Filtered by vendor Php
Subscribe
Total
737 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2010-1862 | 1 Php | 1 Php | 2024-02-28 | 5.0 MEDIUM | N/A |
The chunk_split function in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to obtain sensitive information (memory contents) by causing a userspace interruption of an internal function, related to the call time pass by reference feature. | |||||
CVE-2010-3870 | 2 Canonical, Php | 2 Ubuntu Linux, Php | 2024-02-28 | 6.8 MEDIUM | N/A |
The utf8_decode function in PHP before 5.3.4 does not properly handle non-shortest form UTF-8 encoding and ill-formed subsequences in UTF-8 data, which makes it easier for remote attackers to bypass cross-site scripting (XSS) and SQL injection protection mechanisms via a crafted string. | |||||
CVE-2011-1468 | 1 Php | 1 Php | 2024-02-28 | 4.3 MEDIUM | N/A |
Multiple memory leaks in the OpenSSL extension in PHP before 5.3.6 might allow remote attackers to cause a denial of service (memory consumption) via (1) plaintext data to the openssl_encrypt function or (2) ciphertext data to the openssl_decrypt function. | |||||
CVE-2010-1860 | 1 Php | 1 Php | 2024-02-28 | 5.0 MEDIUM | N/A |
The html_entity_decode function in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to obtain sensitive information (memory contents) or trigger memory corruption by causing a userspace interruption of an internal call, related to the call time pass by reference feature. | |||||
CVE-2010-4700 | 1 Php | 1 Php | 2024-02-28 | 6.8 MEDIUM | N/A |
The set_magic_quotes_runtime function in PHP 5.3.2 and 5.3.3, when the MySQLi extension is used, does not properly interact with use of the mysqli_fetch_assoc function, which might make it easier for context-dependent attackers to conduct SQL injection attacks via crafted input that had been properly handled in earlier PHP versions. | |||||
CVE-2012-0831 | 1 Php | 1 Php | 2024-02-28 | 6.8 MEDIUM | N/A |
PHP before 5.3.10 does not properly perform a temporary change to the magic_quotes_gpc directive during the importing of environment variables, which makes it easier for remote attackers to conduct SQL injection attacks via a crafted request, related to main/php_variables.c, sapi/cgi/cgi_main.c, and sapi/fpm/fpm/fpm_main.c. | |||||
CVE-2010-1129 | 1 Php | 1 Php | 2024-02-28 | 7.5 HIGH | N/A |
The safe_mode implementation in PHP before 5.2.13 does not properly handle directory pathnames that lack a trailing / (slash) character, which allows context-dependent attackers to bypass intended access restrictions via vectors related to use of the tempnam function. | |||||
CVE-2010-3710 | 1 Php | 1 Php | 2024-02-28 | 4.3 MEDIUM | N/A |
Stack consumption vulnerability in the filter_var function in PHP 5.2.x through 5.2.14 and 5.3.x through 5.3.3, when FILTER_VALIDATE_EMAIL mode is used, allows remote attackers to cause a denial of service (memory consumption and application crash) via a long e-mail address string. | |||||
CVE-2011-0754 | 2 Microsoft, Php | 2 Windows, Php | 2024-02-28 | 4.4 MEDIUM | N/A |
The SplFileInfo::getType function in the Standard PHP Library (SPL) extension in PHP before 5.3.4 on Windows does not properly detect symbolic links, which might make it easier for local users to conduct symlink attacks by leveraging cross-platform differences in the stat structure, related to lack of a FILE_ATTRIBUTE_REPARSE_POINT check. | |||||
CVE-2011-1471 | 1 Php | 1 Php | 2024-02-28 | 4.3 MEDIUM | N/A |
Integer signedness error in zip_stream.c in the Zip extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (CPU consumption) via a malformed archive file that triggers errors in zip_fread function calls. | |||||
CVE-2010-1866 | 3 Opensuse, Php, Suse | 3 Opensuse, Php, Linux Enterprise | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
The dechunk filter in PHP 5.3 through 5.3.2, when decoding an HTTP chunked encoding stream, allows context-dependent attackers to cause a denial of service (crash) and possibly trigger memory corruption via a negative chunk size, which bypasses a signed comparison, related to an integer overflow in the chunk size decoder. | |||||
CVE-2010-0397 | 1 Php | 1 Php | 2024-02-28 | 5.0 MEDIUM | N/A |
The xmlrpc extension in PHP 5.3.1 does not properly handle a missing methodName element in the first argument to the xmlrpc_decode_request function, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) and possibly have unspecified other impact via a crafted argument. | |||||
CVE-2010-1130 | 1 Php | 1 Php | 2024-02-28 | 5.0 MEDIUM | N/A |
session.c in the session extension in PHP before 5.2.13, and 5.3.1, does not properly interpret ; (semicolon) characters in the argument to the session_save_path function, which allows context-dependent attackers to bypass open_basedir and safe_mode restrictions via an argument that contains multiple ; characters in conjunction with a .. (dot dot). | |||||
CVE-2011-0753 | 1 Php | 1 Php | 2024-02-28 | 4.3 MEDIUM | N/A |
Race condition in the PCNTL extension in PHP before 5.3.4, when a user-defined signal handler exists, might allow context-dependent attackers to cause a denial of service (memory corruption) via a large number of concurrent signals. | |||||
CVE-2010-4156 | 2 Php, Scottmac | 2 Php, Libmbfl | 2024-02-28 | 5.0 MEDIUM | N/A |
The mb_strcut function in Libmbfl 1.1.0, as used in PHP 5.3.x through 5.3.3, allows context-dependent attackers to obtain potentially sensitive information via a large value of the third parameter (aka the length parameter). | |||||
CVE-2011-0441 | 1 Php | 1 Php | 2024-02-28 | 6.3 MEDIUM | N/A |
The Debian GNU/Linux /etc/cron.d/php5 cron job for PHP 5.3.5 allows local users to delete arbitrary files via a symlink attack on a directory under /var/lib/php5/. | |||||
CVE-2010-2097 | 1 Php | 1 Php | 2024-02-28 | 5.0 MEDIUM | N/A |
The (1) iconv_mime_decode, (2) iconv_substr, and (3) iconv_mime_encode functions in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allow context-dependent attackers to obtain sensitive information (memory contents) by causing a userspace interruption of an internal function, related to the call time pass by reference feature. | |||||
CVE-2010-4698 | 1 Php | 1 Php | 2024-02-28 | 5.0 MEDIUM | N/A |
Stack-based buffer overflow in the GD extension in PHP before 5.2.15 and 5.3.x before 5.3.4 allows context-dependent attackers to cause a denial of service (application crash) via a large number of anti-aliasing steps in an argument to the imagepstext function. | |||||
CVE-2010-3065 | 1 Php | 1 Php | 2024-02-28 | 5.0 MEDIUM | N/A |
The default session serializer in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 does not properly handle the PS_UNDEF_MARKER marker, which allows context-dependent attackers to modify arbitrary session variables via a crafted session variable name. | |||||
CVE-2010-2094 | 1 Php | 1 Php | 2024-02-28 | 6.8 MEDIUM | N/A |
Multiple format string vulnerabilities in the phar extension in PHP 5.3 before 5.3.2 allow context-dependent attackers to obtain sensitive information (memory contents) and possibly execute arbitrary code via a crafted phar:// URI that is not properly handled by the (1) phar_stream_flush, (2) phar_wrapper_unlink, (3) phar_parse_url, or (4) phar_wrapper_open_url functions in ext/phar/stream.c; and the (5) phar_wrapper_open_dir function in ext/phar/dirstream.c, which triggers errors in the php_stream_wrapper_log_error function. |