libraries/common.lib.php in phpMyAdmin before 2.10.0.2 does not limit recursion on arrays provided by users, which allows context-dependent attackers to cause a denial of service (web server crash) via an array with many dimensions. NOTE: it could be argued that this vulnerability is caused by a problem in PHP (CVE-2006-1549) and the proper fix should be in PHP; if so, then this should not be treated as a vulnerability in phpMyAdmin.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*range: <=2.10.0.1
- (no CPE)range: <2.10.0.2
Patches
Vulnerability mechanics
References
11- sourceforge.net/tracker/index.phpnvdPatch
- www.phpmyadmin.net/home_page/security.phpnvdPatch
- www.securityfocus.com/bid/22841nvdPatch
- osvdb.org/36834nvd
- secunia.com/advisories/26733nvd
- www.mandriva.com/security/advisoriesnvd
- www.php-security.org/MOPB/MOPB-02-2007.htmlnvd
- www.php.net/ChangeLog-4.phpnvd
- www.php.net/releases/4_4_8.phpnvd
- www.us.debian.org/security/2007/dsa-1370nvd
- www.vupen.com/english/advisories/2007/0831nvd
News mentions
0No linked articles in our index yet.