Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2007-3998 | 5.0 |
The wordwrap function in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, does not properly use the breakcharlen variable, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash, or infinite loop) via certai
|
26-10-2018 - 13:59 | 04-09-2007 - 18:17 | |
CVE-2007-4661 | 7.5 |
The chunk_split function in string.c in PHP 5.2.3 does not properly calculate the needed buffer size due to precision loss when performing integer arithmetic with floating point numbers, which has unknown attack vectors and impact, possibly resulting
|
03-10-2018 - 21:48 | 04-09-2007 - 22:17 | |
CVE-2007-4670 | 5.0 |
Unspecified vulnerability in PHP before 5.2.4 has unknown impact and attack vectors, related to an "Improved fix for MOPB-03-2007," probably a variant of CVE-2007-1285.
|
03-10-2018 - 21:48 | 05-09-2007 - 00:17 | |
CVE-2007-4658 | 7.5 |
The money_format function in PHP 5 before 5.2.4, and PHP 4 before 4.4.8, permits multiple (1) %i and (2) %n tokens, which has unknown impact and attack vectors, possibly related to a format string vulnerability.
|
03-10-2018 - 21:48 | 04-09-2007 - 22:17 | |
CVE-2007-3799 | 4.3 |
The session_start function in ext/session in PHP 4.x up to 4.4.7 and 5.x up to 5.2.3 allows remote attackers to insert arbitrary attributes into the session cookie via special characters in a cookie that is obtained from (1) PATH_INFO, (2) the sessio
|
03-10-2018 - 21:47 | 16-07-2007 - 22:30 | |
CVE-2007-3996 | 6.8 |
Multiple integer overflows in libgd in PHP before 5.2.4 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large (1) srcW or (2) srcH value to the (a) gdImageCopyResized function, or a la
|
29-09-2017 - 01:29 | 04-09-2007 - 18:17 | |
CVE-2007-4659 | 7.5 |
The zend_alter_ini_entry function in PHP before 5.2.4 does not properly handle an interruption to the flow of execution triggered by a memory_limit violation, which has unknown impact and attack vectors.
|
29-07-2017 - 01:33 | 04-09-2007 - 22:17 |