CVE-2007-0975 Information

Description

Variable extraction vulnerability in Ian Bezanson Apache Stats before 0.0.3 beta allows attackers to overwrite critical variables with unknown impact when the extract function is used on the _REQUEST superglobal array.

Reference

http://sourceforge.net/forum/forum.php?forum_id=660919 http://superb-east.dl.sourceforge.net/sourceforge/apachestats/apacheStats_0.0.3Beta.tar.bz2 http://www.vupen.com/english/advisories/2007/0598