CVE 2007-5898
The (1) htmlentities and (2) htmlspecialchars functions in PHP before 5.2.5 accept partial multibyte sequences, which has unknown impact and attack vectors, a different issue than CVE-2006-5465.
Related bugs and status
CVE-2007-5898 (Candidate) is related to these bugs:
Bug #227464: Please roll out security fixes from PHP 5.2.6
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 227464 | Please roll out security fixes from PHP 5.2.6 | php5 (Ubuntu) | Undecided | Fix Released | ||
| 227464 | Please roll out security fixes from PHP 5.2.6 | php5 (Debian) | Unknown | Fix Released | ||
| 227464 | Please roll out security fixes from PHP 5.2.6 | Hardy Backports | Undecided | Invalid | ||
| 227464 | Please roll out security fixes from PHP 5.2.6 | php5 (Ubuntu Hardy) | Undecided | Fix Released | ||
| 227464 | Please roll out security fixes from PHP 5.2.6 | php5 (Ubuntu Dapper) | Undecided | Fix Released | ||
| 227464 | Please roll out security fixes from PHP 5.2.6 | php5 (Ubuntu Feisty) | Undecided | Fix Released | ||
| 227464 | Please roll out security fixes from PHP 5.2.6 | php5 (Ubuntu Gutsy) | Undecided | Fix Released | ||
Bug #228095: php5 5.2.4 and lower vulnerable to several CVEs
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 228095 | php5 5.2.4 and lower vulnerable to several CVEs | php5 (Ubuntu) | Undecided | Fix Released | ||
| 228095 | php5 5.2.4 and lower vulnerable to several CVEs | php5 (Ubuntu Dapper) | Undecided | Fix Released | ||
| 228095 | php5 5.2.4 and lower vulnerable to several CVEs | php5 (Ubuntu Feisty) | Undecided | Fix Released | ||
| 228095 | php5 5.2.4 and lower vulnerable to several CVEs | php5 (Ubuntu Gutsy) | Undecided | Fix Released | ||
| 228095 | php5 5.2.4 and lower vulnerable to several CVEs | php5 (Ubuntu Hardy) | Undecided | Fix Released | ||
See the 
CVE page on Mitre.org
for more details.
