| Max CVSS | 10.0 | Min CVSS | 2.6 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2006-4483 | 9.3 |
The cURL extension files (1) ext/curl/interface.c and (2) ext/curl/streams.c in PHP before 5.1.5 permit the CURLOPT_FOLLOWLOCATION option when open_basedir or safe_mode is enabled, which allows attackers to perform unauthorized actions, possibly rela
|
19-07-2022 - 18:34 | 31-08-2006 - 21:04 | |
| CVE-2006-4482 | 9.3 |
Multiple heap-based buffer overflows in the (1) str_repeat and (2) wordwrap functions in ext/standard/string.c in PHP before 5.1.5, when used on a 64-bit system, have unspecified impact and attack vectors, a different vulnerability than CVE-2006-1990
|
19-07-2022 - 18:32 | 31-08-2006 - 21:04 | |
| CVE-2006-4485 | 10.0 |
The stripos function in PHP before 5.1.5 has unknown impact and attack vectors related to an out-of-bounds read.
|
30-10-2018 - 16:25 | 31-08-2006 - 21:04 | |
| CVE-2006-4481 | 7.2 |
The (1) file_exists and (2) imap_reopen functions in PHP before 5.1.5 do not check for the safe_mode and open_basedir settings, which allows local users to bypass the settings. NOTE: the error_log function is covered by CVE-2006-3011, and the imap_o
|
30-10-2018 - 16:25 | 31-08-2006 - 21:04 | |
| CVE-2006-4486 | 2.6 |
Integer overflow in memory allocation routines in PHP before 5.1.6, when running on a 64-bit system, allows context-dependent attackers to bypass the memory_limit restriction.
|
30-10-2018 - 16:25 | 31-08-2006 - 21:04 | |
| CVE-2006-4484 | 2.6 |
Buffer overflow in the LWZReadByte_ function in ext/gd/libgd/gd_gif_in.c in the GD extension in PHP before 5.1.5 allows remote attackers to have an unknown impact via a GIF file with input_code_size greater than MAX_LWZ_BITS, which triggers an overfl
|
30-10-2018 - 16:25 | 31-08-2006 - 21:04 |