U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesSearch And Statistics

Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/a:php:php:4.0.7:rc1
There are 64 matching records.
Displaying matches 61 through 64.
Vuln ID Summary CVSS Severity
CVE-2003-0861

Integer overflows in (1) base64_encode and (2) the GD library for PHP before 4.3.3 have unknown impact and unknown attack vectors.

Published: November 17, 2003; 12:00:00 AM -0500 		V3.x:(not available)
 V2.0: 10.0 HIGH
CVE-2002-2215

The imap_header function in the IMAP functionality for PHP before 4.3.0 allows remote attackers to cause a denial of service via an e-mail message with a large number of "To" addresses, which triggers an error in the rfc822_write_address function.

Published: December 31, 2002; 12:00:00 AM -0500 		V3.x:(not available)
 V2.0: 5.0 MEDIUM
CVE-2002-2309

php.exe in PHP 3.0 through 4.2.2, when running on Apache, does not terminate properly, which allows remote attackers to cause a denial of service via a direct request without arguments.

Published: December 31, 2002; 12:00:00 AM -0500 		V3.x:(not available)
 V2.0: 7.8 HIGH
CVE-2002-0484

move_uploaded_file in PHP does not does not check for the base directory (open_basedir), which could allow remote attackers to upload files to unintended locations on the system.

Published: August 12, 2002; 12:00:00 AM -0400 		V3.x:(not available)
 V2.0: 5.0 MEDIUM