Search Results (Refine Search)
- Keyword (text search): cpe:2.3:a:php:php:5.5.23:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2015-3415 |
The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not properly implement comparison operators, which allows context-dependent attackers to cause a denial of service (invalid free operation) or possibly have unspecified other impact via a crafted CHECK clause, as demonstrated by CHECK(0&O>O) in a CREATE TABLE statement. Published: April 24, 2015; 1:59:01 PM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2015-3414 |
SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows context-dependent attackers to cause a denial of service (uninitialized memory access and application crash) or possibly have unspecified other impact via a crafted COLLATE clause, as demonstrated by COLLATE"""""""" at the end of a SELECT statement. Published: April 24, 2015; 1:59:00 PM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2015-1352 |
The build_tablename function in pgsql.c in the PostgreSQL (aka pgsql) extension in PHP through 5.6.7 does not validate token extraction for table names, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted name. Published: March 30, 2015; 6:59:08 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2015-1351 |
Use-after-free vulnerability in the _zend_shared_memdup function in zend_shared_alloc.c in the OPcache extension in PHP through 5.6.7 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Published: March 30, 2015; 6:59:07 AM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2013-6501 |
The default soap.wsdl_cache_dir setting in (1) php.ini-production and (2) php.ini-development in PHP through 5.6.7 specifies the /tmp directory, which makes it easier for local users to conduct WSDL injection attacks by creating a file under /tmp with a predictable filename that is used by the get_sdl function in ext/soap/php_sdl.c. Published: March 30, 2015; 6:59:00 AM -0400 |
V3.x:(not available) V2.0: 4.6 MEDIUM |
CVE-2014-9426 |
The apprentice_load function in libmagic/apprentice.c in the Fileinfo component in PHP through 5.6.4 attempts to perform a free operation on a stack-based character array, which allows remote attackers to cause a denial of service (memory corruption or application crash) or possibly have unspecified other impact via unknown vectors. NOTE: this is disputed by the vendor because the standard erealloc behavior makes the free operation unreachable Published: December 30, 2014; 9:59:01 PM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2014-5459 |
The PEAR_REST class in REST.php in PEAR in PHP through 5.6.0 allows local users to write to arbitrary files via a symlink attack on a (1) rest.cachefile or (2) rest.cacheid file in /tmp/pear/cache/, related to the retrieveCacheFirst and useLocalCache functions. Published: September 27, 2014; 6:55:05 AM -0400 |
V3.x:(not available) V2.0: 3.6 LOW |
CVE-2013-2220 |
Buffer overflow in the radius_get_vendor_attr function in the Radius extension before 1.2.7 for PHP allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large Vendor Specific Attributes (VSA) length value. Published: July 31, 2013; 9:20:27 AM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2007-3205 |
The parse_str function in (1) PHP, (2) Hardened-PHP, and (3) Suhosin, when called without a second parameter, might allow remote attackers to overwrite arbitrary variables by specifying variable names and values in the string to be parsed. NOTE: it is not clear whether this is a design limitation of the function or a bug in PHP, although it is likely to be regarded as a bug in Hardened-PHP and Suhosin. Published: June 13, 2007; 6:30:00 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |