Filtered by vendor Php
Subscriptions
Total
737 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2007-4850 | 1 Php | 1 Php | 2024-08-07 | N/A |
curl/interface.c in the cURL library (aka libcurl) in PHP 5.2.4 and 5.2.5 allows context-dependent attackers to bypass safe_mode and open_basedir restrictions and read arbitrary files via a file:// request containing a \x00 sequence, a different vulnerability than CVE-2006-2563. | ||||
CVE-2007-4840 | 1 Php | 1 Php | 2024-08-07 | N/A |
PHP 5.2.4 and earlier allows context-dependent attackers to cause a denial of service (application crash) via (1) a long string in the out_charset parameter to the iconv function; or a long string in the charset parameter to the (2) iconv_mime_decode_headers, (3) iconv_mime_decode, or (4) iconv_strlen function. NOTE: this might not be a vulnerability in most web server environments that support multiple threads, unless these issues can be demonstrated for code execution. | ||||
CVE-2007-4784 | 1 Php | 1 Php | 2024-08-07 | N/A |
The setlocale function in PHP before 5.2.4 allows context-dependent attackers to cause a denial of service (application crash) via a long string in the locale parameter. NOTE: this might not be a vulnerability in most web server environments that support multiple threads, unless this issue can be demonstrated for code execution. | ||||
CVE-2007-4670 | 2 Php, Redhat | 3 Php, Enterprise Linux, Rhel Application Stack | 2024-08-07 | N/A |
Unspecified vulnerability in PHP before 5.2.4 has unknown impact and attack vectors, related to an "Improved fix for MOPB-03-2007," probably a variant of CVE-2007-1285. | ||||
CVE-2007-4663 | 1 Php | 1 Php | 2024-08-07 | N/A |
Directory traversal vulnerability in PHP before 5.2.4 allows attackers to bypass open_basedir restrictions via unspecified vectors involving the glob function. | ||||
CVE-2007-4657 | 3 Canonical, Debian, Php | 3 Ubuntu Linux, Debian Linux, Php | 2024-08-07 | N/A |
Multiple integer overflows in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, allow remote attackers to obtain sensitive information (memory contents) or cause a denial of service (thread crash) via a large len value to the (1) strspn or (2) strcspn function, which triggers an out-of-bounds read. NOTE: this affects different product versions than CVE-2007-3996. | ||||
CVE-2007-4662 | 1 Php | 1 Php | 2024-08-07 | N/A |
Buffer overflow in the php_openssl_make_REQ function in PHP before 5.2.4 has unknown impact and attack vectors. | ||||
CVE-2007-4660 | 1 Php | 1 Php | 2024-08-07 | N/A |
Unspecified vulnerability in the chunk_split function in PHP before 5.2.4 has unknown impact and attack vectors, related to an incorrect size calculation. | ||||
CVE-2007-4661 | 1 Php | 1 Php | 2024-08-07 | N/A |
The chunk_split function in string.c in PHP 5.2.3 does not properly calculate the needed buffer size due to precision loss when performing integer arithmetic with floating point numbers, which has unknown attack vectors and impact, possibly resulting in a heap-based buffer overflow. NOTE: this is due to an incomplete fix for CVE-2007-2872. | ||||
CVE-2007-4659 | 1 Php | 1 Php | 2024-08-07 | N/A |
The zend_alter_ini_entry function in PHP before 5.2.4 does not properly handle an interruption to the flow of execution triggered by a memory_limit violation, which has unknown impact and attack vectors. | ||||
CVE-2007-4652 | 1 Php | 1 Php | 2024-08-07 | N/A |
The session extension in PHP before 5.2.4 might allow local users to bypass open_basedir restrictions via a session file that is a symlink. | ||||
CVE-2007-4658 | 2 Php, Redhat | 3 Php, Enterprise Linux, Rhel Application Stack | 2024-08-07 | N/A |
The money_format function in PHP 5 before 5.2.4, and PHP 4 before 4.4.8, permits multiple (1) %i and (2) %n tokens, which has unknown impact and attack vectors, possibly related to a format string vulnerability. | ||||
CVE-2007-4586 | 1 Php | 1 Php | 2024-08-07 | N/A |
Multiple buffer overflows in php_iisfunc.dll in the iisfunc extension for PHP 5.2.0 and earlier allow context-dependent attackers to execute arbitrary code, probably during Unicode conversion, as demonstrated by a long string in the first argument to the iis_getservicestate function, related to the ServiceId argument to the (1) fnStartService, (2) fnGetServiceState, (3) fnStopService, and possibly other functions. | ||||
CVE-2007-4596 | 1 Php | 1 Php | 2024-08-07 | N/A |
The perl extension in PHP does not follow safe_mode restrictions, which allows context-dependent attackers to execute arbitrary code via the Perl eval function. NOTE: this might only be a vulnerability in limited environments. | ||||
CVE-2007-4528 | 1 Php | 1 Php | 2024-08-07 | N/A |
The Foreign Function Interface (ffi) extension in PHP 5.0.5 does not follow safe_mode restrictions, which allows context-dependent attackers to execute arbitrary code by loading an arbitrary DLL and calling a function, as demonstrated by kernel32.dll and the WinExec function. NOTE: this issue does not cross privilege boundaries in most contexts, so perhaps it should not be included in CVE. | ||||
CVE-2007-4507 | 1 Php | 1 Php | 2024-08-07 | N/A |
Multiple buffer overflows in the php_ntuser component for PHP 5.2.3 allow context-dependent attackers to cause a denial of service or execute arbitrary code via long arguments to the (1) ntuser_getuserlist, (2) ntuser_getuserinfo, (3) ntuser_getusergroups, or (4) ntuser_getdomaincontroller functions. | ||||
CVE-2007-4441 | 1 Php | 1 Php | 2024-08-07 | N/A |
Buffer overflow in php_win32std.dll in the win32std extension for PHP 5.2.0 and earlier allows context-dependent attackers to execute arbitrary code via a long string in the filename argument to the win_browse_file function. | ||||
CVE-2007-4255 | 1 Php | 1 Php | 2024-08-07 | N/A |
Buffer overflow in the mSQL extension in PHP 5.2.3 allows context-dependent attackers to execute arbitrary code via a long first argument to the msql_connect function. | ||||
CVE-2007-4033 | 3 Php, Redhat, T1lib | 3 Php, Enterprise Linux, T1lib | 2024-08-07 | N/A |
Buffer overflow in the intT1_EnvGetCompletePath function in lib/t1lib/t1env.c in t1lib 5.1.1 allows context-dependent attackers to execute arbitrary code via a long FileName parameter. NOTE: this issue was originally reported to be in the imagepsloadfont function in php_gd2.dll in the gd (PHP_GD2) extension in PHP 5.2.3. | ||||
CVE-2007-3997 | 1 Php | 1 Php | 2024-08-07 | N/A |
The (1) MySQL and (2) MySQLi extensions in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, allow remote attackers to bypass safe_mode and open_basedir restrictions via MySQL LOCAL INFILE operations, as demonstrated by a query with LOAD DATA LOCAL INFILE. |