Search Results (Refine Search)
- CPE Product Version: cpe:/a:php:php:4.4.8
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2007-4663 |
Directory traversal vulnerability in PHP before 5.2.4 allows attackers to bypass open_basedir restrictions via unspecified vectors involving the glob function. Published: September 04, 2007; 6:17:00 PM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2007-4652 |
The session extension in PHP before 5.2.4 might allow local users to bypass open_basedir restrictions via a session file that is a symlink. Published: September 04, 2007; 3:17:00 PM -0400 |
V3.x:(not available) V2.0: 4.4 MEDIUM |
CVE-2007-3996 |
Multiple integer overflows in libgd in PHP before 5.2.4 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large (1) srcW or (2) srcH value to the (a) gdImageCopyResized function, or a large (3) sy (height) or (4) sx (width) value to the (b) gdImageCreate or the (c) gdImageCreateTrueColor function. Published: September 04, 2007; 2:17:00 PM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2007-4586 |
Multiple buffer overflows in php_iisfunc.dll in the iisfunc extension for PHP 5.2.0 and earlier allow context-dependent attackers to execute arbitrary code, probably during Unicode conversion, as demonstrated by a long string in the first argument to the iis_getservicestate function, related to the ServiceId argument to the (1) fnStartService, (2) fnGetServiceState, (3) fnStopService, and possibly other functions. Published: August 28, 2007; 9:17:00 PM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2007-4441 |
Buffer overflow in php_win32std.dll in the win32std extension for PHP 5.2.0 and earlier allows context-dependent attackers to execute arbitrary code via a long string in the filename argument to the win_browse_file function. Published: August 20, 2007; 8:17:00 PM -0400 |
V3.x:(not available) V2.0: 4.6 MEDIUM |
CVE-2007-2748 |
The substr_count function in PHP 5.2.1 and earlier allows context-dependent attackers to obtain sensitive information via unspecified vectors, a different affected function than CVE-2007-1375. Published: May 17, 2007; 4:30:00 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2007-1521 |
Double free vulnerability in PHP before 4.4.7, and 5.x before 5.2.2, allows context-dependent attackers to execute arbitrary code by interrupting the session_regenerate_id function, as demonstrated by calling a userspace error handler or triggering a memory limit violation. Published: March 20, 2007; 4:19:00 PM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2007-1413 |
Buffer overflow in the snmpget function in the snmp extension in PHP 5.2.3 and earlier, including PHP 4.4.6 and probably other PHP 4 versions, allows context-dependent attackers to execute arbitrary code via a long value in the third argument (object id). Published: March 12, 2007; 7:19:00 PM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2007-1375 |
Integer overflow in the substr_compare function in PHP 5.2.1 and earlier allows context-dependent attackers to read sensitive memory via a large value in the length argument, a different vulnerability than CVE-2006-1991. Published: March 09, 2007; 7:19:00 PM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2007-0910 |
Unspecified vulnerability in PHP before 5.2.1 allows attackers to "clobber" certain super-global variables via unspecified vectors. Published: February 13, 2007; 6:28:00 PM -0500 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2006-5706 |
Unspecified vulnerabilities in PHP, probably before 5.2.0, allow local users to bypass open_basedir restrictions and perform unspecified actions via unspecified vectors involving the (1) chdir and (2) tempnam functions. NOTE: the tempnam vector might overlap CVE-2006-1494. Published: November 03, 2006; 8:07:00 PM -0500 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2006-5465 |
Buffer overflow in PHP before 5.2.0 allows remote attackers to execute arbitrary code via crafted UTF-8 inputs to the (1) htmlentities or (2) htmlspecialchars functions. Published: November 03, 2006; 7:07:00 PM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2006-5178 |
Race condition in the symlink function in PHP 5.1.6 and earlier allows local users to bypass the open_basedir restriction by using a combination of symlink, mkdir, and unlink functions to change the file path after the open_basedir check and before the file is opened by the underlying system, as demonstrated by symlinking a symlink into a subdirectory, to point to a parent directory via .. (dot dot) sequences, and then unlinking the resulting symlink. Published: October 10, 2006; 12:06:00 AM -0400 |
V3.x:(not available) V2.0: 6.2 MEDIUM |
CVE-2006-4482 |
Multiple heap-based buffer overflows in the (1) str_repeat and (2) wordwrap functions in ext/standard/string.c in PHP before 5.1.5, when used on a 64-bit system, have unspecified impact and attack vectors, a different vulnerability than CVE-2006-1990. Published: August 31, 2006; 5:04:00 PM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2006-4483 |
The cURL extension files (1) ext/curl/interface.c and (2) ext/curl/streams.c in PHP before 5.1.5 permit the CURLOPT_FOLLOWLOCATION option when open_basedir or safe_mode is enabled, which allows attackers to perform unauthorized actions, possibly related to the realpath cache. Published: August 31, 2006; 5:04:00 PM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2004-0958 |
php_variables.c in PHP before 5.0.2 allows remote attackers to read sensitive memory contents via (1) GET, (2) POST, or (3) COOKIE GPC variables that end in an open bracket character, which causes PHP to calculate an incorrect string length. Published: November 03, 2004; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2004-0959 |
rfc1867.c in PHP before 5.0.2 allows local users to upload files to arbitrary locations via a PHP script with a certain MIME header that causes the "$_FILES" array to be modified. Published: November 03, 2004; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 2.1 LOW |