rpm package
opensuse/php7&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/php7&distro=openSUSE%20Tumbleweed
Vulnerabilities (121)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2013-1635 | — | < 7.0.14-1.4 | 7.0.14-1.4 | Mar 6, 2013 | ext/soap/soap.c in PHP before 5.3.22 and 5.4.x before 5.4.13 does not validate the relationship between the soap.wsdl_cache_dir directive and the open_basedir directive, which allows remote attackers to bypass intended access restrictions by triggering the creation of cached SOAP | ||
| CVE-2012-3365 | — | < 7.0.14-1.4 | 7.0.14-1.4 | Jul 20, 2012 | The SQLite functionality in PHP before 5.3.15 allows remote attackers to bypass the open_basedir protection mechanism via unspecified vectors. | ||
| CVE-2012-2688 | — | < 7.0.14-1.4 | 7.0.14-1.4 | Jul 20, 2012 | Unspecified vulnerability in the _php_stream_scandir function in the stream implementation in PHP before 5.3.15 and 5.4.x before 5.4.5 has unknown impact and remote attack vectors, related to an "overflow." | ||
| CVE-2012-2336 | — | < 7.0.14-1.4 | 7.0.14-1.4 | May 11, 2012 | sapi/cgi/cgi_main.c in PHP before 5.3.13 and 5.4.x before 5.4.3, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to cause a denial of service (resource consumption) by plac | ||
| CVE-2012-2335 | — | < 7.0.14-1.4 | 7.0.14-1.4 | May 11, 2012 | php-wrapper.fcgi does not properly handle command-line arguments, which allows remote attackers to bypass a protection mechanism in PHP 5.3.12 and 5.4.2 and execute arbitrary code by leveraging improper interaction between the PHP sapi/cgi/cgi_main.c component and a query string | ||
| CVE-2012-2311 | — | < 7.0.14-1.4 | 7.0.14-1.4 | May 11, 2012 | sapi/cgi/cgi_main.c in PHP before 5.3.13 and 5.4.x before 5.4.3, when configured as a CGI script (aka php-cgi), does not properly handle query strings that contain a %3D sequence but no = (equals sign) character, which allows remote attackers to execute arbitrary code by placing | ||
| CVE-2012-1823 | Cri | 9.8 | KEV | < 7.0.14-1.4 | 7.0.14-1.4 | May 11, 2012 | sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options i |
| CVE-2012-0830 | — | < 7.0.14-1.4 | 7.0.14-1.4 | Feb 6, 2012 | The php_register_variable_ex function in php_variables.c in PHP 5.3.9 allows remote attackers to execute arbitrary code via a request containing a large number of variables, related to improper handling of array variables. NOTE: this vulnerability exists because of an incorrect | ||
| CVE-2011-4153 | — | < 7.0.14-1.4 | 7.0.14-1.4 | Jan 18, 2012 | PHP 5.3.8 does not always check the return value of the zend_strndup function, which might allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted input to an application that performs strndup operations on untrusted string | ||
| CVE-2011-4885 | — | < 7.0.14-1.4 | 7.0.14-1.4 | Dec 30, 2011 | PHP before 5.3.9 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters. | ||
| CVE-2011-4566 | — | < 7.0.14-1.4 | 7.0.14-1.4 | Nov 29, 2011 | Integer overflow in the exif_process_IFD_TAG function in exif.c in the exif extension in PHP 5.4.0beta2 on 32-bit platforms allows remote attackers to read the contents of arbitrary memory locations or cause a denial of service via a crafted offset_val value in an EXIF header in | ||
| CVE-2011-3379 | — | < 7.0.14-1.4 | 7.0.14-1.4 | Nov 3, 2011 | The is_a function in PHP 5.3.7 and 5.3.8 triggers a call to the __autoload function, which makes it easier for remote attackers to execute arbitrary code by providing a crafted URL and leveraging potentially unsafe behavior in certain PEAR packages and custom autoloaders. | ||
| CVE-2011-2202 | — | < 7.0.14-1.4 | 7.0.14-1.4 | Jun 16, 2011 | The rfc1867_post_handler function in main/rfc1867.c in PHP before 5.3.7 does not properly restrict filenames in multipart/form-data POST requests, which allows remote attackers to conduct absolute path traversal attacks, and possibly create or overwrite arbitrary files, via a cra | ||
| CVE-2011-1466 | — | < 7.0.14-1.4 | 7.0.14-1.4 | Mar 20, 2011 | Integer overflow in the SdnToJulian function in the Calendar extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (application crash) via a large integer in the first argument to the cal_from_jd function. | ||
| CVE-2011-0708 | — | < 7.0.14-1.4 | 7.0.14-1.4 | Mar 20, 2011 | exif.c in the Exif extension in PHP before 5.3.6 on 64-bit platforms performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) via an image with a crafted Image File Directory (IFD) that triggers a buffer over-read. | ||
| CVE-2011-0421 | — | < 7.0.14-1.4 | 7.0.14-1.4 | Mar 20, 2011 | The _zip_name_locate function in zip_name_locate.c in the Zip extension in PHP before 5.3.6 does not properly handle a ZIPARCHIVE::FL_UNCHANGED argument, which might allow context-dependent attackers to cause a denial of service (NULL pointer dereference) via an empty ZIP archive | ||
| CVE-2011-1153 | — | < 7.0.14-1.4 | 7.0.14-1.4 | Mar 16, 2011 | Multiple format string vulnerabilities in phar_object.c in the phar extension in PHP 5.3.5 and earlier allow context-dependent attackers to obtain sensitive information from process memory, cause a denial of service (memory corruption), or possibly execute arbitrary code via form | ||
| CVE-2011-1092 | — | < 7.0.14-1.4 | 7.0.14-1.4 | Mar 15, 2011 | Integer overflow in ext/shmop/shmop.c in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (crash) and possibly read sensitive memory via a large third argument to the shmop_read function. | ||
| CVE-2011-0420 | — | < 7.0.14-1.4 | 7.0.14-1.4 | Feb 19, 2011 | The grapheme_extract function in the Internationalization extension (Intl) for ICU for PHP 5.3.5 allows context-dependent attackers to cause a denial of service (crash) via an invalid size argument, which triggers a NULL pointer dereference. | ||
| CVE-2006-7243 | — | < 7.0.14-1.4 | 7.0.14-1.4 | Jan 18, 2011 | PHP before 5.3.4 accepts the \0 character in a pathname, which might allow context-dependent attackers to bypass intended access restrictions by placing a safe file extension after this character, as demonstrated by .php\0.jpg at the end of the argument to the file_exists functio |
- CVE-2013-1635Mar 6, 2013affected < 7.0.14-1.4fixed 7.0.14-1.4
ext/soap/soap.c in PHP before 5.3.22 and 5.4.x before 5.4.13 does not validate the relationship between the soap.wsdl_cache_dir directive and the open_basedir directive, which allows remote attackers to bypass intended access restrictions by triggering the creation of cached SOAP
- CVE-2012-3365Jul 20, 2012affected < 7.0.14-1.4fixed 7.0.14-1.4
The SQLite functionality in PHP before 5.3.15 allows remote attackers to bypass the open_basedir protection mechanism via unspecified vectors.
- CVE-2012-2688Jul 20, 2012affected < 7.0.14-1.4fixed 7.0.14-1.4
Unspecified vulnerability in the _php_stream_scandir function in the stream implementation in PHP before 5.3.15 and 5.4.x before 5.4.5 has unknown impact and remote attack vectors, related to an "overflow."
- CVE-2012-2336May 11, 2012affected < 7.0.14-1.4fixed 7.0.14-1.4
sapi/cgi/cgi_main.c in PHP before 5.3.13 and 5.4.x before 5.4.3, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to cause a denial of service (resource consumption) by plac
- CVE-2012-2335May 11, 2012affected < 7.0.14-1.4fixed 7.0.14-1.4
php-wrapper.fcgi does not properly handle command-line arguments, which allows remote attackers to bypass a protection mechanism in PHP 5.3.12 and 5.4.2 and execute arbitrary code by leveraging improper interaction between the PHP sapi/cgi/cgi_main.c component and a query string
- CVE-2012-2311May 11, 2012affected < 7.0.14-1.4fixed 7.0.14-1.4
sapi/cgi/cgi_main.c in PHP before 5.3.13 and 5.4.x before 5.4.3, when configured as a CGI script (aka php-cgi), does not properly handle query strings that contain a %3D sequence but no = (equals sign) character, which allows remote attackers to execute arbitrary code by placing
- affected < 7.0.14-1.4fixed 7.0.14-1.4
sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options i
- CVE-2012-0830Feb 6, 2012affected < 7.0.14-1.4fixed 7.0.14-1.4
The php_register_variable_ex function in php_variables.c in PHP 5.3.9 allows remote attackers to execute arbitrary code via a request containing a large number of variables, related to improper handling of array variables. NOTE: this vulnerability exists because of an incorrect
- CVE-2011-4153Jan 18, 2012affected < 7.0.14-1.4fixed 7.0.14-1.4
PHP 5.3.8 does not always check the return value of the zend_strndup function, which might allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted input to an application that performs strndup operations on untrusted string
- CVE-2011-4885Dec 30, 2011affected < 7.0.14-1.4fixed 7.0.14-1.4
PHP before 5.3.9 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.
- CVE-2011-4566Nov 29, 2011affected < 7.0.14-1.4fixed 7.0.14-1.4
Integer overflow in the exif_process_IFD_TAG function in exif.c in the exif extension in PHP 5.4.0beta2 on 32-bit platforms allows remote attackers to read the contents of arbitrary memory locations or cause a denial of service via a crafted offset_val value in an EXIF header in
- CVE-2011-3379Nov 3, 2011affected < 7.0.14-1.4fixed 7.0.14-1.4
The is_a function in PHP 5.3.7 and 5.3.8 triggers a call to the __autoload function, which makes it easier for remote attackers to execute arbitrary code by providing a crafted URL and leveraging potentially unsafe behavior in certain PEAR packages and custom autoloaders.
- CVE-2011-2202Jun 16, 2011affected < 7.0.14-1.4fixed 7.0.14-1.4
The rfc1867_post_handler function in main/rfc1867.c in PHP before 5.3.7 does not properly restrict filenames in multipart/form-data POST requests, which allows remote attackers to conduct absolute path traversal attacks, and possibly create or overwrite arbitrary files, via a cra
- CVE-2011-1466Mar 20, 2011affected < 7.0.14-1.4fixed 7.0.14-1.4
Integer overflow in the SdnToJulian function in the Calendar extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (application crash) via a large integer in the first argument to the cal_from_jd function.
- CVE-2011-0708Mar 20, 2011affected < 7.0.14-1.4fixed 7.0.14-1.4
exif.c in the Exif extension in PHP before 5.3.6 on 64-bit platforms performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) via an image with a crafted Image File Directory (IFD) that triggers a buffer over-read.
- CVE-2011-0421Mar 20, 2011affected < 7.0.14-1.4fixed 7.0.14-1.4
The _zip_name_locate function in zip_name_locate.c in the Zip extension in PHP before 5.3.6 does not properly handle a ZIPARCHIVE::FL_UNCHANGED argument, which might allow context-dependent attackers to cause a denial of service (NULL pointer dereference) via an empty ZIP archive
- CVE-2011-1153Mar 16, 2011affected < 7.0.14-1.4fixed 7.0.14-1.4
Multiple format string vulnerabilities in phar_object.c in the phar extension in PHP 5.3.5 and earlier allow context-dependent attackers to obtain sensitive information from process memory, cause a denial of service (memory corruption), or possibly execute arbitrary code via form
- CVE-2011-1092Mar 15, 2011affected < 7.0.14-1.4fixed 7.0.14-1.4
Integer overflow in ext/shmop/shmop.c in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (crash) and possibly read sensitive memory via a large third argument to the shmop_read function.
- CVE-2011-0420Feb 19, 2011affected < 7.0.14-1.4fixed 7.0.14-1.4
The grapheme_extract function in the Internationalization extension (Intl) for ICU for PHP 5.3.5 allows context-dependent attackers to cause a denial of service (crash) via an invalid size argument, which triggers a NULL pointer dereference.
- CVE-2006-7243Jan 18, 2011affected < 7.0.14-1.4fixed 7.0.14-1.4
PHP before 5.3.4 accepts the \0 character in a pathname, which might allow context-dependent attackers to bypass intended access restrictions by placing a safe file extension after this character, as demonstrated by .php\0.jpg at the end of the argument to the file_exists functio
Page 5 of 7