Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2008-2107
Modified
More InfoOfficial Page
Source-cve@mitre.org
View Known Exploited Vulnerability (KEV) details
Published At-07 May, 2008 | 21:20
Updated At-23 Apr, 2026 | 00:35

The GENERATE_SEED macro in PHP 4.x before 4.4.8 and 5.x before 5.2.5, when running on 32-bit systems, performs a multiplication using values that can produce a zero seed in rare circumstances, which allows context-dependent attackers to predict subsequent values of the rand and mt_rand functions and possibly bypass protection mechanisms that rely on an unknown initial seed.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.07.5HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Type: Primary
Version: 2.0
Base score: 7.5
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
CPE Matches
The PHP Group
php
>>php>>Versions up to 4.4.7(inclusive)
cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
The PHP Group
php
>>php>>5
cpe:2.3:a:php:php:5:*:*:*:*:*:*:*
The PHP Group
php
>>php>>5.0.0
cpe:2.3:a:php:php:5.0.0:beta1:*:*:*:*:*:*
The PHP Group
php
>>php>>5.0.0
cpe:2.3:a:php:php:5.0.0:beta2:*:*:*:*:*:*
The PHP Group
php
>>php>>5.0.0
cpe:2.3:a:php:php:5.0.0:beta3:*:*:*:*:*:*
The PHP Group
php
>>php>>5.0.0
cpe:2.3:a:php:php:5.0.0:rc1:*:*:*:*:*:*
The PHP Group
php
>>php>>5.0.0
cpe:2.3:a:php:php:5.0.0:rc2:*:*:*:*:*:*
The PHP Group
php
>>php>>5.0.0
cpe:2.3:a:php:php:5.0.0:rc3:*:*:*:*:*:*
The PHP Group
php
>>php>>5.0.1
cpe:2.3:a:php:php:5.0.1:*:*:*:*:*:*:*
The PHP Group
php
>>php>>5.0.2
cpe:2.3:a:php:php:5.0.2:*:*:*:*:*:*:*
The PHP Group
php
>>php>>5.0.3
cpe:2.3:a:php:php:5.0.3:*:*:*:*:*:*:*
The PHP Group
php
>>php>>5.0.4
cpe:2.3:a:php:php:5.0.4:*:*:*:*:*:*:*
The PHP Group
php
>>php>>5.0.5
cpe:2.3:a:php:php:5.0.5:*:*:*:*:*:*:*
The PHP Group
php
>>php>>5.1.0
cpe:2.3:a:php:php:5.1.0:*:*:*:*:*:*:*
The PHP Group
php
>>php>>5.1.1
cpe:2.3:a:php:php:5.1.1:*:*:*:*:*:*:*
The PHP Group
php
>>php>>5.1.2
cpe:2.3:a:php:php:5.1.2:*:*:*:*:*:*:*
The PHP Group
php
>>php>>5.1.3
cpe:2.3:a:php:php:5.1.3:*:*:*:*:*:*:*
The PHP Group
php
>>php>>5.1.4
cpe:2.3:a:php:php:5.1.4:*:*:*:*:*:*:*
The PHP Group
php
>>php>>5.1.5
cpe:2.3:a:php:php:5.1.5:*:*:*:*:*:*:*
The PHP Group
php
>>php>>5.1.6
cpe:2.3:a:php:php:5.1.6:*:*:*:*:*:*:*
The PHP Group
php
>>php>>5.2.0
cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*
The PHP Group
php
>>php>>5.2.1
cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*
The PHP Group
php
>>php>>5.2.2
cpe:2.3:a:php:php:5.2.2:*:*:*:*:*:*:*
The PHP Group
php
>>php>>5.2.3
cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*
The PHP Group
php
>>php>>5.2.4
cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-189Primarynvd@nist.gov
CWE ID: CWE-189
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://archives.neohapsis.com/archives/fulldisclosure/2008-05/0103.htmlcve@mitre.org
Exploit
http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.htmlcve@mitre.org
N/A
http://secunia.com/advisories/30757cve@mitre.org
N/A
http://secunia.com/advisories/30828cve@mitre.org
N/A
http://secunia.com/advisories/30967cve@mitre.org
N/A
http://secunia.com/advisories/31119cve@mitre.org
N/A
http://secunia.com/advisories/31124cve@mitre.org
N/A
http://secunia.com/advisories/31200cve@mitre.org
N/A
http://secunia.com/advisories/32746cve@mitre.org
N/A
http://secunia.com/advisories/35003cve@mitre.org
N/A
http://security.gentoo.org/glsa/glsa-200811-05.xmlcve@mitre.org
N/A
http://securityreason.com/securityalert/3859cve@mitre.org
N/A
http://www.debian.org/security/2009/dsa-1789cve@mitre.org
N/A
http://www.mandriva.com/security/advisories?name=MDVSA-2008:125cve@mitre.org
N/A
http://www.mandriva.com/security/advisories?name=MDVSA-2008:126cve@mitre.org
N/A
http://www.mandriva.com/security/advisories?name=MDVSA-2008:127cve@mitre.org
N/A
http://www.mandriva.com/security/advisories?name=MDVSA-2008:128cve@mitre.org
N/A
http://www.mandriva.com/security/advisories?name=MDVSA-2008:129cve@mitre.org
N/A
http://www.mandriva.com/security/advisories?name=MDVSA-2008:130cve@mitre.org
N/A
http://www.redhat.com/support/errata/RHSA-2008-0505.htmlcve@mitre.org
N/A
http://www.redhat.com/support/errata/RHSA-2008-0544.htmlcve@mitre.org
N/A
http://www.redhat.com/support/errata/RHSA-2008-0545.htmlcve@mitre.org
N/A
http://www.redhat.com/support/errata/RHSA-2008-0546.htmlcve@mitre.org
N/A
http://www.redhat.com/support/errata/RHSA-2008-0582.htmlcve@mitre.org
N/A
http://www.securityfocus.com/archive/1/491683/100/0/threadedcve@mitre.org
N/A
http://www.sektioneins.de/advisories/SE-2008-02.txtcve@mitre.org
Exploit
http://www.ubuntu.com/usn/usn-628-1cve@mitre.org
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/42226cve@mitre.org
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/42284cve@mitre.org
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10644cve@mitre.org
N/A
https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00773.htmlcve@mitre.org
N/A
https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00779.htmlcve@mitre.org
N/A
http://archives.neohapsis.com/archives/fulldisclosure/2008-05/0103.htmlaf854a3a-2127-422b-91ae-364da2661108
Exploit
http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/30757af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/30828af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/30967af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/31119af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/31124af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/31200af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/32746af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/35003af854a3a-2127-422b-91ae-364da2661108
N/A
http://security.gentoo.org/glsa/glsa-200811-05.xmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://securityreason.com/securityalert/3859af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.debian.org/security/2009/dsa-1789af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.mandriva.com/security/advisories?name=MDVSA-2008:125af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.mandriva.com/security/advisories?name=MDVSA-2008:126af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.mandriva.com/security/advisories?name=MDVSA-2008:127af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.mandriva.com/security/advisories?name=MDVSA-2008:128af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.mandriva.com/security/advisories?name=MDVSA-2008:129af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.mandriva.com/security/advisories?name=MDVSA-2008:130af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.redhat.com/support/errata/RHSA-2008-0505.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.redhat.com/support/errata/RHSA-2008-0544.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.redhat.com/support/errata/RHSA-2008-0545.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.redhat.com/support/errata/RHSA-2008-0546.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.redhat.com/support/errata/RHSA-2008-0582.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/archive/1/491683/100/0/threadedaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.sektioneins.de/advisories/SE-2008-02.txtaf854a3a-2127-422b-91ae-364da2661108
Exploit
http://www.ubuntu.com/usn/usn-628-1af854a3a-2127-422b-91ae-364da2661108
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/42226af854a3a-2127-422b-91ae-364da2661108
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/42284af854a3a-2127-422b-91ae-364da2661108
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10644af854a3a-2127-422b-91ae-364da2661108
N/A
https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00773.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00779.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://archives.neohapsis.com/archives/fulldisclosure/2008-05/0103.html
Source: cve@mitre.org
Resource:
Exploit
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/30757
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/30828
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/30967
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/31119
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/31124
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/31200
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/32746
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/35003
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://security.gentoo.org/glsa/glsa-200811-05.xml
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://securityreason.com/securityalert/3859
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.debian.org/security/2009/dsa-1789
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2008:125
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2008:126
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2008:127
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2008:128
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2008:129
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2008:130
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0505.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0544.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0545.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0546.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0582.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/491683/100/0/threaded
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.sektioneins.de/advisories/SE-2008-02.txt
Source: cve@mitre.org
Resource:
Exploit
Hyperlink: http://www.ubuntu.com/usn/usn-628-1
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/42226
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/42284
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10644
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00773.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00779.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://archives.neohapsis.com/archives/fulldisclosure/2008-05/0103.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/30757
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/30828
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/30967
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/31119
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/31124
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/31200
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/32746
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/35003
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://security.gentoo.org/glsa/glsa-200811-05.xml
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://securityreason.com/securityalert/3859
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.debian.org/security/2009/dsa-1789
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2008:125
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2008:126
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2008:127
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2008:128
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2008:129
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2008:130
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0505.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0544.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0545.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0546.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0582.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/491683/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.sektioneins.de/advisories/SE-2008-02.txt
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Hyperlink: http://www.ubuntu.com/usn/usn-628-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/42226
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/42284
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10644
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00773.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00779.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Change History
0Changes found
Details not found