Max CVSS 10.0 Min CVSS 5.0 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2008-2829 5.0
php_imap.c in PHP 5.2.5, 5.2.6, 4.x, and other versions, uses obsolete API calls that allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long IMAP request, which triggers an "rfc822.c lega
09-10-2019 - 22:55 23-06-2008 - 20:41
CVE-2008-0674 7.5
Buffer overflow in PCRE before 7.6 allows remote attackers to execute arbitrary code via a regular expression containing a character class with a large number of characters with Unicode code points greater than 255.
15-10-2018 - 22:02 18-02-2008 - 23:00
CVE-2008-0599 10.0
The init_request_info function in sapi/cgi/cgi_main.c in PHP before 5.2.6 does not properly consider operator precedence when calculating the length of PATH_TRANSLATED, which might allow remote attackers to execute arbitrary code via a crafted URI.
15-10-2018 - 22:01 05-05-2008 - 17:20
CVE-2008-3660 5.0
PHP 4.4.x before 4.4.9, and 5.x through 5.2.6, when used as a FastCGI module, allows remote attackers to cause a denial of service (crash) via a request with multiple dots preceding the extension, as demonstrated using foo..php. Overview contains a t
11-10-2018 - 20:49 15-08-2008 - 00:41
CVE-2008-3659 6.4
Buffer overflow in the memnstr function in PHP 4.4.x before 4.4.9 and PHP 5.6 through 5.2.6 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via the delimiter argument to the explode function
11-10-2018 - 20:49 15-08-2008 - 00:41
CVE-2008-3658 7.5
Buffer overflow in the imageloadfont function in ext/gd/gd.c in PHP 4.4.x before 4.4.9 and PHP 5.2 before 5.2.6-r6 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted font file. Mi
11-10-2018 - 20:49 15-08-2008 - 00:41
CVE-2008-2666 5.0
Multiple directory traversal vulnerabilities in PHP 5.2.6 and earlier allow context-dependent attackers to bypass safe_mode restrictions by creating a subdirectory named http: and then placing ../ (dot dot slash) sequences in an http URL argument to
11-10-2018 - 20:42 20-06-2008 - 01:41
CVE-2008-2665 5.0
Directory traversal vulnerability in the posix_access function in PHP 5.2.6 and earlier allows remote attackers to bypass safe_mode restrictions via a .. (dot dot) in an http URL, which results in the URL being canonicalized to a local filename after
11-10-2018 - 20:42 20-06-2008 - 01:41
CVE-2008-2371 7.5
Heap-based buffer overflow in pcre_compile.c in the Perl-Compatible Regular Expression (PCRE) library 7.7 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a regular expression that begins
11-10-2018 - 20:41 07-07-2008 - 23:41
CVE-2008-2108 7.5
The GENERATE_SEED macro in PHP 4.x before 4.4.8 and 5.x before 5.2.5, when running on 64-bit systems, performs a multiplication that generates a portion of zero bits during conversion due to insufficient precision, which produces 24 bits of entropy a
11-10-2018 - 20:39 07-05-2008 - 21:20
CVE-2008-2107 7.5
The GENERATE_SEED macro in PHP 4.x before 4.4.8 and 5.x before 5.2.5, when running on 32-bit systems, performs a multiplication using values that can produce a zero seed in rare circumstances, which allows context-dependent attackers to predict subse
11-10-2018 - 20:39 07-05-2008 - 21:20
CVE-2008-2051 10.0
The escapeshellcmd API function in PHP before 5.2.6 has unknown impact and context-dependent attack vectors related to "incomplete multibyte chars."
11-10-2018 - 20:38 05-05-2008 - 17:20
CVE-2008-2050 10.0
Stack-based buffer overflow in the FastCGI SAPI (fastcgi.c) in PHP before 5.2.6 has unknown impact and attack vectors.
11-10-2018 - 20:38 05-05-2008 - 17:20
CVE-2008-1384 5.0
Integer overflow in PHP 5.2.5 and earlier allows context-dependent attackers to cause a denial of service and possibly have unspecified other impact via a printf format parameter with a large width specifier, related to the php_sprintf_appendstring f
11-10-2018 - 20:33 27-03-2008 - 17:44
Back to Top Mark selected
Back to Top