U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/a:php:php:4.4.4
There are 372 matching records.
Displaying matches 301 through 320.
Vuln ID Summary CVSS Severity
CVE-2007-4670

Unspecified vulnerability in PHP before 5.2.4 has unknown impact and attack vectors, related to an "Improved fix for MOPB-03-2007," probably a variant of CVE-2007-1285.

Published: September 04, 2007; 8:17:00 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2007-4657

Multiple integer overflows in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, allow remote attackers to obtain sensitive information (memory contents) or cause a denial of service (thread crash) via a large len value to the (1) strspn or (2) strcspn function, which triggers an out-of-bounds read. NOTE: this affects different product versions than CVE-2007-3996.

Published: September 04, 2007; 6:17:00 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2007-4658

The money_format function in PHP 5 before 5.2.4, and PHP 4 before 4.4.8, permits multiple (1) %i and (2) %n tokens, which has unknown impact and attack vectors, possibly related to a format string vulnerability.

Published: September 04, 2007; 6:17:00 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2007-4659

The zend_alter_ini_entry function in PHP before 5.2.4 does not properly handle an interruption to the flow of execution triggered by a memory_limit violation, which has unknown impact and attack vectors.

Published: September 04, 2007; 6:17:00 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2007-4660

Unspecified vulnerability in the chunk_split function in PHP before 5.2.4 has unknown impact and attack vectors, related to an incorrect size calculation.

Published: September 04, 2007; 6:17:00 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2007-4662

Buffer overflow in the php_openssl_make_REQ function in PHP before 5.2.4 has unknown impact and attack vectors.

Published: September 04, 2007; 6:17:00 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2007-4663

Directory traversal vulnerability in PHP before 5.2.4 allows attackers to bypass open_basedir restrictions via unspecified vectors involving the glob function.

Published: September 04, 2007; 6:17:00 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2007-4652

The session extension in PHP before 5.2.4 might allow local users to bypass open_basedir restrictions via a session file that is a symlink.

Published: September 04, 2007; 3:17:00 PM -0400
V3.x:(not available)
V2.0: 4.4 MEDIUM
CVE-2007-3996

Multiple integer overflows in libgd in PHP before 5.2.4 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large (1) srcW or (2) srcH value to the (a) gdImageCopyResized function, or a large (3) sy (height) or (4) sx (width) value to the (b) gdImageCreate or the (c) gdImageCreateTrueColor function.

Published: September 04, 2007; 2:17:00 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2007-3997

The (1) MySQL and (2) MySQLi extensions in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, allow remote attackers to bypass safe_mode and open_basedir restrictions via MySQL LOCAL INFILE operations, as demonstrated by a query with LOAD DATA LOCAL INFILE.

Published: September 04, 2007; 2:17:00 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2007-3998

The wordwrap function in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, does not properly use the breakcharlen variable, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash, or infinite loop) via certain arguments, as demonstrated by a 'chr(0), 0, ""' argument set.

Published: September 04, 2007; 2:17:00 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2007-4586

Multiple buffer overflows in php_iisfunc.dll in the iisfunc extension for PHP 5.2.0 and earlier allow context-dependent attackers to execute arbitrary code, probably during Unicode conversion, as demonstrated by a long string in the first argument to the iis_getservicestate function, related to the ServiceId argument to the (1) fnStartService, (2) fnGetServiceState, (3) fnStopService, and possibly other functions.

Published: August 28, 2007; 9:17:00 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2007-4441

Buffer overflow in php_win32std.dll in the win32std extension for PHP 5.2.0 and earlier allows context-dependent attackers to execute arbitrary code via a long string in the filename argument to the win_browse_file function.

Published: August 20, 2007; 8:17:00 PM -0400
V3.x:(not available)
V2.0: 4.6 MEDIUM
CVE-2007-3799

The session_start function in ext/session in PHP 4.x up to 4.4.7 and 5.x up to 5.2.3 allows remote attackers to insert arbitrary attributes into the session cookie via special characters in a cookie that is obtained from (1) PATH_INFO, (2) the session_id function, and (3) the session_start function, which are not encoded or filtered when the new session cookie is generated, a related issue to CVE-2006-0207.

Published: July 16, 2007; 6:30:00 PM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2007-3378

The (1) session_save_path, (2) ini_set, and (3) error_log functions in PHP 4.4.7 and earlier, and PHP 5 5.2.3 and earlier, when invoked from a .htaccess file, allow remote attackers to bypass safe_mode and open_basedir restrictions and possibly execute arbitrary commands, as demonstrated using (a) php_value, (b) php_flag, and (c) directives in .htaccess.

Published: June 29, 2007; 2:30:00 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2007-2872

Multiple integer overflows in the chunk_split function in PHP 5 before 5.2.3 and PHP 4 before 4.4.8 allow remote attackers to cause a denial of service (crash) or execute arbitrary code via the (1) chunks, (2) srclen, and (3) chunklen arguments.

Published: June 04, 2007; 1:30:00 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2007-2844

PHP 4.x and 5.x before 5.2.1, when running on multi-threaded systems, does not ensure thread safety for libc crypt function calls using protection schemes such as a mutex, which creates race conditions that allow remote attackers to overwrite internal program memory and gain system access.

Published: May 24, 2007; 2:30:00 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2007-2748

The substr_count function in PHP 5.2.1 and earlier allows context-dependent attackers to obtain sensitive information via unspecified vectors, a different affected function than CVE-2007-1375.

Published: May 17, 2007; 4:30:00 PM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2007-2727

The mcrypt_create_iv function in ext/mcrypt/mcrypt.c in PHP before 4.4.7, 5.2.1, and possibly 5.0.x and other PHP 5 versions, calls php_rand_r with an uninitialized seed variable and therefore always generates the same initialization vector (IV), which might allow context-dependent attackers to decrypt certain data more easily because of the guessable encryption keys.

Published: May 16, 2007; 6:30:00 PM -0400
V3.x:(not available)
V2.0: 2.6 LOW
CVE-2007-1864

Buffer overflow in the bundled libxmlrpc library in PHP before 4.4.7, and 5.x before 5.2.2, has unknown impact and remote attack vectors.

Published: May 08, 2007; 8:19:00 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH