U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:a:php:php:5.2.7:rc4:*:*:*:*:*:*
  • CPE Name Search: true
There are 295 matching records.
Displaying matches 281 through 295.
Vuln ID Summary CVSS Severity
CVE-2009-4018

The proc_open function in ext/standard/proc_open.c in PHP before 5.2.11 and 5.3.x before 5.3.1 does not enforce the (1) safe_mode_allowed_env_vars and (2) safe_mode_protected_env_vars directives, which allows context-dependent attackers to execute programs with an arbitrary environment via the env parameter, as demonstrated by a crafted value of the LD_LIBRARY_PATH environment variable.

Published: November 29, 2009; 8:07:32 AM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2009-3558

The posix_mkfifo function in ext/posix/posix.c in PHP before 5.2.12 and 5.3.x before 5.3.1 allows context-dependent attackers to bypass open_basedir restrictions, and create FIFO files, via the pathname and mode arguments, as demonstrated by creating a .htaccess file.

Published: November 23, 2009; 12:30:00 PM -0500
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2009-3557

The tempnam function in ext/standard/file.c in PHP before 5.2.12 and 5.3.x before 5.3.1 allows context-dependent attackers to bypass safe_mode restrictions, and create files in group-writable or world-writable directories, via the dir and prefix arguments.

Published: November 23, 2009; 12:30:00 PM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2009-3294

The popen API function in TSRM/tsrm_win32.c in PHP before 5.2.11 and 5.3.x before 5.3.1, when running on certain Windows operating systems, allows context-dependent attackers to cause a denial of service (crash) via a crafted (1) "e" or (2) "er" string in the second argument (aka mode), possibly related to the _fdopen function in the Microsoft C runtime library. NOTE: this might not cross privilege boundaries except in rare cases in which the mode argument is accessible to an attacker outside of an application that uses the popen function.

Published: September 22, 2009; 6:30:00 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2009-3293

Unspecified vulnerability in the imagecolortransparent function in PHP before 5.2.11 has unknown impact and attack vectors related to an incorrect "sanity check for the color index."

Published: September 22, 2009; 6:30:00 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2009-3292

Unspecified vulnerability in PHP before 5.2.11, and 5.3.x before 5.3.1, has unknown impact and attack vectors related to "missing sanity checks around exif processing."

Published: September 22, 2009; 6:30:00 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2009-3291

The php_openssl_apply_verification_policy function in PHP before 5.2.11 does not properly perform certificate validation, which has unknown impact and attack vectors, probably related to an ability to spoof certificates.

Published: September 22, 2009; 6:30:00 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2009-1272

The php_zip_make_relative_path function in php_zip.c in PHP 5.2.x before 5.2.9 allows context-dependent attackers to cause a denial of service (crash) via a ZIP file that contains filenames with relative paths, which is not properly handled during extraction.

Published: April 08, 2009; 2:30:00 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2009-1271

The JSON_parser function (ext/json/JSON_parser.c) in PHP 5.2.x before 5.2.9 allows remote attackers to cause a denial of service (segmentation fault) via a malformed string to the json_decode API function.

Published: April 08, 2009; 2:30:00 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2008-5844

PHP 5.2.7 contains an incorrect change to the FILTER_UNSAFE_RAW functionality, and unintentionally disables magic_quotes_gpc regardless of the actual magic_quotes_gpc setting, which might make it easier for context-dependent attackers to conduct SQL injection attacks and unspecified other attacks.

Published: January 05, 2009; 3:30:02 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2008-5814

Cross-site scripting (XSS) vulnerability in PHP, possibly 5.2.7 and earlier, when display_errors is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: because of the lack of details, it is unclear whether this is related to CVE-2006-0208.

Published: January 02, 2009; 1:11:09 PM -0500
V3.x:(not available)
V2.0: 2.6 LOW
CVE-2008-5498

Array index error in the imageRotate function in PHP 5.2.8 and earlier allows context-dependent attackers to read the contents of arbitrary memory locations via a crafted value of the third argument (aka the bgd_color or clrBack argument) for an indexed image.

Published: December 26, 2008; 3:30:00 PM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2008-5624

PHP 5 before 5.2.7 does not properly initialize the page_uid and page_gid global variables for use by the SAPI php_getuid function, which allows context-dependent attackers to bypass safe_mode restrictions via variable settings that are intended to be restricted to root, as demonstrated by a setting of /etc for the error_log variable.

Published: December 17, 2008; 12:30:00 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2007-3205

The parse_str function in (1) PHP, (2) Hardened-PHP, and (3) Suhosin, when called without a second parameter, might allow remote attackers to overwrite arbitrary variables by specifying variable names and values in the string to be parsed. NOTE: it is not clear whether this is a design limitation of the function or a bug in PHP, although it is likely to be regarded as a bug in Hardened-PHP and Suhosin.

Published: June 13, 2007; 6:30:00 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2007-1581

The resource system in PHP 5.0.0 through 5.2.1 allows context-dependent attackers to execute arbitrary code by interrupting the hash_update_file function via a userspace (1) error or (2) stream handler, which can then be used to destroy and modify internal resources. NOTE: it was later reported that PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 are also affected.

Published: March 21, 2007; 7:19:00 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH