Search Results (Refine Search)
- CPE Product Version: cpe:/a:php:php:5.0.0:beta4
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2006-3011 |
The error_log function in basic_functions.c in PHP before 4.4.4 and 5.x before 5.1.5 allows local users to bypass safe mode and open_basedir restrictions via a "php://" or other scheme in the third argument, which disables safe mode. Published: June 26, 2006; 5:05:00 PM -0400 |
V3.x:(not available) V2.0: 4.6 MEDIUM |
CVE-2006-3017 |
zend_hash_del_key_or_index in zend_hash.c in PHP before 4.4.3 and 5.x before 5.1.3 can cause zend_hash_del to delete the wrong element, which prevents a variable from being unset even when the PHP unset function is called, which might cause the variable's value to be used in security-relevant operations. Published: June 14, 2006; 7:02:00 PM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2006-1494 |
Directory traversal vulnerability in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass open_basedir restrictions allows remote attackers to create files in arbitrary directories via the tempnam function. Published: April 10, 2006; 3:02:00 PM -0400 |
V3.x:(not available) V2.0: 2.6 LOW |
CVE-2006-1608 |
The copy function in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass safe mode and read arbitrary files via a source argument containing a compress.zlib:// URI. Published: April 10, 2006; 3:02:00 PM -0400 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-2006-1490 |
PHP before 5.1.3-RC1 might allow remote attackers to obtain portions of memory via crafted binary data sent to a script that processes user input in the html_entity_decode function and sends the encoded results back to the client, aka a "binary safety" issue. NOTE: this issue has been referred to as a "memory leak," but it is an information leak that discloses memory contents. Published: March 29, 2006; 4:06:00 PM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2006-1014 |
Argument injection vulnerability in certain PHP 4.x and 5.x applications, when used with sendmail and when accepting remote input for the additional_parameters argument to the mb_send_mail function, allows context-dependent attackers to read and create arbitrary files by providing extra -C and -X arguments to sendmail. NOTE: it could be argued that this is a class of technology-specific vulnerability, instead of a particular instance; if so, then this should not be included in CVE. Published: March 06, 2006; 7:02:00 PM -0500 |
V3.x:(not available) V2.0: 3.2 LOW |
CVE-2006-1015 |
Argument injection vulnerability in certain PHP 3.x, 4.x, and 5.x applications, when used with sendmail and when accepting remote input for the additional_parameters argument to the mail function, allows remote attackers to read and create arbitrary files via the sendmail -C and -X arguments. NOTE: it could be argued that this is a class of technology-specific vulnerability, instead of a particular instance; if so, then this should not be included in CVE. Published: March 06, 2006; 7:02:00 PM -0500 |
V3.x:(not available) V2.0: 6.4 MEDIUM |
CVE-2006-1017 |
The c-client library 2000, 2001, or 2004 for PHP before 4.4.4 and 5.x before 5.1.5 do not check the (1) safe_mode or (2) open_basedir functions, and when used in applications that accept user-controlled input for the mailbox argument to the imap_open function, allow remote attackers to obtain access to an IMAP stream data structure and conduct unauthorized IMAP actions. Published: March 06, 2006; 7:02:00 PM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2005-3388 |
Cross-site scripting (XSS) vulnerability in the phpinfo function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5 allows remote attackers to inject arbitrary web script or HTML via a crafted URL with a "stacked array assignment." Published: November 01, 2005; 7:47:00 AM -0500 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2005-3389 |
The parse_str function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, when called with only one parameter, allows remote attackers to enable the register_globals directive via inputs that cause a request to be terminated due to the memory_limit setting, which causes PHP to set an internal flag that enables register_globals and allows attackers to exploit vulnerabilities in PHP applications that would otherwise be protected. Published: November 01, 2005; 7:47:00 AM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2004-0594 |
The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled, allows remote attackers to execute arbitrary code by triggering a memory_limit abort during execution of the zend_hash_init function and overwriting a HashTable destructor pointer before the initialization of key data structures is complete. Published: July 27, 2004; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 5.1 MEDIUM |