Filtered by vendor Php
Subscribe
Total
727 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-3292 | 1 Php | 1 Php | 2018-10-30 | 7.5 HIGH | N/A |
| Unspecified vulnerability in PHP before 5.2.11, and 5.3.x before 5.3.1, has unknown impact and attack vectors related to "missing sanity checks around exif processing." | |||||
| CVE-2009-3291 | 1 Php | 1 Php | 2018-10-30 | 7.5 HIGH | N/A |
| The php_openssl_apply_verification_policy function in PHP before 5.2.11 does not properly perform certificate validation, which has unknown impact and attack vectors, probably related to an ability to spoof certificates. | |||||
| CVE-2009-2626 | 1 Php | 1 Php | 2018-10-30 | 6.4 MEDIUM | N/A |
| The zend_restore_ini_entry_cb function in zend_ini.c in PHP 5.3.0, 5.2.10, and earlier versions allows context-specific attackers to obtain sensitive information (memory contents) and cause a PHP crash by using the ini_set function to declare a variable, then using the ini_restore function to restore the variable. | |||||
| CVE-2008-7068 | 1 Php | 1 Php | 2018-10-30 | 6.4 MEDIUM | N/A |
| The dba_replace function in PHP 5.2.6 and 4.x allows context-dependent attackers to cause a denial of service (file truncation) via a key with the NULL byte. NOTE: this might only be a vulnerability in limited circumstances in which the attacker can modify or add database entries but does not have permissions to truncate the file. | |||||
| CVE-2008-5814 | 1 Php | 1 Php | 2018-10-30 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in PHP, possibly 5.2.7 and earlier, when display_errors is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: because of the lack of details, it is unclear whether this is related to CVE-2006-0208. | |||||
| CVE-2008-4107 | 1 Php | 1 Php | 2018-10-30 | 5.1 MEDIUM | N/A |
| The (1) rand and (2) mt_rand functions in PHP 5.2.6 do not produce cryptographically strong random numbers, which allows attackers to leverage exposures in products that rely on these functions for security-relevant functionality, as demonstrated by the password-reset functionality in Joomla! 1.5.x and WordPress before 2.6.2, a different vulnerability than CVE-2008-2107, CVE-2008-2108, and CVE-2008-4102. | |||||
| CVE-2007-0908 | 2 Canonical, Php | 2 Ubuntu Linux, Php | 2018-10-30 | 5.0 MEDIUM | N/A |
| The WDDX deserializer in the wddx extension in PHP 5 before 5.2.1 and PHP 4 before 4.4.5 does not properly initialize the key_length variable for a numerical key, which allows context-dependent attackers to read stack memory via a wddxPacket element that contains a variable with a string name before a numerical variable. | |||||
| CVE-2011-2202 | 1 Php | 1 Php | 2018-10-30 | 6.4 MEDIUM | N/A |
| The rfc1867_post_handler function in main/rfc1867.c in PHP before 5.3.7 does not properly restrict filenames in multipart/form-data POST requests, which allows remote attackers to conduct absolute path traversal attacks, and possibly create or overwrite arbitrary files, via a crafted upload request, related to a "file path injection vulnerability." | |||||
| CVE-2006-7243 | 1 Php | 1 Php | 2018-10-30 | 5.0 MEDIUM | N/A |
| PHP before 5.3.4 accepts the \0 character in a pathname, which might allow context-dependent attackers to bypass intended access restrictions by placing a safe file extension after this character, as demonstrated by .php\0.jpg at the end of the argument to the file_exists function. | |||||
| CVE-2011-1466 | 1 Php | 1 Php | 2018-10-30 | 5.0 MEDIUM | N/A |
| Integer overflow in the SdnToJulian function in the Calendar extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (application crash) via a large integer in the first argument to the cal_from_jd function. | |||||
| CVE-2011-1148 | 1 Php | 1 Php | 2018-10-30 | 7.5 HIGH | N/A |
| Use-after-free vulnerability in the substr_replace function in PHP 5.3.6 and earlier allows context-dependent attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact by using the same variable for multiple arguments. | |||||
| CVE-2011-1092 | 1 Php | 1 Php | 2018-10-30 | 7.5 HIGH | N/A |
| Integer overflow in ext/shmop/shmop.c in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (crash) and possibly read sensitive memory via a large third argument to the shmop_read function. | |||||
| CVE-2011-0755 | 1 Php | 1 Php | 2018-10-30 | 5.0 MEDIUM | N/A |
| Integer overflow in the mt_rand function in PHP before 5.3.4 might make it easier for context-dependent attackers to predict the return values by leveraging a script's use of a large max parameter, as demonstrated by a value that exceeds mt_getrandmax. | |||||
| CVE-2011-0754 | 2 Microsoft, Php | 2 Windows, Php | 2018-10-30 | 4.4 MEDIUM | N/A |
| The SplFileInfo::getType function in the Standard PHP Library (SPL) extension in PHP before 5.3.4 on Windows does not properly detect symbolic links, which might make it easier for local users to conduct symlink attacks by leveraging cross-platform differences in the stat structure, related to lack of a FILE_ATTRIBUTE_REPARSE_POINT check. | |||||
| CVE-2011-0753 | 1 Php | 1 Php | 2018-10-30 | 4.3 MEDIUM | N/A |
| Race condition in the PCNTL extension in PHP before 5.3.4, when a user-defined signal handler exists, might allow context-dependent attackers to cause a denial of service (memory corruption) via a large number of concurrent signals. | |||||
| CVE-2011-0752 | 1 Php | 1 Php | 2018-10-30 | 5.0 MEDIUM | N/A |
| The extract function in PHP before 5.2.15 does not prevent use of the EXTR_OVERWRITE parameter to overwrite (1) the GLOBALS superglobal array and (2) the this variable, which allows context-dependent attackers to bypass intended access restrictions by modifying data structures that were not intended to depend on external input, a related issue to CVE-2005-2691 and CVE-2006-3758. | |||||
| CVE-2011-0708 | 1 Php | 1 Php | 2018-10-30 | 4.3 MEDIUM | N/A |
| exif.c in the Exif extension in PHP before 5.3.6 on 64-bit platforms performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) via an image with a crafted Image File Directory (IFD) that triggers a buffer over-read. | |||||
| CVE-2011-0421 | 1 Php | 1 Php | 2018-10-30 | 4.3 MEDIUM | N/A |
| The _zip_name_locate function in zip_name_locate.c in the Zip extension in PHP before 5.3.6 does not properly handle a ZIPARCHIVE::FL_UNCHANGED argument, which might allow context-dependent attackers to cause a denial of service (NULL pointer dereference) via an empty ZIP archive that is processed with a (1) locateName or (2) statName operation. | |||||
| CVE-2010-4699 | 1 Php | 1 Php | 2018-10-30 | 5.0 MEDIUM | N/A |
| The iconv_mime_decode_headers function in the Iconv extension in PHP before 5.3.4 does not properly handle encodings that are unrecognized by the iconv and mbstring (aka Multibyte String) implementations, which allows remote attackers to trigger an incomplete output array, and possibly bypass spam detection or have unspecified other impact, via a crafted Subject header in an e-mail message, as demonstrated by the ks_c_5601-1987 character set. | |||||
| CVE-2010-4697 | 1 Php | 1 Php | 2018-10-30 | 6.8 MEDIUM | N/A |
| Use-after-free vulnerability in the Zend engine in PHP before 5.2.15 and 5.3.x before 5.3.4 might allow context-dependent attackers to cause a denial of service (heap memory corruption) or have unspecified other impact via vectors related to use of __set, __get, __isset, and __unset methods on objects accessed by a reference. | |||||