VYPR

rpm package

opensuse/php5&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/php5&distro=openSUSE%20Tumbleweed

Vulnerabilities (71)

  • CVE-2013-4248Aug 18, 2013
    affected < 5.6.28-1.1fixed 5.6.28-1.1

    The openssl_x509_parse function in openssl.c in the OpenSSL module in PHP before 5.4.18 and 5.5.x before 5.5.2 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spo

  • CVE-2011-4718Aug 13, 2013
    affected < 5.6.28-1.1fixed 5.6.28-1.1

    Session fixation vulnerability in the Sessions subsystem in PHP before 5.5.2 allows remote attackers to hijack web sessions by specifying a session ID.

  • CVE-2013-4113Jul 13, 2013
    affected < 5.6.28-1.1fixed 5.6.28-1.1

    ext/xml/xml.c in PHP before 5.3.27 does not properly consider parsing depth, which allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted document that is processed by the xml_parse_into_struct functio

  • CVE-2013-1643Mar 6, 2013
    affected < 5.6.28-1.1fixed 5.6.28-1.1

    The SOAP parser in PHP before 5.3.23 and 5.4.x before 5.4.13 allows remote attackers to read arbitrary files via a SOAP WSDL file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue in the soap_xmlPa

  • CVE-2013-1635Mar 6, 2013
    affected < 5.6.28-1.1fixed 5.6.28-1.1

    ext/soap/soap.c in PHP before 5.3.22 and 5.4.x before 5.4.13 does not validate the relationship between the soap.wsdl_cache_dir directive and the open_basedir directive, which allows remote attackers to bypass intended access restrictions by triggering the creation of cached SOAP

  • CVE-2012-3365Jul 20, 2012
    affected < 5.6.28-1.1fixed 5.6.28-1.1

    The SQLite functionality in PHP before 5.3.15 allows remote attackers to bypass the open_basedir protection mechanism via unspecified vectors.

  • CVE-2012-2688Jul 20, 2012
    affected < 5.6.28-1.1fixed 5.6.28-1.1

    Unspecified vulnerability in the _php_stream_scandir function in the stream implementation in PHP before 5.3.15 and 5.4.x before 5.4.5 has unknown impact and remote attack vectors, related to an "overflow."

  • CVE-2012-2336May 11, 2012
    affected < 5.6.28-1.1fixed 5.6.28-1.1

    sapi/cgi/cgi_main.c in PHP before 5.3.13 and 5.4.x before 5.4.3, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to cause a denial of service (resource consumption) by plac

  • CVE-2012-2335May 11, 2012
    affected < 5.6.28-1.1fixed 5.6.28-1.1

    php-wrapper.fcgi does not properly handle command-line arguments, which allows remote attackers to bypass a protection mechanism in PHP 5.3.12 and 5.4.2 and execute arbitrary code by leveraging improper interaction between the PHP sapi/cgi/cgi_main.c component and a query string

  • CVE-2012-2311May 11, 2012
    affected < 5.6.28-1.1fixed 5.6.28-1.1

    sapi/cgi/cgi_main.c in PHP before 5.3.13 and 5.4.x before 5.4.3, when configured as a CGI script (aka php-cgi), does not properly handle query strings that contain a %3D sequence but no = (equals sign) character, which allows remote attackers to execute arbitrary code by placing

  • CVE-2012-1823CriKEVMay 11, 2012
    affected < 5.6.28-1.1fixed 5.6.28-1.1

    sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options i

  • CVE-2012-0830Feb 6, 2012
    affected < 5.6.28-1.1fixed 5.6.28-1.1

    The php_register_variable_ex function in php_variables.c in PHP 5.3.9 allows remote attackers to execute arbitrary code via a request containing a large number of variables, related to improper handling of array variables. NOTE: this vulnerability exists because of an incorrect

  • CVE-2011-4153Jan 18, 2012
    affected < 5.6.28-1.1fixed 5.6.28-1.1

    PHP 5.3.8 does not always check the return value of the zend_strndup function, which might allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted input to an application that performs strndup operations on untrusted string

  • CVE-2011-4885Dec 30, 2011
    affected < 5.6.28-1.1fixed 5.6.28-1.1

    PHP before 5.3.9 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.

  • CVE-2011-4566Nov 29, 2011
    affected < 5.6.28-1.1fixed 5.6.28-1.1

    Integer overflow in the exif_process_IFD_TAG function in exif.c in the exif extension in PHP 5.4.0beta2 on 32-bit platforms allows remote attackers to read the contents of arbitrary memory locations or cause a denial of service via a crafted offset_val value in an EXIF header in

  • CVE-2011-3379Nov 3, 2011
    affected < 5.6.28-1.1fixed 5.6.28-1.1

    The is_a function in PHP 5.3.7 and 5.3.8 triggers a call to the __autoload function, which makes it easier for remote attackers to execute arbitrary code by providing a crafted URL and leveraging potentially unsafe behavior in certain PEAR packages and custom autoloaders.

  • CVE-2011-2202Jun 16, 2011
    affected < 5.6.28-1.1fixed 5.6.28-1.1

    The rfc1867_post_handler function in main/rfc1867.c in PHP before 5.3.7 does not properly restrict filenames in multipart/form-data POST requests, which allows remote attackers to conduct absolute path traversal attacks, and possibly create or overwrite arbitrary files, via a cra

  • CVE-2011-1466Mar 20, 2011
    affected < 5.6.28-1.1fixed 5.6.28-1.1

    Integer overflow in the SdnToJulian function in the Calendar extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (application crash) via a large integer in the first argument to the cal_from_jd function.

  • CVE-2011-0708Mar 20, 2011
    affected < 5.6.28-1.1fixed 5.6.28-1.1

    exif.c in the Exif extension in PHP before 5.3.6 on 64-bit platforms performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) via an image with a crafted Image File Directory (IFD) that triggers a buffer over-read.

  • CVE-2011-0421Mar 20, 2011
    affected < 5.6.28-1.1fixed 5.6.28-1.1

    The _zip_name_locate function in zip_name_locate.c in the Zip extension in PHP before 5.3.6 does not properly handle a ZIPARCHIVE::FL_UNCHANGED argument, which might allow context-dependent attackers to cause a denial of service (NULL pointer dereference) via an empty ZIP archive