Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:a:php:php:5.2.11:rc3:*:*:*:*:*:*
There are 302 matching records.
Displaying matches 281 through 300.
Vuln ID Summary CVSS Severity
CVE-2010-2093

Use-after-free vulnerability in the request shutdown functionality in PHP 5.2 before 5.2.13 and 5.3 before 5.3.2 allows context-dependent attackers to cause a denial of service (crash) via a stream context structure that is freed before destruction occurs.

Published: May 27, 2010; 6:30:01 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2010-1917

Stack consumption vulnerability in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to cause a denial of service (PHP crash) via a crafted first argument to the fnmatch function, as demonstrated using a long string.

Published: May 12, 2010; 7:46:40 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2010-1915

The preg_quote function in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to obtain sensitive information (memory contents) by causing a userspace interruption of an internal function, related to the call time pass by reference feature, modification of ZVALs whose values are not updated in the associated local variables, and access of previously-freed memory.

Published: May 12, 2010; 7:46:40 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2010-1914

The Zend Engine in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to obtain sensitive information by interrupting the handler for the (1) ZEND_BW_XOR opcode (shift_left_function), (2) ZEND_SL opcode (bitwise_xor_function), or (3) ZEND_SR opcode (shift_right_function), related to the convert_to_long_base function.

Published: May 12, 2010; 7:46:40 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2010-1868

The (1) sqlite_single_query and (2) sqlite_array_query functions in ext/sqlite/sqlite.c in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allow context-dependent attackers to execute arbitrary code by calling these functions with an empty SQL query, which triggers access of uninitialized memory.

Published: May 07, 2010; 7:00:01 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2010-1864

The addcslashes function in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to obtain sensitive information (memory contents) by causing a userspace interruption of an internal function, related to the call time pass by reference feature.

Published: May 07, 2010; 7:00:01 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2010-1862

The chunk_split function in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to obtain sensitive information (memory contents) by causing a userspace interruption of an internal function, related to the call time pass by reference feature.

Published: May 07, 2010; 7:00:01 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2010-1861

The sysvshm extension for PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to write to arbitrary memory addresses by using an object's __sleep function to interrupt an internal call to the shm_put_var function, which triggers access of a freed resource.

Published: May 07, 2010; 7:00:01 PM -0400
V3.x:(not available)
V2.0: 6.4 MEDIUM
CVE-2010-1860

The html_entity_decode function in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to obtain sensitive information (memory contents) or trigger memory corruption by causing a userspace interruption of an internal call, related to the call time pass by reference feature.

Published: May 07, 2010; 7:00:01 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2010-1130

session.c in the session extension in PHP before 5.2.13, and 5.3.1, does not properly interpret ; (semicolon) characters in the argument to the session_save_path function, which allows context-dependent attackers to bypass open_basedir and safe_mode restrictions via an argument that contains multiple ; characters in conjunction with a .. (dot dot).

Published: March 26, 2010; 4:30:00 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2010-1129

The safe_mode implementation in PHP before 5.2.13 does not properly handle directory pathnames that lack a trailing / (slash) character, which allows context-dependent attackers to bypass intended access restrictions via vectors related to use of the tempnam function.

Published: March 26, 2010; 4:30:00 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2010-1128

The Linear Congruential Generator (LCG) in PHP before 5.2.13 does not provide the expected entropy, which makes it easier for context-dependent attackers to guess values that were intended to be unpredictable, as demonstrated by session cookies generated by using the uniqid function.

Published: March 26, 2010; 4:30:00 PM -0400
V3.x:(not available)
V2.0: 6.4 MEDIUM
CVE-2009-4418

The unserialize function in PHP 5.3.0 and earlier allows context-dependent attackers to cause a denial of service (resource consumption) via a deeply nested serialized variable, as demonstrated by a string beginning with a:1: followed by many {a:1: sequences.

Published: December 24, 2009; 12:30:00 PM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2009-4143

PHP before 5.2.12 does not properly handle session data, which has unspecified impact and attack vectors related to (1) interrupt corruption of the SESSION superglobal array and (2) the session.save_path directive.

Published: December 21, 2009; 11:30:00 AM -0500
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2009-4142

The htmlspecialchars function in PHP before 5.2.12 does not properly handle (1) overlong UTF-8 sequences, (2) invalid Shift_JIS sequences, and (3) invalid EUC-JP sequences, which allows remote attackers to conduct cross-site scripting (XSS) attacks by placing a crafted byte sequence before a special character.

Published: December 21, 2009; 11:30:00 AM -0500
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2009-4017

PHP before 5.2.12 and 5.3.x before 5.3.1 does not restrict the number of temporary files created when handling a multipart/form-data POST request, which allows remote attackers to cause a denial of service (resource exhaustion), and makes it easier for remote attackers to exploit local file inclusion vulnerabilities, via multiple requests, related to lack of support for the max_file_uploads directive.

Published: November 23, 2009; 7:30:00 PM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2009-3557

The tempnam function in ext/standard/file.c in PHP before 5.2.12 and 5.3.x before 5.3.1 allows context-dependent attackers to bypass safe_mode restrictions, and create files in group-writable or world-writable directories, via the dir and prefix arguments.

Published: November 23, 2009; 12:30:00 PM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2009-3546

The _gdGetColors function in gd_gd.c in PHP 5.2.11 and 5.3.x before 5.3.1, and the GD Graphics Library 2.x, does not properly verify a certain colorsTotal structure member, which might allow remote attackers to conduct buffer overflow or buffer over-read attacks via a crafted GD file, a different vulnerability than CVE-2009-3293. NOTE: some of these details are obtained from third party information.

Published: October 19, 2009; 4:00:00 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2007-4658

The money_format function in PHP 5 before 5.2.4, and PHP 4 before 4.4.8, permits multiple (1) %i and (2) %n tokens, which has unknown impact and attack vectors, possibly related to a format string vulnerability.

Published: September 04, 2007; 6:17:00 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2007-3799

The session_start function in ext/session in PHP 4.x up to 4.4.7 and 5.x up to 5.2.3 allows remote attackers to insert arbitrary attributes into the session cookie via special characters in a cookie that is obtained from (1) PATH_INFO, (2) the session_id function, and (3) the session_start function, which are not encoded or filtered when the new session cookie is generated, a related issue to CVE-2006-0207.

Published: July 16, 2007; 6:30:00 PM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM