PHP
by PHP
Source repositories
CVEs (730)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2007-4670 | 0.00 | — | 0.02 | Sep 5, 2007 | Unspecified vulnerability in PHP before 5.2.4 has unknown impact and attack vectors, related to an "Improved fix for MOPB-03-2007," probably a variant of CVE-2007-1285. | |||
| CVE-2007-4658 | 0.00 | — | 0.02 | Sep 4, 2007 | The money_format function in PHP 5 before 5.2.4, and PHP 4 before 4.4.8, permits multiple (1) %i and (2) %n tokens, which has unknown impact and attack vectors, possibly related to a format string vulnerability. | |||
| CVE-2007-4663 | 0.00 | — | 0.02 | Sep 4, 2007 | Directory traversal vulnerability in PHP before 5.2.4 allows attackers to bypass open_basedir restrictions via unspecified vectors involving the glob function. | |||
| CVE-2007-4662 | 0.00 | — | 0.03 | Sep 4, 2007 | Buffer overflow in the php_openssl_make_REQ function in PHP before 5.2.4 has unknown impact and attack vectors. | |||
| CVE-2007-4659 | 0.00 | — | 0.03 | Sep 4, 2007 | The zend_alter_ini_entry function in PHP before 5.2.4 does not properly handle an interruption to the flow of execution triggered by a memory_limit violation, which has unknown impact and attack vectors. | |||
| CVE-2007-4661 | 0.00 | — | 0.02 | Sep 4, 2007 | The chunk_split function in string.c in PHP 5.2.3 does not properly calculate the needed buffer size due to precision loss when performing integer arithmetic with floating point numbers, which has unknown attack vectors and impact, possibly resulting in a heap-based buffer… | |||
| CVE-2007-4657 | 0.00 | — | 0.03 | Sep 4, 2007 | Multiple integer overflows in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, allow remote attackers to obtain sensitive information (memory contents) or cause a denial of service (thread crash) via a large len value to the (1) strspn or (2) strcspn function, which triggers an… | |||
| CVE-2007-4660 | 0.00 | — | 0.03 | Sep 4, 2007 | Unspecified vulnerability in the chunk_split function in PHP before 5.2.4 has unknown impact and attack vectors, related to an incorrect size calculation. | |||
| CVE-2007-3996 | 0.00 | — | 0.04 | Sep 4, 2007 | Multiple integer overflows in libgd in PHP before 5.2.4 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large (1) srcW or (2) srcH value to the (a) gdImageCopyResized function, or a large (3) sy (height) or (4) sx… | |||
| CVE-2007-3998 | 0.00 | — | 0.03 | Sep 4, 2007 | The wordwrap function in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, does not properly use the breakcharlen variable, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash, or infinite loop) via certain arguments, as demonstrated… | |||
| CVE-2007-3378 | 0.00 | — | 0.05 | Jun 29, 2007 | The (1) session_save_path, (2) ini_set, and (3) error_log functions in PHP 4.4.7 and earlier, and PHP 5 5.2.3 and earlier, when invoked from a .htaccess file, allow remote attackers to bypass safe_mode and open_basedir restrictions and possibly execute arbitrary commands, as… | |||
| CVE-2007-3205 | 0.00 | — | 0.02 | Jun 13, 2007 | The parse_str function in (1) PHP, (2) Hardened-PHP, and (3) Suhosin, when called without a second parameter, might allow remote attackers to overwrite arbitrary variables by specifying variable names and values in the string to be parsed. NOTE: it is not clear whether this is… | |||
| CVE-2007-3007 | 0.00 | — | 0.03 | Jun 4, 2007 | PHP 5 before 5.2.3 does not enforce the open_basedir or safe_mode restriction in certain cases, which allows context-dependent attackers to determine the existence of arbitrary files by checking if the readfile function returns a string. NOTE: this issue might also involve the… | |||
| CVE-2007-2844 | 0.00 | — | 0.03 | May 24, 2007 | PHP 4.x and 5.x before 5.2.1, when running on multi-threaded systems, does not ensure thread safety for libc crypt function calls using protection schemes such as a mutex, which creates race conditions that allow remote attackers to overwrite internal program memory and gain… | |||
| CVE-2006-7205 | 0.00 | — | 0.01 | May 24, 2007 | The array_fill function in ext/standard/array.c in PHP 4.4.2 and 5.1.2 allows context-dependent attackers to cause a denial of service (memory consumption) via a large num value. | |||
| CVE-2006-7204 | 0.00 | — | 0.00 | May 22, 2007 | The imap_body function in PHP before 4.4.4 does not implement safemode or open_basedir checks, which allows local users to read arbitrary files or list arbitrary directory contents. | |||
| CVE-2007-2748 | 0.00 | — | 0.01 | May 17, 2007 | The substr_count function in PHP 5.2.1 and earlier allows context-dependent attackers to obtain sensitive information via unspecified vectors, a different affected function than CVE-2007-1375. | |||
| CVE-2007-2727 | 0.00 | — | 0.02 | May 16, 2007 | The mcrypt_create_iv function in ext/mcrypt/mcrypt.c in PHP before 4.4.7, 5.2.1, and possibly 5.0.x and other PHP 5 versions, calls php_rand_r with an uninitialized seed variable and therefore always generates the same initialization vector (IV), which might allow… | |||
| CVE-2007-2728 | 0.00 | — | 0.02 | May 16, 2007 | The soap extension in PHP calls php_rand_r with an uninitialized seed variable, which has unknown impact and attack vectors, a related issue to the mcrypt_create_iv issue covered by CVE-2007-2727. Note: The PHP team argue that this is not a valid security issue. | |||
| CVE-2007-2511 | 0.00 | — | 0.00 | May 9, 2007 | Buffer overflow in the user_filter_factory_create function in PHP before 5.2.2 has unknown impact and local attack vectors. |
- CVE-2007-4670Sep 5, 2007risk 0.00cvss —epss 0.02
Unspecified vulnerability in PHP before 5.2.4 has unknown impact and attack vectors, related to an "Improved fix for MOPB-03-2007," probably a variant of CVE-2007-1285.
- CVE-2007-4658Sep 4, 2007risk 0.00cvss —epss 0.02
The money_format function in PHP 5 before 5.2.4, and PHP 4 before 4.4.8, permits multiple (1) %i and (2) %n tokens, which has unknown impact and attack vectors, possibly related to a format string vulnerability.
- CVE-2007-4663Sep 4, 2007risk 0.00cvss —epss 0.02
Directory traversal vulnerability in PHP before 5.2.4 allows attackers to bypass open_basedir restrictions via unspecified vectors involving the glob function.
- CVE-2007-4662Sep 4, 2007risk 0.00cvss —epss 0.03
Buffer overflow in the php_openssl_make_REQ function in PHP before 5.2.4 has unknown impact and attack vectors.
- CVE-2007-4659Sep 4, 2007risk 0.00cvss —epss 0.03
The zend_alter_ini_entry function in PHP before 5.2.4 does not properly handle an interruption to the flow of execution triggered by a memory_limit violation, which has unknown impact and attack vectors.
- CVE-2007-4661Sep 4, 2007risk 0.00cvss —epss 0.02
The chunk_split function in string.c in PHP 5.2.3 does not properly calculate the needed buffer size due to precision loss when performing integer arithmetic with floating point numbers, which has unknown attack vectors and impact, possibly resulting in a heap-based buffer…
- CVE-2007-4657Sep 4, 2007risk 0.00cvss —epss 0.03
Multiple integer overflows in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, allow remote attackers to obtain sensitive information (memory contents) or cause a denial of service (thread crash) via a large len value to the (1) strspn or (2) strcspn function, which triggers an…
- CVE-2007-4660Sep 4, 2007risk 0.00cvss —epss 0.03
Unspecified vulnerability in the chunk_split function in PHP before 5.2.4 has unknown impact and attack vectors, related to an incorrect size calculation.
- CVE-2007-3996Sep 4, 2007risk 0.00cvss —epss 0.04
Multiple integer overflows in libgd in PHP before 5.2.4 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large (1) srcW or (2) srcH value to the (a) gdImageCopyResized function, or a large (3) sy (height) or (4) sx…
- CVE-2007-3998Sep 4, 2007risk 0.00cvss —epss 0.03
The wordwrap function in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, does not properly use the breakcharlen variable, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash, or infinite loop) via certain arguments, as demonstrated…
- CVE-2007-3378Jun 29, 2007risk 0.00cvss —epss 0.05
The (1) session_save_path, (2) ini_set, and (3) error_log functions in PHP 4.4.7 and earlier, and PHP 5 5.2.3 and earlier, when invoked from a .htaccess file, allow remote attackers to bypass safe_mode and open_basedir restrictions and possibly execute arbitrary commands, as…
- CVE-2007-3205Jun 13, 2007risk 0.00cvss —epss 0.02
The parse_str function in (1) PHP, (2) Hardened-PHP, and (3) Suhosin, when called without a second parameter, might allow remote attackers to overwrite arbitrary variables by specifying variable names and values in the string to be parsed. NOTE: it is not clear whether this is…
- CVE-2007-3007Jun 4, 2007risk 0.00cvss —epss 0.03
PHP 5 before 5.2.3 does not enforce the open_basedir or safe_mode restriction in certain cases, which allows context-dependent attackers to determine the existence of arbitrary files by checking if the readfile function returns a string. NOTE: this issue might also involve the…
- CVE-2007-2844May 24, 2007risk 0.00cvss —epss 0.03
PHP 4.x and 5.x before 5.2.1, when running on multi-threaded systems, does not ensure thread safety for libc crypt function calls using protection schemes such as a mutex, which creates race conditions that allow remote attackers to overwrite internal program memory and gain…
- CVE-2006-7205May 24, 2007risk 0.00cvss —epss 0.01
The array_fill function in ext/standard/array.c in PHP 4.4.2 and 5.1.2 allows context-dependent attackers to cause a denial of service (memory consumption) via a large num value.
- CVE-2006-7204May 22, 2007risk 0.00cvss —epss 0.00
The imap_body function in PHP before 4.4.4 does not implement safemode or open_basedir checks, which allows local users to read arbitrary files or list arbitrary directory contents.
- CVE-2007-2748May 17, 2007risk 0.00cvss —epss 0.01
The substr_count function in PHP 5.2.1 and earlier allows context-dependent attackers to obtain sensitive information via unspecified vectors, a different affected function than CVE-2007-1375.
- CVE-2007-2727May 16, 2007risk 0.00cvss —epss 0.02
The mcrypt_create_iv function in ext/mcrypt/mcrypt.c in PHP before 4.4.7, 5.2.1, and possibly 5.0.x and other PHP 5 versions, calls php_rand_r with an uninitialized seed variable and therefore always generates the same initialization vector (IV), which might allow…
- CVE-2007-2728May 16, 2007risk 0.00cvss —epss 0.02
The soap extension in PHP calls php_rand_r with an uninitialized seed variable, which has unknown impact and attack vectors, a related issue to the mcrypt_create_iv issue covered by CVE-2007-2727. Note: The PHP team argue that this is not a valid security issue.
- CVE-2007-2511May 9, 2007risk 0.00cvss —epss 0.00
Buffer overflow in the user_filter_factory_create function in PHP before 5.2.2 has unknown impact and local attack vectors.
Page 33 of 37