Search Results (Refine Search)
- CPE Product Version: cpe:/a:php:php:4.4.4
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2009-4017 |
PHP before 5.2.12 and 5.3.x before 5.3.1 does not restrict the number of temporary files created when handling a multipart/form-data POST request, which allows remote attackers to cause a denial of service (resource exhaustion), and makes it easier for remote attackers to exploit local file inclusion vulnerabilities, via multiple requests, related to lack of support for the max_file_uploads directive. Published: November 23, 2009; 7:30:00 PM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2009-3558 |
The posix_mkfifo function in ext/posix/posix.c in PHP before 5.2.12 and 5.3.x before 5.3.1 allows context-dependent attackers to bypass open_basedir restrictions, and create FIFO files, via the pathname and mode arguments, as demonstrated by creating a .htaccess file. Published: November 23, 2009; 12:30:00 PM -0500 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2009-3557 |
The tempnam function in ext/standard/file.c in PHP before 5.2.12 and 5.3.x before 5.3.1 allows context-dependent attackers to bypass safe_mode restrictions, and create files in group-writable or world-writable directories, via the dir and prefix arguments. Published: November 23, 2009; 12:30:00 PM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2009-3293 |
Unspecified vulnerability in the imagecolortransparent function in PHP before 5.2.11 has unknown impact and attack vectors related to an incorrect "sanity check for the color index." Published: September 22, 2009; 6:30:00 AM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2009-3292 |
Unspecified vulnerability in PHP before 5.2.11, and 5.3.x before 5.3.1, has unknown impact and attack vectors related to "missing sanity checks around exif processing." Published: September 22, 2009; 6:30:00 AM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2009-3291 |
The php_openssl_apply_verification_policy function in PHP before 5.2.11 does not properly perform certificate validation, which has unknown impact and attack vectors, probably related to an ability to spoof certificates. Published: September 22, 2009; 6:30:00 AM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2008-7068 |
The dba_replace function in PHP 5.2.6 and 4.x allows context-dependent attackers to cause a denial of service (file truncation) via a key with the NULL byte. NOTE: this might only be a vulnerability in limited circumstances in which the attacker can modify or add database entries but does not have permissions to truncate the file. Published: August 25, 2009; 6:30:00 AM -0400 |
V3.x:(not available) V2.0: 6.4 MEDIUM |
CVE-2009-2687 |
The exif_read_data function in the Exif module in PHP before 5.2.10 allows remote attackers to cause a denial of service (crash) via a malformed JPEG image with invalid offset fields, a different issue than CVE-2005-3353. Published: August 05, 2009; 3:30:01 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2009-0754 |
PHP 4.4.4, 5.1.6, and other versions, when running on Apache, allows local users to modify behavior of other sites hosted on the same web server by modifying the mbstring.func_overload setting within .htaccess, which causes this setting to be applied to other virtual hosts on the same server. Published: March 03, 2009; 11:30:05 AM -0500 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-2008-5814 |
Cross-site scripting (XSS) vulnerability in PHP, possibly 5.2.7 and earlier, when display_errors is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: because of the lack of details, it is unclear whether this is related to CVE-2006-0208. Published: January 02, 2009; 1:11:09 PM -0500 |
V3.x:(not available) V2.0: 2.6 LOW |
CVE-2008-5498 |
Array index error in the imageRotate function in PHP 5.2.8 and earlier allows context-dependent attackers to read the contents of arbitrary memory locations via a crafted value of the third argument (aka the bgd_color or clrBack argument) for an indexed image. Published: December 26, 2008; 3:30:00 PM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2008-5557 |
Heap-based buffer overflow in ext/mbstring/libmbfl/filters/mbfilter_htmlent.c in the mbstring extension in PHP 4.3.0 through 5.2.6 allows context-dependent attackers to execute arbitrary code via a crafted string containing an HTML entity, which is not properly handled during Unicode conversion, related to the (1) mb_convert_encoding, (2) mb_check_encoding, (3) mb_convert_variables, and (4) mb_parse_str functions. Published: December 23, 2008; 1:30:03 PM -0500 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2008-5658 |
Directory traversal vulnerability in the ZipArchive::extractTo function in PHP 5.2.6 and earlier allows context-dependent attackers to write arbitrary files via a ZIP file with a file whose name contains .. (dot dot) sequences. Published: December 17, 2008; 3:30:01 PM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2008-5625 |
PHP 5 before 5.2.7 does not enforce the error_log safe_mode restrictions when safe_mode is enabled through a php_admin_flag setting in httpd.conf, which allows context-dependent attackers to write to arbitrary files by placing a "php_value error_log" entry in a .htaccess file. Published: December 17, 2008; 12:30:00 PM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2008-4107 |
The (1) rand and (2) mt_rand functions in PHP 5.2.6 do not produce cryptographically strong random numbers, which allows attackers to leverage exposures in products that rely on these functions for security-relevant functionality, as demonstrated by the password-reset functionality in Joomla! 1.5.x and WordPress before 2.6.2, a different vulnerability than CVE-2008-2107, CVE-2008-2108, and CVE-2008-4102. Published: September 18, 2008; 1:59:33 PM -0400 |
V3.x:(not available) V2.0: 5.1 MEDIUM |
CVE-2008-3658 |
Buffer overflow in the imageloadfont function in ext/gd/gd.c in PHP 4.4.x before 4.4.9 and PHP 5.2 before 5.2.6-r6 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted font file. Published: August 14, 2008; 8:41:00 PM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2008-3659 |
Buffer overflow in the memnstr function in PHP 4.4.x before 4.4.9 and PHP 5.6 through 5.2.6 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via the delimiter argument to the explode function. NOTE: the scope of this issue is limited since most applications would not use an attacker-controlled delimiter, but local attacks against safe_mode are feasible. Published: August 14, 2008; 8:41:00 PM -0400 |
V3.x:(not available) V2.0: 6.4 MEDIUM |
CVE-2008-3660 |
PHP 4.4.x before 4.4.9, and 5.x through 5.2.6, when used as a FastCGI module, allows remote attackers to cause a denial of service (crash) via a request with multiple dots preceding the extension, as demonstrated using foo..php. Published: August 14, 2008; 8:41:00 PM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2008-2829 |
php_imap.c in PHP 5.2.5, 5.2.6, 4.x, and other versions, uses obsolete API calls that allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long IMAP request, which triggers an "rfc822.c legacy routine buffer overflow" error message, related to the rfc822_write_address function. Published: June 23, 2008; 4:41:00 PM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2008-2666 |
Multiple directory traversal vulnerabilities in PHP 5.2.6 and earlier allow context-dependent attackers to bypass safe_mode restrictions by creating a subdirectory named http: and then placing ../ (dot dot slash) sequences in an http URL argument to the (1) chdir or (2) ftok function. Published: June 19, 2008; 9:41:00 PM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |