| Max CVSS | 6.8 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2010-4699 | 5.0 |
The iconv_mime_decode_headers function in the Iconv extension in PHP before 5.3.4 does not properly handle encodings that are unrecognized by the iconv and mbstring (aka Multibyte String) implementations, which allows remote attackers to trigger an i
|
30-10-2018 - 16:26 | 18-01-2011 - 20:00 | |
| CVE-2010-4697 | 6.8 |
Use-after-free vulnerability in the Zend engine in PHP before 5.2.15 and 5.3.x before 5.3.4 might allow context-dependent attackers to cause a denial of service (heap memory corruption) or have unspecified other impact via vectors related to use of _
|
30-10-2018 - 16:26 | 18-01-2011 - 20:00 | |
| CVE-2006-7243 | 5.0 |
PHP before 5.3.4 accepts the \0 character in a pathname, which might allow context-dependent attackers to bypass intended access restrictions by placing a safe file extension after this character, as demonstrated by .php\0.jpg at the end of the argum
|
30-10-2018 - 16:26 | 18-01-2011 - 20:00 | |
| CVE-2010-4698 | 5.0 |
Stack-based buffer overflow in the GD extension in PHP before 5.2.15 and 5.3.x before 5.3.4 allows context-dependent attackers to cause a denial of service (application crash) via a large number of anti-aliasing steps in an argument to the imagepstex
|
19-09-2017 - 01:31 | 18-01-2011 - 20:00 | |
| CVE-2010-4150 | 5.0 |
Double free vulnerability in the imap_do_open function in the IMAP extension (ext/imap/php_imap.c) in PHP 5.2 before 5.2.15 and 5.3 before 5.3.4 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via
|
19-09-2017 - 01:31 | 07-12-2010 - 22:00 |