Vulnerabilites related to php - php
Vulnerability from fkie_nvd
Published
2006-09-12 16:07
Modified
2025-04-03 01:03
Severity ?
Summary
PHP 4.x up to 4.4.4 and PHP 5 up to 5.1.6 allows local users to bypass certain Apache HTTP Server httpd.conf options, such as safe_mode and open_basedir, via the ini_restore function, which resets the values to their php.ini (Master Value) defaults.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | 4.0 | |
| php | php | 4.0.1 | |
| php | php | 4.0.1 | |
| php | php | 4.0.1 | |
| php | php | 4.0.2 | |
| php | php | 4.0.3 | |
| php | php | 4.0.3 | |
| php | php | 4.0.4 | |
| php | php | 4.0.5 | |
| php | php | 4.0.6 | |
| php | php | 4.0.7 | |
| php | php | 4.0.7 | |
| php | php | 4.0.7 | |
| php | php | 4.0.7 | |
| php | php | 4.1.0 | |
| php | php | 4.1.1 | |
| php | php | 4.1.2 | |
| php | php | 4.2 | |
| php | php | 4.2.0 | |
| php | php | 4.2.1 | |
| php | php | 4.2.2 | |
| php | php | 4.2.3 | |
| php | php | 4.3.0 | |
| php | php | 4.3.1 | |
| php | php | 4.3.2 | |
| php | php | 4.3.3 | |
| php | php | 4.3.4 | |
| php | php | 4.3.5 | |
| php | php | 4.3.6 | |
| php | php | 4.3.8 | |
| php | php | 4.3.9 | |
| php | php | 4.3.10 | |
| php | php | 4.3.11 | |
| php | php | 4.4.0 | |
| php | php | 4.4.1 | |
| php | php | 4.4.2 | |
| php | php | 4.4.3 | |
| php | php | 4.4.4 | |
| php | php | 5.0 | |
| php | php | 5.0 | |
| php | php | 5.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.1 | |
| php | php | 5.0.2 | |
| php | php | 5.0.3 | |
| php | php | 5.0.4 | |
| php | php | 5.0.5 | |
| php | php | 5.1.0 | |
| php | php | 5.1.1 | |
| php | php | 5.1.2 | |
| php | php | 5.1.3 | |
| php | php | 5.1.4 | |
| php | php | 5.1.5 | |
| php | php | 5.1.6 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EDBEC461-D553-41B7-8D85-20B6A933C21C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78BAA18C-E5A0-4210-B64B-709BBFF31EEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.1:patch1:*:*:*:*:*:*",
"matchCriteriaId": "419867C6-37BE-43B4-BFE0-6325FEE3807D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.1:patch2:*:*:*:*:*:*",
"matchCriteriaId": "37896E87-95C2-4039-8362-BC03B1C56706",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "13A159B4-B847-47DE-B7F8-89384E6C551B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "57B59616-A309-40B4-94B1-50A7BC00E35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.3:patch1:*:*:*:*:*:*",
"matchCriteriaId": "8667FBC6-04B6-40E5-93B3-6C22BEED4B26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0F39A1B1-416E-4436-8007-733B66904A14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DD5FC218-3DDB-4981-81C9-6C69F8DA6F4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2E5F96-66D2-4F99-A74D-6A2305EE218E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2D724D09-0D45-4701-93C9-348301217C8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:rc1:*:*:*:*:*:*",
"matchCriteriaId": "FC6A6F47-5C7C-4F82-B23B-9C959C69B27F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:rc2:*:*:*:*:*:*",
"matchCriteriaId": "AE1A4DA6-6181-43A8-B0D8-5A016C3E75FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:rc3:*:*:*:*:*:*",
"matchCriteriaId": "6E36203C-1392-49BB-AE7E-49626963D673",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6713614A-B14E-4A85-BF89-ED780068FC68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FD95F8EB-B428-4B3C-9254-A5DECE03A989",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "069EB7EE-06B9-454F-9007-8DE5DCA33C53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2:*:dev:*:*:*:*:*",
"matchCriteriaId": "BBA861A2-F0CD-4DBB-B43A-4970EB114DA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "18BF5BE6-09EA-45AD-93BF-2BEF1742534E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EC1460DF-1687-4314-BF1A-01290B20302D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "470380B0-3982-48FC-871B-C8B43C81900D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAA7712-10F0-4BB6-BAFB-D0806AFD9DE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "63190D9B-7958-4B93-87C6-E7D5A572F6DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7AB2E2E8-81D6-4973-AC0F-AA644EE99DD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4AAF4586-74FF-47C6-864B-656FDF3F33D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B14EF0C7-61F2-47A4-B7F8-43FF03C62DCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5245F990-B4A7-4ED8-909D-B8137CE79FAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5652D5B0-68E4-4239-B9B7-599AFCF4C53E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "57B71BB7-5239-4860-9100-8CABC3992D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B3F9DF9D-15E5-4387-ABE3-A7583331A928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "11579E5C-D7CF-46EE-B015-5F4185C174E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C69CDE21-2FD4-4529-8F02-8709CF5E3D7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "221B9AC4-C63C-4386-B3BD-E4BC102C6124",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "78B7BA75-2A32-4A8E-ADF8-BCB4FC48CB5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2BEA491B-77FD-4760-8F6F-3EBC6BD810D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BB25CFBB-347C-479E-8853-F49DD6CBD7D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4D2937B3-D034-400E-84F5-33833CE3764D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "71AEE8B4-FCF8-483B-8D4C-2E80A02E925E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0F9D7662-A5B6-41D0-B6A1-E5ABC5ABA47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "E3797AB5-9E49-4251-A212-B6E5D9996764",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "D61D9CE9-F7A3-4F52-9D4E-B2473804ECB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7007E77F-60EF-44D8-9676-15B59DF1325F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "17437AED-816A-4CCF-96DE-8C3D0CC8DB2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "74E7AE59-1CB0-4300-BBE0-109F909789EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9222821E-370F-4616-B787-CC22C2F4E7CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9809449F-9A76-4318-B233-B4C2950A6EA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0AA962D4-A4EC-4DC3-B8A9-D10941B92781",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8CDFEF9-C367-4800-8A2F-375C261FAE55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "16E43B88-1563-4EFD-9267-AE3E8C35D67A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "11E5715F-A8BC-49EF-836B-BB78E1BC0790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5FA68843-158E-463E-B68A-1ACF041C4E10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1874F637-77E2-4C4A-BF92-AEE96A60BFB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9592B32E-55CD-42D0-901E-8319823BC820",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A9BF34B5-F74C-4D56-9841-42452D60CB87",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PHP 4.x up to 4.4.4 and PHP 5 up to 5.1.6 allows local users to bypass certain Apache HTTP Server httpd.conf options, such as safe_mode and open_basedir, via the ini_restore function, which resets the values to their php.ini (Master Value) defaults."
},
{
"lang": "es",
"value": "PHP 4.x up a 4.4.4 y PHP 5 up a 5.1.6, permite a un usuario local evitar las opciones httpd.conf del Apache HTTP Server, al igual que safe_mode y open_basedir, a trav\u00e9s de la funci\u00f3n ini_restore, lo cual restaura los valores de su php.ini (valor Master) por defecto."
}
],
"id": "CVE-2006-4625",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-09-12T16:07:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01056506"
},
{
"source": "cve@mitre.org",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01056506"
},
{
"source": "cve@mitre.org",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01086137"
},
{
"source": "cve@mitre.org",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01086137"
},
{
"source": "cve@mitre.org",
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Oct/0002.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/22282"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/22331"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/22338"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/22424"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/25423"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/25850"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
],
"url": "http://securityreason.com/achievement_securityalert/42"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/1519"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:185"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/445712/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/445882/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/448953/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/19933"
},
{
"source": "cve@mitre.org",
"url": "http://www.turbolinux.com/security/2006/TLSA-2006-38.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/usn-362-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/1991"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/2374"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28853"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01056506"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01056506"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01086137"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01086137"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Oct/0002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/22282"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/22331"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/22338"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/22424"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25423"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25850"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://securityreason.com/achievement_securityalert/42"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/1519"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:185"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/445712/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/445882/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/448953/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/19933"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.turbolinux.com/security/2006/TLSA-2006-38.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-362-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1991"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/2374"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28853"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "We do not consider these to be security issues. For more details see\nhttp://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=169857#c1\nand http://www.php.net/security-note.php\n",
"lastModified": "2006-09-20T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-01-10 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
The deserialization code in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to cause a denial of service and execute arbitrary code via untrusted data to the unserialize function that may trigger "information disclosure, double-free and negative reference index array underflow" results.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| openpkg | openpkg | 2.1 | |
| openpkg | openpkg | 2.2 | |
| openpkg | openpkg | current | |
| php | php | 3.0 | |
| php | php | 3.0.1 | |
| php | php | 3.0.2 | |
| php | php | 3.0.3 | |
| php | php | 3.0.4 | |
| php | php | 3.0.5 | |
| php | php | 3.0.6 | |
| php | php | 3.0.7 | |
| php | php | 3.0.8 | |
| php | php | 3.0.9 | |
| php | php | 3.0.10 | |
| php | php | 3.0.11 | |
| php | php | 3.0.12 | |
| php | php | 3.0.13 | |
| php | php | 3.0.14 | |
| php | php | 3.0.15 | |
| php | php | 3.0.16 | |
| php | php | 3.0.17 | |
| php | php | 3.0.18 | |
| php | php | 4.0 | |
| php | php | 4.0.1 | |
| php | php | 4.0.1 | |
| php | php | 4.0.1 | |
| php | php | 4.0.2 | |
| php | php | 4.0.3 | |
| php | php | 4.0.3 | |
| php | php | 4.0.4 | |
| php | php | 4.0.5 | |
| php | php | 4.0.6 | |
| php | php | 4.0.7 | |
| php | php | 4.0.7 | |
| php | php | 4.0.7 | |
| php | php | 4.0.7 | |
| php | php | 4.1.0 | |
| php | php | 4.1.1 | |
| php | php | 4.1.2 | |
| php | php | 4.2 | |
| php | php | 4.2.0 | |
| php | php | 4.2.1 | |
| php | php | 4.2.2 | |
| php | php | 4.2.3 | |
| php | php | 4.3.0 | |
| php | php | 4.3.1 | |
| php | php | 4.3.2 | |
| php | php | 4.3.3 | |
| php | php | 4.3.4 | |
| php | php | 4.3.5 | |
| php | php | 4.3.6 | |
| php | php | 4.3.7 | |
| php | php | 4.3.8 | |
| php | php | 4.3.9 | |
| php | php | 5.0 | |
| php | php | 5.0 | |
| php | php | 5.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.1 | |
| php | php | 5.0.2 | |
| trustix | secure_linux | 2.0 | |
| trustix | secure_linux | 2.1 | |
| trustix | secure_linux | 2.2 | |
| ubuntu | ubuntu_linux | 4.1 | |
| ubuntu | ubuntu_linux | 4.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openpkg:openpkg:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "37042CDE-E4FE-442E-891A-CD84433D36E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openpkg:openpkg:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "11F6E348-01DF-4FA4-808E-39A2A7A2B97B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openpkg:openpkg:current:*:*:*:*:*:*:*",
"matchCriteriaId": "D342447B-5233-45FD-B1CF-8D84921402AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "245C601D-0FE7-47E3-8304-6FF45E9567D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "691BB8BB-329A-4640-B758-7590C99B5E42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E2BC4CCE-2774-463E-82EA-36CD442D3A7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C478024C-2FCD-463F-A75E-E04660AA9DF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AC9C32F4-5102-4E9B-9F32-B24B65A5ED2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A5BD99C0-E875-496E-BE5E-A8DCBD414B5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1851ADE5-C70C-46E0-941A-6ADF7DB5C126",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "69DA3BA2-AF53-4C9D-93FA-0317841595B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0CFEE5-2274-4BBC-A24A-3A0D13F607FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "67B59D6A-7EDA-4C34-81D6-C2557C85D164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "AEBA40B6-8FDF-41AA-8166-F491FF7F3118",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E74E2B72-A428-4BB3-B6F8-0AF5E487A807",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "1E2F1D82-8E6A-4FBF-9055-A0F395DC17FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "945FF149-3446-4905-BCA1-C397E3497B58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "8E446DBD-FEFA-4D22-9C9D-51F61C01E414",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "3C8DE728-78E1-4F9F-BC56-CD9B10E61287",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "80E31CC6-9356-4BB7-9F49-320AAF341E1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB8AD3A-9181-459A-9AF2-B3FC6BAF6FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "4B3E7199-8FB7-4930-9C0A-A36A698940B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EDBEC461-D553-41B7-8D85-20B6A933C21C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78BAA18C-E5A0-4210-B64B-709BBFF31EEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.1:patch1:*:*:*:*:*:*",
"matchCriteriaId": "419867C6-37BE-43B4-BFE0-6325FEE3807D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.1:patch2:*:*:*:*:*:*",
"matchCriteriaId": "37896E87-95C2-4039-8362-BC03B1C56706",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "13A159B4-B847-47DE-B7F8-89384E6C551B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "57B59616-A309-40B4-94B1-50A7BC00E35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.3:patch1:*:*:*:*:*:*",
"matchCriteriaId": "8667FBC6-04B6-40E5-93B3-6C22BEED4B26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0F39A1B1-416E-4436-8007-733B66904A14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DD5FC218-3DDB-4981-81C9-6C69F8DA6F4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2E5F96-66D2-4F99-A74D-6A2305EE218E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2D724D09-0D45-4701-93C9-348301217C8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:rc1:*:*:*:*:*:*",
"matchCriteriaId": "FC6A6F47-5C7C-4F82-B23B-9C959C69B27F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:rc2:*:*:*:*:*:*",
"matchCriteriaId": "AE1A4DA6-6181-43A8-B0D8-5A016C3E75FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:rc3:*:*:*:*:*:*",
"matchCriteriaId": "6E36203C-1392-49BB-AE7E-49626963D673",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6713614A-B14E-4A85-BF89-ED780068FC68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FD95F8EB-B428-4B3C-9254-A5DECE03A989",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "069EB7EE-06B9-454F-9007-8DE5DCA33C53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2:*:dev:*:*:*:*:*",
"matchCriteriaId": "BBA861A2-F0CD-4DBB-B43A-4970EB114DA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "18BF5BE6-09EA-45AD-93BF-2BEF1742534E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EC1460DF-1687-4314-BF1A-01290B20302D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "470380B0-3982-48FC-871B-C8B43C81900D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAA7712-10F0-4BB6-BAFB-D0806AFD9DE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "63190D9B-7958-4B93-87C6-E7D5A572F6DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7AB2E2E8-81D6-4973-AC0F-AA644EE99DD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4AAF4586-74FF-47C6-864B-656FDF3F33D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B14EF0C7-61F2-47A4-B7F8-43FF03C62DCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5245F990-B4A7-4ED8-909D-B8137CE79FAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5652D5B0-68E4-4239-B9B7-599AFCF4C53E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "57B71BB7-5239-4860-9100-8CABC3992D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "72BD447A-4EED-482C-8F61-48FAD4FCF8BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B3F9DF9D-15E5-4387-ABE3-A7583331A928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "11579E5C-D7CF-46EE-B015-5F4185C174E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0F9D7662-A5B6-41D0-B6A1-E5ABC5ABA47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "E3797AB5-9E49-4251-A212-B6E5D9996764",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "D61D9CE9-F7A3-4F52-9D4E-B2473804ECB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7007E77F-60EF-44D8-9676-15B59DF1325F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "17437AED-816A-4CCF-96DE-8C3D0CC8DB2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "74E7AE59-1CB0-4300-BBE0-109F909789EF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "53AF1A2D-B0A2-4097-AD1D-DF3AF27171BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A67735E5-E43E-4164-BDB2-ADC6E0288E9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5AB70F82-52BB-4D0D-9A24-9AF67278466D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
"matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The deserialization code in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to cause a denial of service and execute arbitrary code via untrusted data to the unserialize function that may trigger \"information disclosure, double-free and negative reference index array underflow\" results."
},
{
"lang": "es",
"value": "El c\u00f3digo de deserializaci\u00f3n en PHP anteriores a 4.3.10 y PHP 5.x hasta 5.0.2 permite a atacantes remotos causar una denegaci\u00f3n de servicio y ejecutar c\u00f3digo de su elecci\u00f3n mediante datos \"no de confianza\" a la funci\u00f3n unserialize que pueden producir resultados de \"revelaci\u00f3n de informaci\u00f3n, liberaci\u00f3n de memoria doble y referencia a \u00edndice de arrray negativo\""
}
],
"id": "CVE-2004-1019",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-01-10T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00029.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00079.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=110314318531298\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://msgs.securepoint.com/cgi-bin/get/bugtraq0412/157.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.hardened-php.net/advisories/012004.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:151"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2005_02_php4_mod_php4.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.php.net/release_4_3_10.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-687.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-032.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-816.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/advisories/9028"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2344"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18514"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10511"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00029.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00079.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=110314318531298\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://msgs.securepoint.com/cgi-bin/get/bugtraq0412/157.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.hardened-php.net/advisories/012004.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:151"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2005_02_php4_mod_php4.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.php.net/release_4_3_10.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-687.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-032.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-816.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/advisories/9028"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2344"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18514"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10511"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-08-25 18:55
Modified
2025-04-11 00:51
Severity ?
Summary
PHP before 5.3.7 does not properly implement the error_log function, which allows context-dependent attackers to cause a denial of service (application crash) via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| php | php | 1.0 | |
| php | php | 2.0 | |
| php | php | 2.0b10 | |
| php | php | 3.0 | |
| php | php | 3.0.1 | |
| php | php | 3.0.2 | |
| php | php | 3.0.3 | |
| php | php | 3.0.4 | |
| php | php | 3.0.5 | |
| php | php | 3.0.6 | |
| php | php | 3.0.7 | |
| php | php | 3.0.8 | |
| php | php | 3.0.9 | |
| php | php | 3.0.10 | |
| php | php | 3.0.11 | |
| php | php | 3.0.12 | |
| php | php | 3.0.13 | |
| php | php | 3.0.14 | |
| php | php | 3.0.15 | |
| php | php | 3.0.16 | |
| php | php | 3.0.17 | |
| php | php | 3.0.18 | |
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0.0 | |
| php | php | 4.0.1 | |
| php | php | 4.0.2 | |
| php | php | 4.0.3 | |
| php | php | 4.0.4 | |
| php | php | 4.0.5 | |
| php | php | 4.0.6 | |
| php | php | 4.0.7 | |
| php | php | 4.1.0 | |
| php | php | 4.1.1 | |
| php | php | 4.1.2 | |
| php | php | 4.2.0 | |
| php | php | 4.2.1 | |
| php | php | 4.2.2 | |
| php | php | 4.2.3 | |
| php | php | 4.3.0 | |
| php | php | 4.3.1 | |
| php | php | 4.3.2 | |
| php | php | 4.3.3 | |
| php | php | 4.3.4 | |
| php | php | 4.3.5 | |
| php | php | 4.3.6 | |
| php | php | 4.3.7 | |
| php | php | 4.3.8 | |
| php | php | 4.3.9 | |
| php | php | 4.3.10 | |
| php | php | 4.3.11 | |
| php | php | 4.4.0 | |
| php | php | 4.4.1 | |
| php | php | 4.4.2 | |
| php | php | 4.4.3 | |
| php | php | 4.4.4 | |
| php | php | 4.4.5 | |
| php | php | 4.4.6 | |
| php | php | 4.4.7 | |
| php | php | 4.4.8 | |
| php | php | 4.4.9 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.1 | |
| php | php | 5.0.2 | |
| php | php | 5.0.3 | |
| php | php | 5.0.4 | |
| php | php | 5.0.5 | |
| php | php | 5.1.0 | |
| php | php | 5.1.1 | |
| php | php | 5.1.2 | |
| php | php | 5.1.3 | |
| php | php | 5.1.4 | |
| php | php | 5.1.5 | |
| php | php | 5.1.6 | |
| php | php | 5.2.0 | |
| php | php | 5.2.1 | |
| php | php | 5.2.2 | |
| php | php | 5.2.3 | |
| php | php | 5.2.4 | |
| php | php | 5.2.5 | |
| php | php | 5.2.6 | |
| php | php | 5.2.8 | |
| php | php | 5.2.9 | |
| php | php | 5.2.10 | |
| php | php | 5.2.11 | |
| php | php | 5.2.12 | |
| php | php | 5.2.13 | |
| php | php | 5.2.14 | |
| php | php | 5.3.0 | |
| php | php | 5.3.1 | |
| php | php | 5.3.2 | |
| php | php | 5.3.3 | |
| php | php | 5.3.4 | |
| php | php | 5.3.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01ECE592-FB2E-4614-A1B7-24C5B729BF6A",
"versionEndIncluding": "5.3.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "92647629-083F-4042-8365-4AD2EBC9C1BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FF72E8D5-9F8C-4BD4-9AA4-28E23CB48A47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:2.0b10:*:*:*:*:*:*:*",
"matchCriteriaId": "83BE1120-6370-4470-8586-6581EDF3FD69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "245C601D-0FE7-47E3-8304-6FF45E9567D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "691BB8BB-329A-4640-B758-7590C99B5E42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E2BC4CCE-2774-463E-82EA-36CD442D3A7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C478024C-2FCD-463F-A75E-E04660AA9DF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AC9C32F4-5102-4E9B-9F32-B24B65A5ED2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A5BD99C0-E875-496E-BE5E-A8DCBD414B5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1851ADE5-C70C-46E0-941A-6ADF7DB5C126",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "69DA3BA2-AF53-4C9D-93FA-0317841595B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0CFEE5-2274-4BBC-A24A-3A0D13F607FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "67B59D6A-7EDA-4C34-81D6-C2557C85D164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "AEBA40B6-8FDF-41AA-8166-F491FF7F3118",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E74E2B72-A428-4BB3-B6F8-0AF5E487A807",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "1E2F1D82-8E6A-4FBF-9055-A0F395DC17FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "945FF149-3446-4905-BCA1-C397E3497B58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "8E446DBD-FEFA-4D22-9C9D-51F61C01E414",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "3C8DE728-78E1-4F9F-BC56-CD9B10E61287",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "80E31CC6-9356-4BB7-9F49-320AAF341E1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB8AD3A-9181-459A-9AF2-B3FC6BAF6FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "4B3E7199-8FB7-4930-9C0A-A36A698940B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta_4_patch1:*:*:*:*:*:*",
"matchCriteriaId": "AEEF2298-98E8-409F-9205-84817CEF947B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "6AFC00BA-D64D-4407-AC69-FDD9FF013943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "D80F2A8B-B57F-4970-867A-55E8187C1502",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "EF4E0EFE-4FF6-4E8F-8EC5-68B059FC0C42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "49965B80-DC27-4864-BDF0-CBBFF16BFD80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF57C14-86B6-419A-BAFF-93D01CB1E081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78BAA18C-E5A0-4210-B64B-709BBFF31EEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "13A159B4-B847-47DE-B7F8-89384E6C551B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "57B59616-A309-40B4-94B1-50A7BC00E35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0F39A1B1-416E-4436-8007-733B66904A14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DD5FC218-3DDB-4981-81C9-6C69F8DA6F4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2E5F96-66D2-4F99-A74D-6A2305EE218E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2D724D09-0D45-4701-93C9-348301217C8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6713614A-B14E-4A85-BF89-ED780068FC68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FD95F8EB-B428-4B3C-9254-A5DECE03A989",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "069EB7EE-06B9-454F-9007-8DE5DCA33C53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "18BF5BE6-09EA-45AD-93BF-2BEF1742534E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EC1460DF-1687-4314-BF1A-01290B20302D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "470380B0-3982-48FC-871B-C8B43C81900D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAA7712-10F0-4BB6-BAFB-D0806AFD9DE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "63190D9B-7958-4B93-87C6-E7D5A572F6DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7AB2E2E8-81D6-4973-AC0F-AA644EE99DD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4AAF4586-74FF-47C6-864B-656FDF3F33D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B14EF0C7-61F2-47A4-B7F8-43FF03C62DCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5245F990-B4A7-4ED8-909D-B8137CE79FAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5652D5B0-68E4-4239-B9B7-599AFCF4C53E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "57B71BB7-5239-4860-9100-8CABC3992D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "72BD447A-4EED-482C-8F61-48FAD4FCF8BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B3F9DF9D-15E5-4387-ABE3-A7583331A928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "11579E5C-D7CF-46EE-B015-5F4185C174E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C69CDE21-2FD4-4529-8F02-8709CF5E3D7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "221B9AC4-C63C-4386-B3BD-E4BC102C6124",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "78B7BA75-2A32-4A8E-ADF8-BCB4FC48CB5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2BEA491B-77FD-4760-8F6F-3EBC6BD810D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BB25CFBB-347C-479E-8853-F49DD6CBD7D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4D2937B3-D034-400E-84F5-33833CE3764D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "71AEE8B4-FCF8-483B-8D4C-2E80A02E925E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4C2AF1D9-33B6-4B2C-9269-426B6B720164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "84B70263-37AA-4539-A286-12038A3792C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2E46E4B4-808C-4B47-81D9-EC2B02A5E57B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6FF30D7F-353B-4496-9A89-4EF2BB279E0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "DD97DF34-35AB-4979-96E2-B23DC8556A79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7007E77F-60EF-44D8-9676-15B59DF1325F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "E727CECE-E452-489A-A42F-5A069D6AF80E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "149A1FB8-593E-412B-8E1C-3E560301D500",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "5D6E8982-D7AE-4A52-8F7C-A4D59D2A2CA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "8FC144FA-8F84-44C0-B263-B639FEAD20FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "295907B4-C3DE-4021-BE3B-A8826D4379E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "DBC98F82-6E1D-4A89-8ED4-ECD9BD954EB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "B881352D-954E-4FC0-9E42-93D02A3F3089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "17437AED-816A-4CCF-96DE-8C3D0CC8DB2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "74E7AE59-1CB0-4300-BBE0-109F909789EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9222821E-370F-4616-B787-CC22C2F4E7CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9809449F-9A76-4318-B233-B4C2950A6EA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0AA962D4-A4EC-4DC3-B8A9-D10941B92781",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8CDFEF9-C367-4800-8A2F-375C261FAE55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "16E43B88-1563-4EFD-9267-AE3E8C35D67A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "11E5715F-A8BC-49EF-836B-BB78E1BC0790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5FA68843-158E-463E-B68A-1ACF041C4E10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1874F637-77E2-4C4A-BF92-AEE96A60BFB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9592B32E-55CD-42D0-901E-8319823BC820",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A9BF34B5-F74C-4D56-9841-42452D60CB87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD02D837-FD28-4E0F-93F8-25E8D1C84A99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "88358D1E-BE6F-4CE3-A522-83D1FA4739E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D8B97B03-7DA7-4A5F-89B4-E78CAB20DE17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "86767200-6C9C-4C3E-B111-0E5BE61E197B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B00B416D-FF23-4C76-8751-26D305F0FA0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CCB6CDDD-70D3-4004-BCE0-8C4723076103",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A782CA26-9C38-40A8-92AE-D47B14D2FCE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "0892C89E-9389-4452-B7E0-981A763CD426",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "635F3CB1-B042-43CC-91AB-746098018D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E1F32DDF-17A3-45B5-9227-833EBEBD3923",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "2CDFB7E9-8510-430F-BFBC-FD811D60DC78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "79D5336A-14AA-483E-9CBE-A7B53120B925",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "3AADA875-E0EA-483A-A07E-2914FE969972",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.14:*:*:*:*:*:*:*",
"matchCriteriaId": "95D48A71-B84E-4B6C-9603-B3373052E568",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9EF4B938-BB14-4C06-BEE9-10CA755C5DEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "981C922C-7A7D-473E-8C43-03AB62FB5B8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5D0CD11A-09C2-4C60-8F0C-68E55BD6EE63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B0F40E4A-E125-4099-A8B3-D42614AA9312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4933D9DD-A630-4A3D-9D13-9E182F5F6F8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A9E6D530-91FC-42F4-A427-6601238E0187",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PHP before 5.3.7 does not properly implement the error_log function, which allows context-dependent attackers to cause a denial of service (application crash) via unspecified vectors."
},
{
"lang": "es",
"value": "PHP antes de v5.3.7 no aplica correctamente la funci\u00f3n error_log, lo que permite a atacantes dependientes del contexto provocar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2011-3267",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-08-25T18:55:01.193",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/74739"
},
{
"source": "cve@mitre.org",
"url": "http://support.apple.com/kb/HT5130"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:165"
},
{
"source": "cve@mitre.org",
"url": "http://www.php.net/ChangeLog-5.php#5.3.7"
},
{
"source": "cve@mitre.org",
"url": "http://www.php.net/archive/2011.php#id2011-08-18-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/49241"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69428"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/74739"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5130"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:165"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.php.net/ChangeLog-5.php#5.3.7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.php.net/archive/2011.php#id2011-08-18-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/49241"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69428"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-07-25 14:59
Modified
2025-04-12 10:46
Severity ?
Summary
ext/snmp/snmp.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact via crafted serialized data, a related issue to CVE-2016-5773.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.1 | |
| php | php | 5.6.2 | |
| php | php | 5.6.3 | |
| php | php | 5.6.4 | |
| php | php | 5.6.5 | |
| php | php | 5.6.6 | |
| php | php | 5.6.7 | |
| php | php | 5.6.8 | |
| php | php | 5.6.9 | |
| php | php | 5.6.10 | |
| php | php | 5.6.11 | |
| php | php | 5.6.12 | |
| php | php | 5.6.13 | |
| php | php | 5.6.14 | |
| php | php | 5.6.15 | |
| php | php | 5.6.16 | |
| php | php | 5.6.17 | |
| php | php | 5.6.18 | |
| php | php | 5.6.19 | |
| php | php | 5.6.20 | |
| php | php | 5.6.21 | |
| php | php | 5.6.22 | |
| php | php | 5.6.23 | |
| php | php | 7.0.0 | |
| php | php | 7.0.1 | |
| php | php | 7.0.2 | |
| php | php | 7.0.3 | |
| php | php | 7.0.4 | |
| php | php | 7.0.5 | |
| php | php | 7.0.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11DF4C58-F13C-40DC-8821-A7C704CA964C",
"versionEndIncluding": "5.5.37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "5BF4E8FF-A3EC-43E8-A0C1-FD38AFCB77B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "54ADECFC-3C07-43BC-B296-6C25AC7F1C95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*",
"matchCriteriaId": "FE192054-2FBB-4388-A52A-422E20DEA2D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*",
"matchCriteriaId": "F0195D48-3B42-4AC0-B9C5-436E01C63879",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*",
"matchCriteriaId": "BF0E5D67-ABC1-41A5-94E1-7DD3CDB51D81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "319E0573-B1AD-40B6-B4BC-8BE67ED3EFDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "1A7C00EB-87B7-4EB7-A4AC-8665D8C78467",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "21BFCF10-786A-4D1E-9C37-50A1EC6056F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "95A6D6C8-5F46-4897-A0B0-778631E8CE6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F1F13E2D-A8F7-4B74-8D03-7905C81672C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE18933A-5FE6-41C7-B1B6-DA3E762C3FB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9AE1289F-03A6-4621-B387-5F5ADAC4AE92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "383697F5-D29E-475A-84F3-46B54A928889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "786ED182-5D71-4197-9196-12AB5CF05F85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF90980D-74AD-44AA-A7C5-A0B294CCE4F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "48D6B69C-8F27-4F4C-B953-67A7F9C2FBA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B53DC0C3-EA19-4465-B65A-BC7CDB10D8BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "BEA4DFC1-6C0C-42FB-9F47-E3E1AA9E47E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "D904E21A-4B3B-4D96-850C-0C0315F14E6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.11:*:*:*:*:*:*:*",
"matchCriteriaId": "C7CEF6D7-8966-45E7-BEBB-12055F5898C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.12:*:*:*:*:*:*:*",
"matchCriteriaId": "171C1035-414C-4F3A-90F4-1A8ED26E3346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.13:*:*:*:*:*:*:*",
"matchCriteriaId": "725BBA4E-B3BA-4AFA-A284-E0CDE3EC8FB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.14:*:*:*:*:*:*:*",
"matchCriteriaId": "F7793408-66A2-4DE7-B5AA-E49E8A2EE043",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.15:*:*:*:*:*:*:*",
"matchCriteriaId": "95840EC0-512D-468D-99B0-17E8CFDD6BE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.16:*:*:*:*:*:*:*",
"matchCriteriaId": "E1078D15-8073-4C04-82C2-3C8111E18B6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.17:*:*:*:*:*:*:*",
"matchCriteriaId": "1B2E5E0C-8DD7-4CF8-A7E7-28ED0FD8B0C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.18:*:*:*:*:*:*:*",
"matchCriteriaId": "3E6EE9E4-9D6E-4CCC-B116-6020DA6884BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.19:*:*:*:*:*:*:*",
"matchCriteriaId": "F9A23E37-8B94-440A-8014-389AC5389A19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.20:*:*:*:*:*:*:*",
"matchCriteriaId": "AD5E20AF-724B-4DBD-9AED-920375666B6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.21:*:*:*:*:*:*:*",
"matchCriteriaId": "FD008BBB-10C9-48E2-97B8-6B86B54FD48E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.22:*:*:*:*:*:*:*",
"matchCriteriaId": "90727984-6853-4348-B3CD-4869788117FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.23:*:*:*:*:*:*:*",
"matchCriteriaId": "08AA5F56-9D59-436E-BEB8-68A8A73B6D32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6890AF-8A0A-46EE-AAD5-CF9AAE14A321",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6B90B947-7B54-47F3-9637-2F4AC44079EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "35848414-BD5D-4164-84DC-61ABBB1C4152",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2B1F8402-8551-4F66-A9A7-81D472AB058E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7A773E8E-48CD-4D35-A0FD-629BD9334486",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FC492340-79AF-4676-A161-079A97EC6F0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "751F51CA-9D88-4971-A6EC-8C0B72E8E22B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ext/snmp/snmp.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact via crafted serialized data, a related issue to CVE-2016-5773."
},
{
"lang": "es",
"value": "ext/snmp/snmp.c en PHP en versiones anteriores a 5.5.38, 5.6.x en versiones anteriores a 5.6.24 y 7.x en versiones anteriores a 7.0.9 no interact\u00faa correctamente con la implementaci\u00f3n no serializada y la recolecci\u00f3n de basura, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (uso despu\u00e9s de liberaci\u00f3n y ca\u00edda de aplicaci\u00f3n) o posiblemente tener otro impacto no especificado a trav\u00e9s de datos serializados, un problema relacionado con CVE-2016-5773."
}
],
"id": "CVE-2016-6295",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-07-25T14:59:08.670",
"references": [
{
"source": "cve@mitre.org",
"url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=cab1c3b3708eead315e033359d07049b23b147a3"
},
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch"
],
"url": "http://openwall.com/lists/oss-security/2016/07/24/2"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes"
],
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes"
],
"url": "http://php.net/ChangeLog-7.php"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2016/dsa-3631"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/92094"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1036430"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugs.php.net/72479"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201611-22"
},
{
"source": "cve@mitre.org",
"url": "https://support.apple.com/HT207170"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=cab1c3b3708eead315e033359d07049b23b147a3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch"
],
"url": "http://openwall.com/lists/oss-security/2016/07/24/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "http://php.net/ChangeLog-7.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3631"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/92094"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036430"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugs.php.net/72479"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201611-22"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.apple.com/HT207170"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-09-17 21:59
Modified
2025-04-12 10:46
Severity ?
Summary
ext/intl/msgformat/msgformat_format.c in PHP before 5.6.26 and 7.x before 7.0.11 does not properly restrict the locale length provided to the Locale class in the ICU library, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a MessageFormatter::formatMessage call with a long first argument.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D860D77C-575A-48A1-9475-485D26EF5E41",
"versionEndIncluding": "5.6.25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6890AF-8A0A-46EE-AAD5-CF9AAE14A321",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6B90B947-7B54-47F3-9637-2F4AC44079EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "35848414-BD5D-4164-84DC-61ABBB1C4152",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2B1F8402-8551-4F66-A9A7-81D472AB058E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7A773E8E-48CD-4D35-A0FD-629BD9334486",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FC492340-79AF-4676-A161-079A97EC6F0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F1C2D8FE-C380-4B43-B634-A3DBA4700A71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3EB58393-0C10-413C-8D95-6BAA8BC19A1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "751F51CA-9D88-4971-A6EC-8C0B72E8E22B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "37B74118-8FC2-44CB-9673-A83DF777B2E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "4D56A200-1477-40DA-9444-CFC946157C69",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ext/intl/msgformat/msgformat_format.c in PHP before 5.6.26 and 7.x before 7.0.11 does not properly restrict the locale length provided to the Locale class in the ICU library, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a MessageFormatter::formatMessage call with a long first argument."
},
{
"lang": "es",
"value": "ext/intl/msgformat/msgformat_format.c en PHP en versiones anteriores a 5.6.26 y 7.x en versiones anteriores a 7.0.11 no restringe adecuadamente la longitud proporcionada a locale para la clase Locale en la libreria ICU, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) o tener otro posible impacto no especificado a trav\u00e9s de una llamada MessageFormatter::formatMessage con un primer argumento grande."
}
],
"id": "CVE-2016-7416",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-09-17T21:59:08.107",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2016/09/15/10"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes"
],
"url": "http://www.php.net/ChangeLog-5.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes"
],
"url": "http://www.php.net/ChangeLog-7.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/93008"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1036836"
},
{
"source": "cve@mitre.org",
"url": "https://access.redhat.com/errata/RHSA-2018:1296"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
],
"url": "https://bugs.php.net/bug.php?id=73007"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://github.com/php/php-src/commit/6d55ba265637d6adf0ba7e9c9ef11187d1ec2f5b?w=1"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201611-22"
},
{
"source": "cve@mitre.org",
"url": "https://www.tenable.com/security/tns-2016-19"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2016/09/15/10"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "http://www.php.net/ChangeLog-5.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "http://www.php.net/ChangeLog-7.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93008"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036836"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2018:1296"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking"
],
"url": "https://bugs.php.net/bug.php?id=73007"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://github.com/php/php-src/commit/6d55ba265637d6adf0ba7e9c9ef11187d1ec2f5b?w=1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201611-22"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.tenable.com/security/tns-2016-19"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-03-20 02:00
Modified
2025-04-11 00:51
Severity ?
Summary
exif.c in the Exif extension in PHP before 5.3.6 on 64-bit platforms performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) via an image with a crafted Image File Directory (IFD) that triggers a buffer over-read.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| php | php | 1.0 | |
| php | php | 2.0 | |
| php | php | 2.0b10 | |
| php | php | 3.0 | |
| php | php | 3.0.1 | |
| php | php | 3.0.2 | |
| php | php | 3.0.3 | |
| php | php | 3.0.4 | |
| php | php | 3.0.5 | |
| php | php | 3.0.6 | |
| php | php | 3.0.7 | |
| php | php | 3.0.8 | |
| php | php | 3.0.9 | |
| php | php | 3.0.10 | |
| php | php | 3.0.11 | |
| php | php | 3.0.12 | |
| php | php | 3.0.13 | |
| php | php | 3.0.14 | |
| php | php | 3.0.15 | |
| php | php | 3.0.16 | |
| php | php | 3.0.17 | |
| php | php | 3.0.18 | |
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0.0 | |
| php | php | 4.0.1 | |
| php | php | 4.0.2 | |
| php | php | 4.0.3 | |
| php | php | 4.0.4 | |
| php | php | 4.0.5 | |
| php | php | 4.0.6 | |
| php | php | 4.0.7 | |
| php | php | 4.1.0 | |
| php | php | 4.1.1 | |
| php | php | 4.1.2 | |
| php | php | 4.2.0 | |
| php | php | 4.2.1 | |
| php | php | 4.2.2 | |
| php | php | 4.2.3 | |
| php | php | 4.3.0 | |
| php | php | 4.3.1 | |
| php | php | 4.3.2 | |
| php | php | 4.3.3 | |
| php | php | 4.3.4 | |
| php | php | 4.3.5 | |
| php | php | 4.3.6 | |
| php | php | 4.3.7 | |
| php | php | 4.3.8 | |
| php | php | 4.3.9 | |
| php | php | 4.3.10 | |
| php | php | 4.3.11 | |
| php | php | 4.4.0 | |
| php | php | 4.4.1 | |
| php | php | 4.4.2 | |
| php | php | 4.4.3 | |
| php | php | 4.4.4 | |
| php | php | 4.4.5 | |
| php | php | 4.4.6 | |
| php | php | 4.4.7 | |
| php | php | 4.4.8 | |
| php | php | 4.4.9 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.1 | |
| php | php | 5.0.2 | |
| php | php | 5.0.3 | |
| php | php | 5.0.4 | |
| php | php | 5.0.5 | |
| php | php | 5.1.0 | |
| php | php | 5.1.1 | |
| php | php | 5.1.2 | |
| php | php | 5.1.3 | |
| php | php | 5.1.4 | |
| php | php | 5.1.5 | |
| php | php | 5.1.6 | |
| php | php | 5.2.0 | |
| php | php | 5.2.1 | |
| php | php | 5.2.2 | |
| php | php | 5.2.3 | |
| php | php | 5.2.4 | |
| php | php | 5.2.4 | |
| php | php | 5.2.5 | |
| php | php | 5.2.6 | |
| php | php | 5.2.7 | |
| php | php | 5.2.8 | |
| php | php | 5.2.9 | |
| php | php | 5.2.10 | |
| php | php | 5.2.11 | |
| php | php | 5.2.12 | |
| php | php | 5.2.13 | |
| php | php | 5.2.14 | |
| php | php | 5.2.15 | |
| php | php | 5.2.16 | |
| php | php | 5.2.17 | |
| php | php | 5.3.0 | |
| php | php | 5.3.1 | |
| php | php | 5.3.2 | |
| php | php | 5.3.3 | |
| php | php | 5.3.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "675ACEA8-3364-4ABD-BDE0-621310435AEC",
"versionEndIncluding": "5.3.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "92647629-083F-4042-8365-4AD2EBC9C1BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FF72E8D5-9F8C-4BD4-9AA4-28E23CB48A47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:2.0b10:*:*:*:*:*:*:*",
"matchCriteriaId": "83BE1120-6370-4470-8586-6581EDF3FD69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "245C601D-0FE7-47E3-8304-6FF45E9567D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "691BB8BB-329A-4640-B758-7590C99B5E42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E2BC4CCE-2774-463E-82EA-36CD442D3A7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C478024C-2FCD-463F-A75E-E04660AA9DF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AC9C32F4-5102-4E9B-9F32-B24B65A5ED2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A5BD99C0-E875-496E-BE5E-A8DCBD414B5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1851ADE5-C70C-46E0-941A-6ADF7DB5C126",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "69DA3BA2-AF53-4C9D-93FA-0317841595B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0CFEE5-2274-4BBC-A24A-3A0D13F607FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "67B59D6A-7EDA-4C34-81D6-C2557C85D164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "AEBA40B6-8FDF-41AA-8166-F491FF7F3118",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E74E2B72-A428-4BB3-B6F8-0AF5E487A807",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "1E2F1D82-8E6A-4FBF-9055-A0F395DC17FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "945FF149-3446-4905-BCA1-C397E3497B58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "8E446DBD-FEFA-4D22-9C9D-51F61C01E414",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "3C8DE728-78E1-4F9F-BC56-CD9B10E61287",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "80E31CC6-9356-4BB7-9F49-320AAF341E1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB8AD3A-9181-459A-9AF2-B3FC6BAF6FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "4B3E7199-8FB7-4930-9C0A-A36A698940B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EDBEC461-D553-41B7-8D85-20B6A933C21C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta_4_patch1:*:*:*:*:*:*",
"matchCriteriaId": "AEEF2298-98E8-409F-9205-84817CEF947B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "6AFC00BA-D64D-4407-AC69-FDD9FF013943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "D80F2A8B-B57F-4970-867A-55E8187C1502",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "EF4E0EFE-4FF6-4E8F-8EC5-68B059FC0C42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "49965B80-DC27-4864-BDF0-CBBFF16BFD80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF57C14-86B6-419A-BAFF-93D01CB1E081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78BAA18C-E5A0-4210-B64B-709BBFF31EEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "13A159B4-B847-47DE-B7F8-89384E6C551B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "57B59616-A309-40B4-94B1-50A7BC00E35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0F39A1B1-416E-4436-8007-733B66904A14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DD5FC218-3DDB-4981-81C9-6C69F8DA6F4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2E5F96-66D2-4F99-A74D-6A2305EE218E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2D724D09-0D45-4701-93C9-348301217C8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6713614A-B14E-4A85-BF89-ED780068FC68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FD95F8EB-B428-4B3C-9254-A5DECE03A989",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "069EB7EE-06B9-454F-9007-8DE5DCA33C53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "18BF5BE6-09EA-45AD-93BF-2BEF1742534E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EC1460DF-1687-4314-BF1A-01290B20302D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "470380B0-3982-48FC-871B-C8B43C81900D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAA7712-10F0-4BB6-BAFB-D0806AFD9DE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "63190D9B-7958-4B93-87C6-E7D5A572F6DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7AB2E2E8-81D6-4973-AC0F-AA644EE99DD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4AAF4586-74FF-47C6-864B-656FDF3F33D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B14EF0C7-61F2-47A4-B7F8-43FF03C62DCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5245F990-B4A7-4ED8-909D-B8137CE79FAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5652D5B0-68E4-4239-B9B7-599AFCF4C53E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "57B71BB7-5239-4860-9100-8CABC3992D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "72BD447A-4EED-482C-8F61-48FAD4FCF8BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B3F9DF9D-15E5-4387-ABE3-A7583331A928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "11579E5C-D7CF-46EE-B015-5F4185C174E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C69CDE21-2FD4-4529-8F02-8709CF5E3D7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "221B9AC4-C63C-4386-B3BD-E4BC102C6124",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "78B7BA75-2A32-4A8E-ADF8-BCB4FC48CB5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2BEA491B-77FD-4760-8F6F-3EBC6BD810D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BB25CFBB-347C-479E-8853-F49DD6CBD7D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4D2937B3-D034-400E-84F5-33833CE3764D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "71AEE8B4-FCF8-483B-8D4C-2E80A02E925E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4C2AF1D9-33B6-4B2C-9269-426B6B720164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "84B70263-37AA-4539-A286-12038A3792C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2E46E4B4-808C-4B47-81D9-EC2B02A5E57B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6FF30D7F-353B-4496-9A89-4EF2BB279E0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "DD97DF34-35AB-4979-96E2-B23DC8556A79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7007E77F-60EF-44D8-9676-15B59DF1325F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "E727CECE-E452-489A-A42F-5A069D6AF80E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "149A1FB8-593E-412B-8E1C-3E560301D500",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "5D6E8982-D7AE-4A52-8F7C-A4D59D2A2CA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "8FC144FA-8F84-44C0-B263-B639FEAD20FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "295907B4-C3DE-4021-BE3B-A8826D4379E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "DBC98F82-6E1D-4A89-8ED4-ECD9BD954EB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "B881352D-954E-4FC0-9E42-93D02A3F3089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "17437AED-816A-4CCF-96DE-8C3D0CC8DB2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "74E7AE59-1CB0-4300-BBE0-109F909789EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9222821E-370F-4616-B787-CC22C2F4E7CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9809449F-9A76-4318-B233-B4C2950A6EA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0AA962D4-A4EC-4DC3-B8A9-D10941B92781",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8CDFEF9-C367-4800-8A2F-375C261FAE55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "16E43B88-1563-4EFD-9267-AE3E8C35D67A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "11E5715F-A8BC-49EF-836B-BB78E1BC0790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5FA68843-158E-463E-B68A-1ACF041C4E10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1874F637-77E2-4C4A-BF92-AEE96A60BFB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9592B32E-55CD-42D0-901E-8319823BC820",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A9BF34B5-F74C-4D56-9841-42452D60CB87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD02D837-FD28-4E0F-93F8-25E8D1C84A99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "88358D1E-BE6F-4CE3-A522-83D1FA4739E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D8B97B03-7DA7-4A5F-89B4-E78CAB20DE17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "86767200-6C9C-4C3E-B111-0E5BE61E197B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B00B416D-FF23-4C76-8751-26D305F0FA0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.4:*:windows:*:*:*:*:*",
"matchCriteriaId": "F526115E-A68E-4B10-AA6A-9CD26CB81AF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CCB6CDDD-70D3-4004-BCE0-8C4723076103",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A782CA26-9C38-40A8-92AE-D47B14D2FCE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1C0E7E2A-4770-4B68-B74C-5F5A6E1876DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "0892C89E-9389-4452-B7E0-981A763CD426",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "635F3CB1-B042-43CC-91AB-746098018D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E1F32DDF-17A3-45B5-9227-833EBEBD3923",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "2CDFB7E9-8510-430F-BFBC-FD811D60DC78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "79D5336A-14AA-483E-9CBE-A7B53120B925",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "3AADA875-E0EA-483A-A07E-2914FE969972",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.14:*:*:*:*:*:*:*",
"matchCriteriaId": "95D48A71-B84E-4B6C-9603-B3373052E568",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "CAAB7D55-F155-43F9-A563-F2E35CFFEF26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.16:*:*:*:*:*:*:*",
"matchCriteriaId": "72243A3F-6BFD-472B-9EA4-82BE4253ED27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "E415CC22-09CA-47D2-9F1A-0BCA8960835B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9EF4B938-BB14-4C06-BEE9-10CA755C5DEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "981C922C-7A7D-473E-8C43-03AB62FB5B8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5D0CD11A-09C2-4C60-8F0C-68E55BD6EE63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B0F40E4A-E125-4099-A8B3-D42614AA9312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4933D9DD-A630-4A3D-9D13-9E182F5F6F8C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "exif.c in the Exif extension in PHP before 5.3.6 on 64-bit platforms performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) via an image with a crafted Image File Directory (IFD) that triggers a buffer over-read."
},
{
"lang": "es",
"value": "exif.c en la extensi\u00f3n Exif en PHP anterior a v5.3.6 en plataformas de 64 bits realiza una asociaci\u00f3n incorrecta, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de la aplicaci\u00f3n) a trav\u00e9s de una imagen con una Image File Directory (IFD) que provoca una sobre lectura del b\u00fafer."
}
],
"id": "CVE-2011-0708",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-03-20T02:00:03.517",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://bugs.php.net/bug.php?id=54002"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057709.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057710.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056642.html"
},
{
"source": "secalert@redhat.com",
"url": "http://marc.info/?l=bugtraq\u0026m=133469208622507\u0026w=2"
},
{
"source": "secalert@redhat.com",
"url": "http://marc.info/?l=bugtraq\u0026m=133469208622507\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "http://openwall.com/lists/oss-security/2011/02/14/1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://openwall.com/lists/oss-security/2011/02/16/7"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0071.html"
},
{
"source": "secalert@redhat.com",
"url": "http://securityreason.com/securityalert/8114"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT5002"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://svn.php.net/viewvc?view=revision\u0026revision=308316"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2011/dsa-2266"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/16261/"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:052"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:053"
},
{
"source": "secalert@redhat.com",
"url": "http://www.php.net/ChangeLog-5.php"
},
{
"source": "secalert@redhat.com",
"url": "http://www.php.net/archive/2011.php"
},
{
"source": "secalert@redhat.com",
"url": "http://www.php.net/releases/5_3_6.php"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1423.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/46365"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2011/0744"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2011/0764"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2011/0890"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=680972"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.php.net/bug.php?id=54002"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057709.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057710.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056642.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=133469208622507\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=133469208622507\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://openwall.com/lists/oss-security/2011/02/14/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://openwall.com/lists/oss-security/2011/02/16/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0071.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/8114"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5002"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://svn.php.net/viewvc?view=revision\u0026revision=308316"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2011/dsa-2266"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/16261/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:052"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:053"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.php.net/ChangeLog-5.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.php.net/archive/2011.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.php.net/releases/5_3_6.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1423.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/46365"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2011/0744"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2011/0764"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2011/0890"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=680972"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-16 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
The xsl_ext_function_php function in ext/xsl/xsltprocessor.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13, when libxml2 before 2.9.2 is used, does not consider the possibility of a NULL valuePop return value before proceeding with a free operation during initial error checking, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted XML document, a different vulnerability than CVE-2015-6838.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.1 | |
| php | php | 5.6.2 | |
| php | php | 5.6.3 | |
| php | php | 5.6.4 | |
| php | php | 5.6.5 | |
| php | php | 5.6.6 | |
| php | php | 5.6.7 | |
| php | php | 5.6.8 | |
| php | php | 5.6.9 | |
| php | php | 5.6.10 | |
| php | php | 5.6.11 | |
| php | php | 5.6.12 | |
| xmlsoft | libxml2 | * | |
| php | php | * | |
| xmlsoft | libxml2 | * | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.1 | |
| php | php | 5.5.2 | |
| php | php | 5.5.3 | |
| php | php | 5.5.4 | |
| php | php | 5.5.5 | |
| php | php | 5.5.6 | |
| php | php | 5.5.7 | |
| php | php | 5.5.8 | |
| php | php | 5.5.9 | |
| php | php | 5.5.10 | |
| php | php | 5.5.11 | |
| php | php | 5.5.12 | |
| php | php | 5.5.13 | |
| php | php | 5.5.14 | |
| php | php | 5.5.15 | |
| php | php | 5.5.16 | |
| php | php | 5.5.17 | |
| php | php | 5.5.18 | |
| php | php | 5.5.19 | |
| php | php | 5.5.20 | |
| php | php | 5.5.21 | |
| php | php | 5.5.22 | |
| php | php | 5.5.23 | |
| php | php | 5.5.24 | |
| php | php | 5.5.25 | |
| php | php | 5.5.26 | |
| php | php | 5.5.27 | |
| php | php | 5.5.28 | |
| xmlsoft | libxml2 | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "5BF4E8FF-A3EC-43E8-A0C1-FD38AFCB77B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "54ADECFC-3C07-43BC-B296-6C25AC7F1C95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*",
"matchCriteriaId": "FE192054-2FBB-4388-A52A-422E20DEA2D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*",
"matchCriteriaId": "F0195D48-3B42-4AC0-B9C5-436E01C63879",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*",
"matchCriteriaId": "BF0E5D67-ABC1-41A5-94E1-7DD3CDB51D81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "319E0573-B1AD-40B6-B4BC-8BE67ED3EFDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "1A7C00EB-87B7-4EB7-A4AC-8665D8C78467",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "21BFCF10-786A-4D1E-9C37-50A1EC6056F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "95A6D6C8-5F46-4897-A0B0-778631E8CE6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F1F13E2D-A8F7-4B74-8D03-7905C81672C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE18933A-5FE6-41C7-B1B6-DA3E762C3FB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9AE1289F-03A6-4621-B387-5F5ADAC4AE92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "383697F5-D29E-475A-84F3-46B54A928889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "786ED182-5D71-4197-9196-12AB5CF05F85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF90980D-74AD-44AA-A7C5-A0B294CCE4F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "48D6B69C-8F27-4F4C-B953-67A7F9C2FBA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B53DC0C3-EA19-4465-B65A-BC7CDB10D8BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "BEA4DFC1-6C0C-42FB-9F47-E3E1AA9E47E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "D904E21A-4B3B-4D96-850C-0C0315F14E6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.11:*:*:*:*:*:*:*",
"matchCriteriaId": "C7CEF6D7-8966-45E7-BEBB-12055F5898C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.12:*:*:*:*:*:*:*",
"matchCriteriaId": "171C1035-414C-4F3A-90F4-1A8ED26E3346",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "18BCA403-8F0F-4564-BE7E-1DE10408B54B",
"versionEndIncluding": "2.9.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2382042D-E28D-480C-9504-AC073E8A1C6C",
"versionEndIncluding": "5.4.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "18BCA403-8F0F-4564-BE7E-1DE10408B54B",
"versionEndIncluding": "2.9.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9F6D9B19-E64D-4BED-9194-17460CE19E6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "3D25E591-448C-4E3B-8557-6E48F7571796",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "6DA18F3F-B4B5-40C3-BF19-67C1F0C1787D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha3:*:*:*:*:*:*",
"matchCriteriaId": "3AF783C9-26E7-4E02-BD41-77B9783667E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha4:*:*:*:*:*:*",
"matchCriteriaId": "EF49701D-ECE4-4CEB-BDAB-24C09C8AD4B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha5:*:*:*:*:*:*",
"matchCriteriaId": "7AEDF6F7-001D-4A35-A26F-417991AD377F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha6:*:*:*:*:*:*",
"matchCriteriaId": "4031DB99-B4B4-41EC-B3C1-543D92C575A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "D5450EA7-A398-49D2-AA8E-7C95B074BAB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "04FE0E4E-BC94-4DC9-BE9B-DC57B952B2FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "BB8E09D8-9CBE-4279-88B7-24A214A5A537",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "2D41ECCE-887D-49A2-9BB3-B559495AC55B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "79B418BC-27F4-4443-A0F7-FF4ADA568C1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "8EEBDF62-BA1B-4438-9AEA-8B56AA5713E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F644EA6C-50C6-4A1C-A4AC-287AA9477B46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4DD47F30-74F5-48E8-8657-C2373FE2BD22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0C09527B-6B47-41F8-BDE6-01C47E452286",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2E454D87-23CB-4D7F-90FE-942EE54D661F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1031E646-F2CF-4A3E-8E6A-5D4BC950BEDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "130E50C1-D209-4CFF-9399-69D561340FBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F29948-9417-460B-8B04-D91AE4E8B423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A37D00C1-4F41-4400-9CE4-8E8BAA3E4142",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "093D08B7-CC3C-4616-8697-F15B253A7D9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E9CD8FEE-DE7B-47CB-9985-4092BFA071D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "A30B2D9E-F289-43C9-BFBC-1CEF284A417E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*",
"matchCriteriaId": "FE41CFDF-8ECD-41C1-94A7-5AFD42C5DDEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*",
"matchCriteriaId": "6AEAC9BA-AF82-4345-839C-D339DCB962A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:*",
"matchCriteriaId": "1EFE682F-52E3-48EC-A993-F522FC29712F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.15:*:*:*:*:*:*:*",
"matchCriteriaId": "840EE3AC-5293-4F33-9E2C-96A0A2534B02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.16:*:*:*:*:*:*:*",
"matchCriteriaId": "1C0FC407-96DB-425E-BB57-7A5BA839C37F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.17:*:*:*:*:*:*:*",
"matchCriteriaId": "D3839C81-3DAB-4E1D-9D95-BEFFD491F43D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.18:*:*:*:*:*:*:*",
"matchCriteriaId": "AC63A449-5D92-4F5F-8186-B58FFFBA54FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.19:*:*:*:*:*:*:*",
"matchCriteriaId": "F18236F6-2065-4A6A-93E7-FD90E650C689",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.20:*:*:*:*:*:*:*",
"matchCriteriaId": "DEFBA84A-A4E4-438B-B9B5-8549809DCECC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.21:*:*:*:*:*:*:*",
"matchCriteriaId": "146D3DC9-50F4-430B-B321-68ECE78879A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.22:*:*:*:*:*:*:*",
"matchCriteriaId": "1D5A7CA6-7653-46C5-8DF7-95584BF7A879",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.23:*:*:*:*:*:*:*",
"matchCriteriaId": "C5BA8300-2F4D-4C1E-8CCE-F45E8F3547A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.24:*:*:*:*:*:*:*",
"matchCriteriaId": "59A42F02-F363-4C13-BE83-19F757B84455",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.25:*:*:*:*:*:*:*",
"matchCriteriaId": "423ECD5F-5611-4D9A-8BE8-E4DC1527AF58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.26:*:*:*:*:*:*:*",
"matchCriteriaId": "44FE4648-22C5-44A6-A6DF-8B235EB7DEF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.27:*:*:*:*:*:*:*",
"matchCriteriaId": "23006CC4-85FB-48AF-8F3A-97BC3FD7FAF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.28:*:*:*:*:*:*:*",
"matchCriteriaId": "D6393D02-3968-4B0F-A2DE-61442E95DB32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "18BCA403-8F0F-4564-BE7E-1DE10408B54B",
"versionEndIncluding": "2.9.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The xsl_ext_function_php function in ext/xsl/xsltprocessor.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13, when libxml2 before 2.9.2 is used, does not consider the possibility of a NULL valuePop return value before proceeding with a free operation during initial error checking, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted XML document, a different vulnerability than CVE-2015-6838."
},
{
"lang": "es",
"value": "La funci\u00f3n xsl_function_php en ext/xsl/xsl/xsltprocessor.c en PHP en versiones anteriores a 5.4.45, 5.5.x en versiones anteriores a 5.5.29 y 5.6.x en versiones anteriores a 5.6.13, cuando se utiliza libxml2 en versiones anteriores a 2.9.2, no considera la posibilidad de un retorno NULL valuePop antes de proceder a una operaci\u00f3n libre durante la comprobaci\u00f3n inicial de errores, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (referencia a puntero NULO y ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de un documento XML manipulado, una vulnerabilidad diferente a CVE-2015-6838."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/476.html\"\u003eCWE-476: NULL Pointer Dereference\u003c/a\u003e",
"id": "CVE-2015-6837",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-16T10:59:20.627",
"references": [
{
"source": "security@opentext.com",
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "security@opentext.com",
"url": "http://www.debian.org/security/2015/dsa-3358"
},
{
"source": "security@opentext.com",
"url": "http://www.securityfocus.com/bid/76738"
},
{
"source": "security@opentext.com",
"url": "http://www.securitytracker.com/id/1033548"
},
{
"source": "security@opentext.com",
"url": "https://bugs.php.net/bug.php?id=69782"
},
{
"source": "security@opentext.com",
"url": "https://security.gentoo.org/glsa/201606-10"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3358"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/76738"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1033548"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugs.php.net/bug.php?id=69782"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201606-10"
}
],
"sourceIdentifier": "security@opentext.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-05-27 22:30
Modified
2025-04-11 00:51
Severity ?
Summary
The (1) htmlentities, (2) htmlspecialchars, (3) str_getcsv, (4) http_build_query, (5) strpbrk, and (6) strtr functions in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allow context-dependent attackers to obtain sensitive information (memory contents) by causing a userspace interruption of an internal function, related to the call time pass by reference feature.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD02D837-FD28-4E0F-93F8-25E8D1C84A99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "88358D1E-BE6F-4CE3-A522-83D1FA4739E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D8B97B03-7DA7-4A5F-89B4-E78CAB20DE17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "86767200-6C9C-4C3E-B111-0E5BE61E197B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B00B416D-FF23-4C76-8751-26D305F0FA0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CCB6CDDD-70D3-4004-BCE0-8C4723076103",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A782CA26-9C38-40A8-92AE-D47B14D2FCE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1C0E7E2A-4770-4B68-B74C-5F5A6E1876DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "0892C89E-9389-4452-B7E0-981A763CD426",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "635F3CB1-B042-43CC-91AB-746098018D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E1F32DDF-17A3-45B5-9227-833EBEBD3923",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "2CDFB7E9-8510-430F-BFBC-FD811D60DC78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "79D5336A-14AA-483E-9CBE-A7B53120B925",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "3AADA875-E0EA-483A-A07E-2914FE969972",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9EF4B938-BB14-4C06-BEE9-10CA755C5DEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "981C922C-7A7D-473E-8C43-03AB62FB5B8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5D0CD11A-09C2-4C60-8F0C-68E55BD6EE63",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The (1) htmlentities, (2) htmlspecialchars, (3) str_getcsv, (4) http_build_query, (5) strpbrk, and (6) strtr functions in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allow context-dependent attackers to obtain sensitive information (memory contents) by causing a userspace interruption of an internal function, related to the call time pass by reference feature."
},
{
"lang": "es",
"value": "Las funciones (1) htmlentities, (2) htmlspecialchars, (3) str_getcsv, (4) http_build_query, (5) strpbrk, y (6) strtr en PHP v5.2 hasta v5.2.13 y v5.3 hasta v5.3.2 permite a atacantes dependientes del contexto obtener informaci\u00f3n sensible (contenidos de memoria) provocando una interrupci\u00f3n del espacio de usuario de una funci\u00f3n interna, relativo a la caracter\u00edstica paso de tiempo de llamada por referencia."
}
],
"id": "CVE-2010-2100",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-05-27T22:30:02.140",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=133469208622507\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=133469208622507\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://php-security.org/2010/05/21/mops-2010-036-php-htmlentities-and-htmlspecialchars-interruption-information-leak-vulnerability/index.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://php-security.org/2010/05/21/mops-2010-037-php-str_getcsv-interruption-information-leak-vulnerability/index.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://php-security.org/2010/05/21/mops-2010-038-php-http_build_query-interruption-information-leak-vulnerability/index.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://php-security.org/2010/05/21/mops-2010-039-php-strpbrk-interruption-information-leak-vulnerability/index.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://php-security.org/2010/05/21/mops-2010-040-php-strtr-interruption-information-leak-vulnerability/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=133469208622507\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=133469208622507\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://php-security.org/2010/05/21/mops-2010-036-php-htmlentities-and-htmlspecialchars-interruption-information-leak-vulnerability/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://php-security.org/2010/05/21/mops-2010-037-php-str_getcsv-interruption-information-leak-vulnerability/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://php-security.org/2010/05/21/mops-2010-038-php-http_build_query-interruption-information-leak-vulnerability/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://php-security.org/2010/05/21/mops-2010-039-php-strpbrk-interruption-information-leak-vulnerability/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://php-security.org/2010/05/21/mops-2010-040-php-strtr-interruption-information-leak-vulnerability/index.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-12-11 12:00
Modified
2025-04-12 10:46
Severity ?
Summary
The phar_get_entry_data function in ext/phar/util.c in PHP before 5.5.30 and 5.6.x before 5.6.14 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a .phar file with a crafted TAR archive entry in which the Link indicator references a file that does not exist.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5AA54F4-B4D5-47A3-AA95-8D18A52AC212",
"versionEndIncluding": "5.5.29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F1F13E2D-A8F7-4B74-8D03-7905C81672C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE18933A-5FE6-41C7-B1B6-DA3E762C3FB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9AE1289F-03A6-4621-B387-5F5ADAC4AE92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "383697F5-D29E-475A-84F3-46B54A928889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "786ED182-5D71-4197-9196-12AB5CF05F85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF90980D-74AD-44AA-A7C5-A0B294CCE4F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "48D6B69C-8F27-4F4C-B953-67A7F9C2FBA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B53DC0C3-EA19-4465-B65A-BC7CDB10D8BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "BEA4DFC1-6C0C-42FB-9F47-E3E1AA9E47E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "D904E21A-4B3B-4D96-850C-0C0315F14E6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.11:*:*:*:*:*:*:*",
"matchCriteriaId": "C7CEF6D7-8966-45E7-BEBB-12055F5898C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.12:*:*:*:*:*:*:*",
"matchCriteriaId": "171C1035-414C-4F3A-90F4-1A8ED26E3346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.13:*:*:*:*:*:*:*",
"matchCriteriaId": "725BBA4E-B3BA-4AFA-A284-E0CDE3EC8FB4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "767D7ECF-24C5-4605-9368-5A41456A475E",
"versionEndIncluding": "10.11.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The phar_get_entry_data function in ext/phar/util.c in PHP before 5.5.30 and 5.6.x before 5.6.14 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a .phar file with a crafted TAR archive entry in which the Link indicator references a file that does not exist."
},
{
"lang": "es",
"value": "La funci\u00f3n phar_get_entry_data en ext/phar/util.c en PHP en versiones anteriores a 5.5.30 y 5.6.x en versiones anteriores a 5.6.14 permite a atacantes remotos causar una denegaci\u00f3n de servicio (referencia a puntero NULL y ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de un archivo .phar con una entrada de archivo TAR manipulada en la cual el indicador Link referencia a un archivo que no existe."
}
],
"evaluatorComment": "\u003ca href=\"https://cwe.mitre.org/data/definitions/476.html\"\u003eCWE-476: NULL Pointer Dereference\u003c/a\u003e\n\n\u003ca href=\"http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html\"\u003ePer Advisory: The attack can lead to remote code execution",
"id": "CVE-2015-7803",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2015-12-11T12:00:11.387",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=d698f0ae51f67c9cce870b09c59df3d6ba959244"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00052.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00099.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00037.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2015/dsa-3380"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2015/10/05/8"
},
{
"source": "secalert@redhat.com",
"url": "http://www.php.net/ChangeLog-5.php"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/76959"
},
{
"source": "secalert@redhat.com",
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2016\u0026m=slackware-security.461720"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-2786-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=69720"
},
{
"source": "secalert@redhat.com",
"url": "https://security.gentoo.org/glsa/201606-10"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/HT205637"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=d698f0ae51f67c9cce870b09c59df3d6ba959244"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00052.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00099.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00037.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3380"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2015/10/05/8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.php.net/ChangeLog-5.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/76959"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2016\u0026m=slackware-security.461720"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2786-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=69720"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201606-10"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/HT205637"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-09-07 22:55
Modified
2025-04-11 00:51
Severity ?
Summary
The sapi_header_op function in main/SAPI.c in PHP 5.4.0RC2 through 5.4.0 does not properly determine a pointer during checks for %0D sequences (aka carriage return characters), which allows remote attackers to bypass an HTTP response-splitting protection mechanism via a crafted URL, related to improper interaction between the PHP header function and certain browsers, as demonstrated by Internet Explorer and Google Chrome. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-1398.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| php | php | 5.4.0 | |
| canonical | ubuntu_linux | 8.04 | |
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 11.04 | |
| canonical | ubuntu_linux | 11.10 | |
| canonical | ubuntu_linux | 12.04 | |
| debian | debian_linux | 6.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9C2BBB98-41C7-4046-B964-53FFC87D9E7C",
"versionEndExcluding": "5.3.11",
"versionStartIncluding": "5.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "6B052DD4-8A4E-44A0-A4ED-CC9E8757EBC3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*",
"matchCriteriaId": "7EBFE35C-E243-43D1-883D-4398D71763CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
"matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*",
"matchCriteriaId": "EF49D26F-142E-468B-87C1-BABEA445255C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E4174F4F-149E-41A6-BBCC-D01114C05F38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*",
"matchCriteriaId": "CB66DB75-2B16-4EBF-9B93-CE49D8086E41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "036E8A89-7A16-411F-9D31-676313BB7244",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The sapi_header_op function in main/SAPI.c in PHP 5.4.0RC2 through 5.4.0 does not properly determine a pointer during checks for %0D sequences (aka carriage return characters), which allows remote attackers to bypass an HTTP response-splitting protection mechanism via a crafted URL, related to improper interaction between the PHP header function and certain browsers, as demonstrated by Internet Explorer and Google Chrome. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-1398."
},
{
"lang": "es",
"value": "La funci\u00f3n sapi_header_op en main/SAPI.c en PHP v5.4.0 hasta v5.4.0RC2, no determina correctamente un puntero durante los controles secuencias %0D (tambi\u00e9n conocidos como caracteres de retorno de carro), lo que permite a atacantes remotos evitar un mecanismo de protecci\u00f3n de HTTP response-splitting a trav\u00e9s de una URL modificada, relacionada con la interacci\u00f3n inadecuada entre la funci\u00f3n de cabecera de PHP y algunos navegadores, como se demuestra con Internet Explorer y Google Chrome. NOTA: esta vulnerabilidad se debe a una soluci\u00f3n incorrecta para CVE-2011-1398."
}
],
"id": "CVE-2012-4388",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-09-07T22:55:02.883",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://article.gmane.org/gmane.comp.php.devel/70584"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00006.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2012/08/29/5"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2012/09/02/1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2012/09/05/15"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2012/09/07/3"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://security-tracker.debian.org/tracker/CVE-2012-4388"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://svn.php.net/viewvc/php/php-src/branches/PHP_5_4/main/SAPI.c?r1=323986\u0026r2=323985\u0026pathrev=323986"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1027463"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-1569-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=60227"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://article.gmane.org/gmane.comp.php.devel/70584"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2012/08/29/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2012/09/02/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2012/09/05/15"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2012/09/07/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security-tracker.debian.org/tracker/CVE-2012-4388"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://svn.php.net/viewvc/php/php-src/branches/PHP_5_4/main/SAPI.c?r1=323986\u0026r2=323985\u0026pathrev=323986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1027463"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-1569-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=60227"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-12-02 01:59
Modified
2025-04-12 10:46
Severity ?
Summary
PCRE before 8.38 mishandles the interaction of lookbehind assertions and mutually recursive subpatterns, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pcre:perl_compatible_regular_expression_library:*:*:*:*:*:*:*:*",
"matchCriteriaId": "22A2867E-F109-44E6-8E01-A7010D5B6FDA",
"versionEndIncluding": "8.37",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*",
"matchCriteriaId": "253C303A-E577-4488-93E6-68A8DD942C38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*",
"matchCriteriaId": "104DA87B-DEE4-4262-AE50-8E6BC43B228B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B055DFDD-2D3F-40CD-A62E-1D9B1C005771",
"versionEndExcluding": "5.5.32",
"versionStartIncluding": "5.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "04060332-EC2C-4281-A627-8FBDCEB79154",
"versionEndExcluding": "5.6.18",
"versionStartIncluding": "5.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A20A620-CDCF-4496-86E9-1ECA1A3C665E",
"versionEndExcluding": "7.0.3",
"versionStartIncluding": "7.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PCRE before 8.38 mishandles the interaction of lookbehind assertions and mutually recursive subpatterns, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror."
},
{
"lang": "es",
"value": "PCRE en versiones anteriores a 8.38 no maneja correctamente la interacci\u00f3n de aserciones lookbehind y de subpatrones mutuamente recursivos, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (desbordamiento de buffer) o posiblemente tener otro impacto no especificado a trav\u00e9s de una expresi\u00f3n regular manipulada, seg\u00fan lo demostrado por un objeto JavaScript RegExp encontrado por Konqueror."
}
],
"id": "CVE-2015-8386",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2015-12-02T01:59:10.400",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174931.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1025.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Release Notes"
],
"url": "http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1023886"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2015/11/29/1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/82990"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1132"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://bto.bluecoat.com/security-advisory/sa128"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201607-02"
},
{
"source": "cve@mitre.org",
"url": "https://security.netapp.com/advisory/ntap-20230216-0002/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174931.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1025.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Release Notes"
],
"url": "http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1023886"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2015/11/29/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/82990"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1132"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://bto.bluecoat.com/security-advisory/sa128"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201607-02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20230216-0002/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-01-18 20:55
Modified
2025-04-11 00:51
Severity ?
Summary
The tidy_diagnose function in PHP 5.3.8 might allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted input to an application that attempts to perform Tidy::diagnose operations on invalid objects, a different vulnerability than CVE-2011-4153.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:5.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "2AF35BB6-C6B1-4683-A8BE-AA72CC34F5B5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The tidy_diagnose function in PHP 5.3.8 might allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted input to an application that attempts to perform Tidy::diagnose operations on invalid objects, a different vulnerability than CVE-2011-4153."
},
{
"lang": "es",
"value": "La funci\u00f3n tidy_diagnose de PHP v5.3.8 podr\u00eda permitir a atacantes remotos provocar una denegaci\u00f3n de servicio (puntero a NULL y ca\u00edda de la aplicaci\u00f3n) a trav\u00e9s del ingreso de determinados datos a una aplicaci\u00f3n que intenta realizar operaciones tidy::diagnose sobre objetos no v\u00e1lidos. Se trata de una vulnerabilidad diferente a la CVE -2011-4153."
}
],
"id": "CVE-2012-0781",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-01-18T20:55:03.550",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-01/0092.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://cxsecurity.com/research/103"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00013.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/48668"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/18370/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-01/0092.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://cxsecurity.com/research/103"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00013.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48668"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/18370/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-09-12 01:59
Modified
2025-04-12 10:46
Severity ?
Summary
The imagetruecolortopalette function in ext/gd/gd.c in PHP before 5.6.25 and 7.x before 7.0.10 does not properly validate the number of colors, which allows remote attackers to cause a denial of service (select_colors allocation error and out-of-bounds write) or possibly have unspecified other impact via a large value in the third argument.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6890AF-8A0A-46EE-AAD5-CF9AAE14A321",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6B90B947-7B54-47F3-9637-2F4AC44079EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "35848414-BD5D-4164-84DC-61ABBB1C4152",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2B1F8402-8551-4F66-A9A7-81D472AB058E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7A773E8E-48CD-4D35-A0FD-629BD9334486",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FC492340-79AF-4676-A161-079A97EC6F0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F1C2D8FE-C380-4B43-B634-A3DBA4700A71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3EB58393-0C10-413C-8D95-6BAA8BC19A1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "751F51CA-9D88-4971-A6EC-8C0B72E8E22B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "37B74118-8FC2-44CB-9673-A83DF777B2E6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B6862C7D-F8A4-46E5-AAD4-72C29AB4FB3A",
"versionEndIncluding": "5.6.24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The imagetruecolortopalette function in ext/gd/gd.c in PHP before 5.6.25 and 7.x before 7.0.10 does not properly validate the number of colors, which allows remote attackers to cause a denial of service (select_colors allocation error and out-of-bounds write) or possibly have unspecified other impact via a large value in the third argument."
},
{
"lang": "es",
"value": "La funci\u00f3n imagetruecolortopalette en ext/gd/gd.c en PHP en versiones anteriores a 5.6.25 y 7.x en versiones anteriores a 7.0.10 no valida adecuadamente el n\u00famero de colores, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (error de localizaci\u00f3n de colores de selecci\u00f3n y escritura fuera de l\u00edmites) o tener otro posible impacto no especificado a trav\u00e9s de un valor largo en el tercer argumento."
}
],
"id": "CVE-2016-7126",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-09-12T01:59:04.723",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://openwall.com/lists/oss-security/2016/09/02/9"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes"
],
"url": "http://www.php.net/ChangeLog-5.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes"
],
"url": "http://www.php.net/ChangeLog-7.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/92755"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036680"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
],
"url": "https://bugs.php.net/bug.php?id=72697"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://github.com/php/php-src/commit/28022c9b1fd937436ab67bb3d61f652c108baf96"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://github.com/php/php-src/commit/b6f13a5ef9d6280cf984826a5de012a32c396cd4?w=1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201611-22"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/tns-2016-19"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://openwall.com/lists/oss-security/2016/09/02/9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "http://www.php.net/ChangeLog-5.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "http://www.php.net/ChangeLog-7.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/92755"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036680"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking"
],
"url": "https://bugs.php.net/bug.php?id=72697"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://github.com/php/php-src/commit/28022c9b1fd937436ab67bb3d61f652c108baf96"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://github.com/php/php-src/commit/b6f13a5ef9d6280cf984826a5de012a32c396cd4?w=1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201611-22"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/tns-2016-19"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-12-30 01:55
Modified
2025-04-11 00:51
Severity ?
Summary
PHP before 5.3.9 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.1 | |
| php | php | 5.0.2 | |
| php | php | 5.0.3 | |
| php | php | 5.0.4 | |
| php | php | 5.0.5 | |
| php | php | 5.1.1 | |
| php | php | 5.1.2 | |
| php | php | 5.1.3 | |
| php | php | 5.1.4 | |
| php | php | 5.1.5 | |
| php | php | 5.1.6 | |
| php | php | 5.2.0 | |
| php | php | 5.2.1 | |
| php | php | 5.2.2 | |
| php | php | 5.2.3 | |
| php | php | 5.2.4 | |
| php | php | 5.2.5 | |
| php | php | 5.2.6 | |
| php | php | 5.2.7 | |
| php | php | 5.2.8 | |
| php | php | 5.2.9 | |
| php | php | 5.2.10 | |
| php | php | 5.2.11 | |
| php | php | 5.2.12 | |
| php | php | 5.2.14 | |
| php | php | 5.2.15 | |
| php | php | 5.2.16 | |
| php | php | 5.2.17 | |
| php | php | 5.3.0 | |
| php | php | 5.3.1 | |
| php | php | 5.3.2 | |
| php | php | 5.3.3 | |
| php | php | 5.3.4 | |
| php | php | 5.3.5 | |
| php | php | 5.3.6 | |
| php | php | 5.3.7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8C09D791-3577-4B41-821D-C3965FEF8FCC",
"versionEndIncluding": "5.3.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7007E77F-60EF-44D8-9676-15B59DF1325F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "E727CECE-E452-489A-A42F-5A069D6AF80E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "149A1FB8-593E-412B-8E1C-3E560301D500",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "5D6E8982-D7AE-4A52-8F7C-A4D59D2A2CA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "8FC144FA-8F84-44C0-B263-B639FEAD20FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "295907B4-C3DE-4021-BE3B-A8826D4379E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "DBC98F82-6E1D-4A89-8ED4-ECD9BD954EB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "B881352D-954E-4FC0-9E42-93D02A3F3089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "17437AED-816A-4CCF-96DE-8C3D0CC8DB2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "74E7AE59-1CB0-4300-BBE0-109F909789EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9222821E-370F-4616-B787-CC22C2F4E7CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9809449F-9A76-4318-B233-B4C2950A6EA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0AA962D4-A4EC-4DC3-B8A9-D10941B92781",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "16E43B88-1563-4EFD-9267-AE3E8C35D67A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "11E5715F-A8BC-49EF-836B-BB78E1BC0790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5FA68843-158E-463E-B68A-1ACF041C4E10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1874F637-77E2-4C4A-BF92-AEE96A60BFB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9592B32E-55CD-42D0-901E-8319823BC820",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A9BF34B5-F74C-4D56-9841-42452D60CB87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD02D837-FD28-4E0F-93F8-25E8D1C84A99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "88358D1E-BE6F-4CE3-A522-83D1FA4739E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D8B97B03-7DA7-4A5F-89B4-E78CAB20DE17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "86767200-6C9C-4C3E-B111-0E5BE61E197B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B00B416D-FF23-4C76-8751-26D305F0FA0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CCB6CDDD-70D3-4004-BCE0-8C4723076103",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A782CA26-9C38-40A8-92AE-D47B14D2FCE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1C0E7E2A-4770-4B68-B74C-5F5A6E1876DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "0892C89E-9389-4452-B7E0-981A763CD426",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "635F3CB1-B042-43CC-91AB-746098018D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E1F32DDF-17A3-45B5-9227-833EBEBD3923",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "2CDFB7E9-8510-430F-BFBC-FD811D60DC78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "79D5336A-14AA-483E-9CBE-A7B53120B925",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.14:*:*:*:*:*:*:*",
"matchCriteriaId": "95D48A71-B84E-4B6C-9603-B3373052E568",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "CAAB7D55-F155-43F9-A563-F2E35CFFEF26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.16:*:*:*:*:*:*:*",
"matchCriteriaId": "72243A3F-6BFD-472B-9EA4-82BE4253ED27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "E415CC22-09CA-47D2-9F1A-0BCA8960835B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9EF4B938-BB14-4C06-BEE9-10CA755C5DEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "981C922C-7A7D-473E-8C43-03AB62FB5B8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5D0CD11A-09C2-4C60-8F0C-68E55BD6EE63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B0F40E4A-E125-4099-A8B3-D42614AA9312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4933D9DD-A630-4A3D-9D13-9E182F5F6F8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A9E6D530-91FC-42F4-A427-6601238E0187",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9EC938DB-E066-407F-BDF8-61A1C41136F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "ACDF768D-7F5A-4042-B7DD-398F65F3F094",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PHP before 5.3.9 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters."
},
{
"lang": "es",
"value": "PHP anterior a v5.3.9 calcula los valores hash de los par\u00e1metros de forma, sin restringir la capacidad de desencadenar colisiones hash predecible, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (consumo de CPU) mediante el env\u00edo de gran cantidad de par\u00e1metros a mano."
}
],
"id": "CVE-2011-4885",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-12-30T01:55:01.563",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2011-12/0181.html"
},
{
"source": "cve@mitre.org",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
},
{
"source": "cve@mitre.org",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
},
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00013.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=132871655717248\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=132871655717248\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=133469208622507\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=133469208622507\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0071.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/47404"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/48668"
},
{
"source": "cve@mitre.org",
"url": "http://support.apple.com/kb/HT5281"
},
{
"source": "cve@mitre.org",
"url": "http://svn.php.net/viewvc?view=revision\u0026revision=321003"
},
{
"source": "cve@mitre.org",
"url": "http://svn.php.net/viewvc?view=revision\u0026revision=321040"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2012/dsa-2399"
},
{
"source": "cve@mitre.org",
"url": "http://www.exploit-db.com/exploits/18296"
},
{
"source": "cve@mitre.org",
"url": "http://www.exploit-db.com/exploits/18305"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/903934"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:197"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"source": "cve@mitre.org",
"url": "http://www.nruns.com/_downloads/advisory28122011.pdf"
},
{
"source": "cve@mitre.org",
"url": "http://www.ocert.org/advisories/ocert-2011-003.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2012-0019.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/51193"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1026473"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72021"
},
{
"source": "cve@mitre.org",
"url": "https://github.com/FireFart/HashCollision-DOS-POC/blob/master/HashtablePOC.py"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2011-12/0181.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00013.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=132871655717248\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=132871655717248\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=133469208622507\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=133469208622507\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0071.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/47404"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48668"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5281"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://svn.php.net/viewvc?view=revision\u0026revision=321003"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://svn.php.net/viewvc?view=revision\u0026revision=321040"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2012/dsa-2399"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.exploit-db.com/exploits/18296"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.exploit-db.com/exploits/18305"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/903934"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:197"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.nruns.com/_downloads/advisory28122011.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ocert.org/advisories/ocert-2011-003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2012-0019.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/51193"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026473"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72021"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/FireFart/HashCollision-DOS-POC/blob/master/HashtablePOC.py"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-11-24 00:30
Modified
2025-04-09 00:30
Severity ?
Summary
PHP before 5.2.12 and 5.3.x before 5.3.1 does not restrict the number of temporary files created when handling a multipart/form-data POST request, which allows remote attackers to cause a denial of service (resource exhaustion), and makes it easier for remote attackers to exploit local file inclusion vulnerabilities, via multiple requests, related to lack of support for the max_file_uploads directive.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F2304370-EDAF-4417-B624-498C427EBF53",
"versionEndExcluding": "5.2.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.0:-:*:*:*:*:*:*",
"matchCriteriaId": "A315BCF0-71F5-4664-B25B-019B8A1075BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "1DF14239-64E0-46F0-A8DE-8BB11EEC2F1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.0:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "BDC814D7-52A0-4610-B812-1F47C08BEF8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.0:alpha3:*:*:*:*:*:*",
"matchCriteriaId": "9E66A080-A759-41BA-99A6-70074DF2A1E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "F9D343FF-1DC6-477C-8DBA-D3C309D1B9BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "1F397590-70B4-43B9-9F5B-BC1020393A68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "17586008-7FBC-4238-B208-4563040D1982",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "F5D02F98-10F7-4F7B-A31E-7C28EC034BBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "8F021309-38E4-4D19-B1EB-975D9F42F4F3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "546EBFC8-79F0-42C2-9B9A-A76CA3F19470",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0F92AB32-E7DE-43F4-B877-1F41FA162EC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8C757774-08E7-40AA-B532-6F705C8F7639",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "036E8A89-7A16-411F-9D31-676313BB7244",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PHP before 5.2.12 and 5.3.x before 5.3.1 does not restrict the number of temporary files created when handling a multipart/form-data POST request, which allows remote attackers to cause a denial of service (resource exhaustion), and makes it easier for remote attackers to exploit local file inclusion vulnerabilities, via multiple requests, related to lack of support for the max_file_uploads directive."
},
{
"lang": "es",
"value": "PHP v5.2.11, y v5.3.x antes de v5.3.1, no restringen el n\u00famero de archivos temporales creados al manipular una solicitud POST multipart/form-data, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (por agotamiento de recursos), y facilita a los atacantes remotos aprovecharse de las vulnerabilidades de inclusi\u00f3n de archivos locales, a trav\u00e9s de m\u00faltiples peticiones, en relaci\u00f3n a la falta de apoyo a la directiva max_file_uploads."
}
],
"id": "CVE-2009-4017",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-11-24T00:30:00.500",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=127680701405735\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=127680701405735\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Release Notes"
],
"url": "http://news.php.net/php.announce/79"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2009/Nov/228"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/37482"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/37821"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/40262"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/41480"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/41490"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT4077"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.acunetix.com/blog/websecuritynews/php-multipartform-data-denial-of-service/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2009/dsa-1940"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:303"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:305"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2009/11/20/2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2009/11/20/7"
},
{
"source": "secalert@redhat.com",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://www.php.net/ChangeLog-5.php"
},
{
"source": "secalert@redhat.com",
"tags": [
"Release Notes"
],
"url": "http://www.php.net/releases/5_2_12.php"
},
{
"source": "secalert@redhat.com",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://www.php.net/releases/5_3_1.php"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/507982/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2009/3593"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54455"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10483"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6667"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=127680701405735\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=127680701405735\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Release Notes"
],
"url": "http://news.php.net/php.announce/79"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2009/Nov/228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/37482"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/37821"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/40262"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/41480"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/41490"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT4077"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.acunetix.com/blog/websecuritynews/php-multipartform-data-denial-of-service/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2009/dsa-1940"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:303"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:305"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2009/11/20/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2009/11/20/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://www.php.net/ChangeLog-5.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "http://www.php.net/releases/5_2_12.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://www.php.net/releases/5_3_1.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/507982/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2009/3593"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54455"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10483"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6667"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-770"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-11-20 21:29
Modified
2024-11-21 03:57
Severity ?
Summary
ext/standard/var.c in PHP 5.x through 7.1.24 on Windows allows attackers to cause a denial of service (NULL pointer dereference and application crash) because com and com_safearray_proxy return NULL in com_properties_get in ext/com_dotnet/com_handlers.c, as demonstrated by a serialize call on COM("WScript.Shell").
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/105989 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://bugs.php.net/bug.php?id=77177 | Exploit, Issue Tracking, Mailing List, Vendor Advisory | |
| cve@mitre.org | https://security.netapp.com/advisory/ntap-20181221-0005/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/105989 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.php.net/bug.php?id=77177 | Exploit, Issue Tracking, Mailing List, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20181221-0005/ | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "19ACFD20-07F9-48C0-ACB5-2D2AA6D8B318",
"versionEndIncluding": "7.1.24",
"versionStartIncluding": "5.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ext/standard/var.c in PHP 5.x through 7.1.24 on Windows allows attackers to cause a denial of service (NULL pointer dereference and application crash) because com and com_safearray_proxy return NULL in com_properties_get in ext/com_dotnet/com_handlers.c, as demonstrated by a serialize call on COM(\"WScript.Shell\")."
},
{
"lang": "es",
"value": "ext/standard/var.c en PHP 5.x hasta la versi\u00f3n 7.1.24 en Windows permite que los atacantes provoquen una denegaci\u00f3n de servicio (desreferencia de puntero NULL y cierre inesperado de la aplicaci\u00f3n) debido a que com y com_safearray_proxy devuelven NULL en com_properties_get en ext/com_dotnet/com_handlers.c, tal y como queda demostrado con una llamada serialize en COM(\"WScript.Shell\")."
}
],
"id": "CVE-2018-19395",
"lastModified": "2024-11-21T03:57:51.250",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-11-20T21:29:01.793",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/105989"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Mailing List",
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=77177"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20181221-0005/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/105989"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Mailing List",
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=77177"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20181221-0005/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-22 01:59
Modified
2025-04-12 10:46
Severity ?
Summary
Zend/zend_exceptions.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 does not validate certain Exception objects, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or trigger unintended method execution via crafted serialized data.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://rhn.redhat.com/errata/RHSA-2016-2750.html | Third Party Advisory | |
| cve@mitre.org | http://www.php.net/ChangeLog-5.php | Vendor Advisory | |
| cve@mitre.org | https://bugs.php.net/bug.php?id=70121 | Exploit, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2016-2750.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.php.net/ChangeLog-5.php | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.php.net/bug.php?id=70121 | Exploit, Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BF8F876A-0871-49A0-859D-4481D60E6132",
"versionEndExcluding": "5.4.44",
"versionStartIncluding": "5.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B9C0D35D-0789-471F-9252-FB4233D7E1F1",
"versionEndExcluding": "5.5.28",
"versionStartIncluding": "5.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C946BEC6-918B-4C3F-9D2C-5FE90F693A2E",
"versionEndExcluding": "5.6.12",
"versionStartIncluding": "5.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Zend/zend_exceptions.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 does not validate certain Exception objects, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or trigger unintended method execution via crafted serialized data."
},
{
"lang": "es",
"value": "Zend/zend_exceptions.c en PHP en versiones anteriores a 5.4.44, 5.5.x en versiones anteriores a 5.5.28 y 5.6.x en versiones anteriores a 5.6.12 no valida ciertos objetos Exception, lo que permite atacantes remotos provocar una denegaci\u00f3n del servicio (referencia a puntero NULO y ca\u00edda de aplicaci\u00f3n) o desencadenar la ejecuci\u00f3n de un m\u00e9todo no previsto a trav\u00e9s de datos serializados manipulados."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/476.html\" rel=\"nofollow\"\u003eCWE-476: NULL Pointer Dereference\u003c/a\u003e",
"id": "CVE-2015-8876",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-22T01:59:07.697",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.php.net/ChangeLog-5.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=70121"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.php.net/ChangeLog-5.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=70121"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-01 04:15
Modified
2024-11-21 05:36
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Summary
In PHP versions 7.2.x below 7.2.29, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using get_headers() with user-supplied URL, if the URL contains zero (\0) character, the URL will be silently truncated at it. This may cause some software to make incorrect assumptions about the target of the get_headers() and possibly send some information to a wrong server.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| php | php | * | |
| php | php | * | |
| tenable | tenable.sc | * | |
| tenable | tenable.sc | 5.19.0 | |
| opensuse | leap | 15.1 | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A758E148-563D-4E04-A321-71FB7622314F",
"versionEndExcluding": "7.2.29",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ECF918F4-EEAF-4F96-A49A-D367D549C52B",
"versionEndExcluding": "7.3.16",
"versionStartIncluding": "7.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F809DF30-2CCC-4E3D-819B-75E5E0827E45",
"versionEndExcluding": "7.4.4",
"versionStartIncluding": "7.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "41DBA7C7-8084-45F6-B59D-13A9022C34DF",
"versionEndExcluding": "5.19.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tenable:tenable.sc:5.19.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0D04D487-429B-4A0F-8B86-EBD355555EDF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In PHP versions 7.2.x below 7.2.29, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using get_headers() with user-supplied URL, if the URL contains zero (\\0) character, the URL will be silently truncated at it. This may cause some software to make incorrect assumptions about the target of the get_headers() and possibly send some information to a wrong server."
},
{
"lang": "es",
"value": "En las versiones de PHP 7.2.x anterior a la versi\u00f3n 7.2.29, 7.3.x anterior a 7.3.16 y 7.4.x anterior a 7.4.4, mientras usa get_headers () con la URL suministrada por el usuario, si la URL contiene un car\u00e1cter cero (\\ 0), el La URL se truncar\u00e1 silenciosamente en ella. Esto puede hacer que algunos programas hagan suposiciones incorrectas sobre el objetivo de get_headers () y posiblemente env\u00eden informaci\u00f3n a un servidor incorrecto."
}
],
"id": "CVE-2020-7066",
"lastModified": "2024-11-21T05:36:36.360",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "security@php.net",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-01T04:15:14.020",
"references": [
{
"source": "security@php.net",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00025.html"
},
{
"source": "security@php.net",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=79329"
},
{
"source": "security@php.net",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/04/msg00021.html"
},
{
"source": "security@php.net",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20200403-0001/"
},
{
"source": "security@php.net",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4330-2/"
},
{
"source": "security@php.net",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2020/dsa-4717"
},
{
"source": "security@php.net",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2020/dsa-4719"
},
{
"source": "security@php.net",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/tns-2021-14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00025.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=79329"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/04/msg00021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20200403-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4330-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2020/dsa-4717"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2020/dsa-4719"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/tns-2021-14"
}
],
"sourceIdentifier": "security@php.net",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-170"
}
],
"source": "security@php.net",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-08-25 14:22
Modified
2025-04-11 00:51
Severity ?
Summary
PHP before 5.3.7 does not properly check the return values of the malloc, calloc, and realloc library functions, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) or trigger a buffer overflow by leveraging the ability to provide an arbitrary value for a function argument, related to (1) ext/curl/interface.c, (2) ext/date/lib/parse_date.c, (3) ext/date/lib/parse_iso_intervals.c, (4) ext/date/lib/parse_tz.c, (5) ext/date/lib/timelib.c, (6) ext/pdo_odbc/pdo_odbc.c, (7) ext/reflection/php_reflection.c, (8) ext/soap/php_sdl.c, (9) ext/xmlrpc/libxmlrpc/base64.c, (10) TSRM/tsrm_win32.c, and (11) the strtotime function.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| php | php | 1.0 | |
| php | php | 2.0 | |
| php | php | 2.0b10 | |
| php | php | 3.0 | |
| php | php | 3.0.1 | |
| php | php | 3.0.2 | |
| php | php | 3.0.3 | |
| php | php | 3.0.4 | |
| php | php | 3.0.5 | |
| php | php | 3.0.6 | |
| php | php | 3.0.7 | |
| php | php | 3.0.8 | |
| php | php | 3.0.9 | |
| php | php | 3.0.10 | |
| php | php | 3.0.11 | |
| php | php | 3.0.12 | |
| php | php | 3.0.13 | |
| php | php | 3.0.14 | |
| php | php | 3.0.15 | |
| php | php | 3.0.16 | |
| php | php | 3.0.17 | |
| php | php | 3.0.18 | |
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0.0 | |
| php | php | 4.0.1 | |
| php | php | 4.0.2 | |
| php | php | 4.0.3 | |
| php | php | 4.0.4 | |
| php | php | 4.0.5 | |
| php | php | 4.0.6 | |
| php | php | 4.0.7 | |
| php | php | 4.1.0 | |
| php | php | 4.1.1 | |
| php | php | 4.1.2 | |
| php | php | 4.2.0 | |
| php | php | 4.2.1 | |
| php | php | 4.2.2 | |
| php | php | 4.2.3 | |
| php | php | 4.3.0 | |
| php | php | 4.3.1 | |
| php | php | 4.3.2 | |
| php | php | 4.3.3 | |
| php | php | 4.3.4 | |
| php | php | 4.3.5 | |
| php | php | 4.3.6 | |
| php | php | 4.3.7 | |
| php | php | 4.3.8 | |
| php | php | 4.3.9 | |
| php | php | 4.3.10 | |
| php | php | 4.3.11 | |
| php | php | 4.4.0 | |
| php | php | 4.4.1 | |
| php | php | 4.4.2 | |
| php | php | 4.4.3 | |
| php | php | 4.4.4 | |
| php | php | 4.4.5 | |
| php | php | 4.4.6 | |
| php | php | 4.4.7 | |
| php | php | 4.4.8 | |
| php | php | 4.4.9 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.1 | |
| php | php | 5.0.2 | |
| php | php | 5.0.3 | |
| php | php | 5.0.4 | |
| php | php | 5.0.5 | |
| php | php | 5.1.0 | |
| php | php | 5.1.1 | |
| php | php | 5.1.2 | |
| php | php | 5.1.3 | |
| php | php | 5.1.4 | |
| php | php | 5.1.5 | |
| php | php | 5.1.6 | |
| php | php | 5.2.0 | |
| php | php | 5.2.1 | |
| php | php | 5.2.2 | |
| php | php | 5.2.3 | |
| php | php | 5.2.4 | |
| php | php | 5.2.5 | |
| php | php | 5.2.6 | |
| php | php | 5.2.8 | |
| php | php | 5.2.9 | |
| php | php | 5.2.10 | |
| php | php | 5.2.11 | |
| php | php | 5.2.12 | |
| php | php | 5.2.13 | |
| php | php | 5.2.14 | |
| php | php | 5.3.0 | |
| php | php | 5.3.1 | |
| php | php | 5.3.2 | |
| php | php | 5.3.3 | |
| php | php | 5.3.4 | |
| php | php | 5.3.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01ECE592-FB2E-4614-A1B7-24C5B729BF6A",
"versionEndIncluding": "5.3.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "92647629-083F-4042-8365-4AD2EBC9C1BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FF72E8D5-9F8C-4BD4-9AA4-28E23CB48A47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:2.0b10:*:*:*:*:*:*:*",
"matchCriteriaId": "83BE1120-6370-4470-8586-6581EDF3FD69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "245C601D-0FE7-47E3-8304-6FF45E9567D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "691BB8BB-329A-4640-B758-7590C99B5E42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E2BC4CCE-2774-463E-82EA-36CD442D3A7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C478024C-2FCD-463F-A75E-E04660AA9DF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AC9C32F4-5102-4E9B-9F32-B24B65A5ED2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A5BD99C0-E875-496E-BE5E-A8DCBD414B5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1851ADE5-C70C-46E0-941A-6ADF7DB5C126",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "69DA3BA2-AF53-4C9D-93FA-0317841595B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0CFEE5-2274-4BBC-A24A-3A0D13F607FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "67B59D6A-7EDA-4C34-81D6-C2557C85D164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "AEBA40B6-8FDF-41AA-8166-F491FF7F3118",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E74E2B72-A428-4BB3-B6F8-0AF5E487A807",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "1E2F1D82-8E6A-4FBF-9055-A0F395DC17FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "945FF149-3446-4905-BCA1-C397E3497B58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "8E446DBD-FEFA-4D22-9C9D-51F61C01E414",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "3C8DE728-78E1-4F9F-BC56-CD9B10E61287",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "80E31CC6-9356-4BB7-9F49-320AAF341E1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB8AD3A-9181-459A-9AF2-B3FC6BAF6FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "4B3E7199-8FB7-4930-9C0A-A36A698940B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta_4_patch1:*:*:*:*:*:*",
"matchCriteriaId": "AEEF2298-98E8-409F-9205-84817CEF947B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "6AFC00BA-D64D-4407-AC69-FDD9FF013943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "D80F2A8B-B57F-4970-867A-55E8187C1502",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "EF4E0EFE-4FF6-4E8F-8EC5-68B059FC0C42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "49965B80-DC27-4864-BDF0-CBBFF16BFD80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF57C14-86B6-419A-BAFF-93D01CB1E081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78BAA18C-E5A0-4210-B64B-709BBFF31EEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "13A159B4-B847-47DE-B7F8-89384E6C551B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "57B59616-A309-40B4-94B1-50A7BC00E35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0F39A1B1-416E-4436-8007-733B66904A14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DD5FC218-3DDB-4981-81C9-6C69F8DA6F4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2E5F96-66D2-4F99-A74D-6A2305EE218E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2D724D09-0D45-4701-93C9-348301217C8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6713614A-B14E-4A85-BF89-ED780068FC68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FD95F8EB-B428-4B3C-9254-A5DECE03A989",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "069EB7EE-06B9-454F-9007-8DE5DCA33C53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "18BF5BE6-09EA-45AD-93BF-2BEF1742534E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EC1460DF-1687-4314-BF1A-01290B20302D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "470380B0-3982-48FC-871B-C8B43C81900D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAA7712-10F0-4BB6-BAFB-D0806AFD9DE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "63190D9B-7958-4B93-87C6-E7D5A572F6DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7AB2E2E8-81D6-4973-AC0F-AA644EE99DD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4AAF4586-74FF-47C6-864B-656FDF3F33D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B14EF0C7-61F2-47A4-B7F8-43FF03C62DCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5245F990-B4A7-4ED8-909D-B8137CE79FAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5652D5B0-68E4-4239-B9B7-599AFCF4C53E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "57B71BB7-5239-4860-9100-8CABC3992D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "72BD447A-4EED-482C-8F61-48FAD4FCF8BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B3F9DF9D-15E5-4387-ABE3-A7583331A928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "11579E5C-D7CF-46EE-B015-5F4185C174E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C69CDE21-2FD4-4529-8F02-8709CF5E3D7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "221B9AC4-C63C-4386-B3BD-E4BC102C6124",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "78B7BA75-2A32-4A8E-ADF8-BCB4FC48CB5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2BEA491B-77FD-4760-8F6F-3EBC6BD810D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BB25CFBB-347C-479E-8853-F49DD6CBD7D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4D2937B3-D034-400E-84F5-33833CE3764D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "71AEE8B4-FCF8-483B-8D4C-2E80A02E925E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4C2AF1D9-33B6-4B2C-9269-426B6B720164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "84B70263-37AA-4539-A286-12038A3792C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2E46E4B4-808C-4B47-81D9-EC2B02A5E57B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6FF30D7F-353B-4496-9A89-4EF2BB279E0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "DD97DF34-35AB-4979-96E2-B23DC8556A79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7007E77F-60EF-44D8-9676-15B59DF1325F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "E727CECE-E452-489A-A42F-5A069D6AF80E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "149A1FB8-593E-412B-8E1C-3E560301D500",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "5D6E8982-D7AE-4A52-8F7C-A4D59D2A2CA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "8FC144FA-8F84-44C0-B263-B639FEAD20FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "295907B4-C3DE-4021-BE3B-A8826D4379E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "DBC98F82-6E1D-4A89-8ED4-ECD9BD954EB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "B881352D-954E-4FC0-9E42-93D02A3F3089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "17437AED-816A-4CCF-96DE-8C3D0CC8DB2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "74E7AE59-1CB0-4300-BBE0-109F909789EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9222821E-370F-4616-B787-CC22C2F4E7CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9809449F-9A76-4318-B233-B4C2950A6EA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0AA962D4-A4EC-4DC3-B8A9-D10941B92781",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8CDFEF9-C367-4800-8A2F-375C261FAE55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "16E43B88-1563-4EFD-9267-AE3E8C35D67A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "11E5715F-A8BC-49EF-836B-BB78E1BC0790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5FA68843-158E-463E-B68A-1ACF041C4E10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1874F637-77E2-4C4A-BF92-AEE96A60BFB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9592B32E-55CD-42D0-901E-8319823BC820",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A9BF34B5-F74C-4D56-9841-42452D60CB87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD02D837-FD28-4E0F-93F8-25E8D1C84A99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "88358D1E-BE6F-4CE3-A522-83D1FA4739E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D8B97B03-7DA7-4A5F-89B4-E78CAB20DE17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "86767200-6C9C-4C3E-B111-0E5BE61E197B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B00B416D-FF23-4C76-8751-26D305F0FA0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CCB6CDDD-70D3-4004-BCE0-8C4723076103",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A782CA26-9C38-40A8-92AE-D47B14D2FCE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "0892C89E-9389-4452-B7E0-981A763CD426",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "635F3CB1-B042-43CC-91AB-746098018D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E1F32DDF-17A3-45B5-9227-833EBEBD3923",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "2CDFB7E9-8510-430F-BFBC-FD811D60DC78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "79D5336A-14AA-483E-9CBE-A7B53120B925",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "3AADA875-E0EA-483A-A07E-2914FE969972",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.14:*:*:*:*:*:*:*",
"matchCriteriaId": "95D48A71-B84E-4B6C-9603-B3373052E568",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9EF4B938-BB14-4C06-BEE9-10CA755C5DEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "981C922C-7A7D-473E-8C43-03AB62FB5B8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5D0CD11A-09C2-4C60-8F0C-68E55BD6EE63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B0F40E4A-E125-4099-A8B3-D42614AA9312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4933D9DD-A630-4A3D-9D13-9E182F5F6F8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A9E6D530-91FC-42F4-A427-6601238E0187",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PHP before 5.3.7 does not properly check the return values of the malloc, calloc, and realloc library functions, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) or trigger a buffer overflow by leveraging the ability to provide an arbitrary value for a function argument, related to (1) ext/curl/interface.c, (2) ext/date/lib/parse_date.c, (3) ext/date/lib/parse_iso_intervals.c, (4) ext/date/lib/parse_tz.c, (5) ext/date/lib/timelib.c, (6) ext/pdo_odbc/pdo_odbc.c, (7) ext/reflection/php_reflection.c, (8) ext/soap/php_sdl.c, (9) ext/xmlrpc/libxmlrpc/base64.c, (10) TSRM/tsrm_win32.c, and (11) the strtotime function."
},
{
"lang": "es",
"value": "PHP anterior a 5.3.7 no comprueba correctamente valores de retorno en las funciones malloc, calloc, y realloc, lo que permite a atacantes dependientes del contexto provocar una denegaci\u00f3n de servicio (desreferenciar un puntero NULL y ca\u00edda de la aplicaci\u00f3n) o provocar un desbordamiento de b\u00fafer elevando la abilidad de proporcionar un valor de su elecci\u00f3n para un argumento de una funci\u00f3n, relacionado con (1) ext/curl/interface.c, (2) ext/date/lib/parse_date.c, (3) ext/date/lib/parse_iso_intervals.c, (4) ext/date/lib/parse_tz.c, (5) ext/date/lib/timelib.c, (6) ext/pdo_odbc/pdo_odbc.c, (7) ext/reflection/php_reflection.c, (8) ext/soap/php_sdl.c, (9) ext/xmlrpc/libxmlrpc/base64.c, (10) TSRM/tsrm_win32.c, y (11) la funci\u00f3n strtotime."
}
],
"evaluatorComment": "Per: http://cwe.mitre.org/data/definitions/476.html \r\n\u0027CWE-476: NULL Pointer Dereference\u0027",
"id": "CVE-2011-3182",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-08-25T14:22:47.553",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=131373057621672\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "http://securityreason.com/achievement_securityalert/101"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT5130"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:165"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "http://www.openwall.com/lists/oss-security/2011/08/22/9"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/49249"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69430"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=131373057621672\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://securityreason.com/achievement_securityalert/101"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5130"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:165"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.openwall.com/lists/oss-security/2011/08/22/9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/49249"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69430"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-11-09 01:00
Modified
2025-04-11 00:51
Severity ?
Summary
fopen_wrappers.c in PHP 5.3.x through 5.3.3 might allow remote attackers to bypass open_basedir restrictions via vectors related to the length of a filename.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| php | php | * | |
| canonical | ubuntu_linux | 6.06 | |
| canonical | ubuntu_linux | 8.04 | |
| canonical | ubuntu_linux | 9.10 | |
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 10.10 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "435EC709-4142-4D83-8C16-A4A2ECE9A8EB",
"versionEndExcluding": "5.2.15",
"versionStartIncluding": "5.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DF283A4F-EF8A-4E0E-8590-67A5B45CB7B3",
"versionEndExcluding": "5.3.4",
"versionStartIncluding": "5.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*",
"matchCriteriaId": "454A5D17-B171-4F1F-9E0B-F18D1E5CA9FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*",
"matchCriteriaId": "7EBFE35C-E243-43D1-883D-4398D71763CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*",
"matchCriteriaId": "A2BCB73E-27BB-4878-AD9C-90C4F20C25A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
"matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*",
"matchCriteriaId": "87614B58-24AB-49FB-9C84-E8DDBA16353B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "fopen_wrappers.c in PHP 5.3.x through 5.3.3 might allow remote attackers to bypass open_basedir restrictions via vectors related to the length of a filename."
},
{
"lang": "es",
"value": "fopen_wrappers.c en PHP v5.3.x hasta v5.3.3 podr\u00eda permitir a atacantes remotos evitar las restricciones open_basedir a trav\u00e9s de vectores relativos a la longitud del nombre de usuario."
}
],
"id": "CVE-2010-3436",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-11-09T01:00:02.147",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/42729"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/42812"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://security-tracker.debian.org/tracker/CVE-2010-3436"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.490619"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT4581"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT5002"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://svn.php.net/viewvc/php/php-src/trunk/main/fopen_wrappers.c?r1=303824\u0026r2=303823\u0026pathrev=303824"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://svn.php.net/viewvc?view=revision\u0026revision=303824"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:218"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.php.net/ChangeLog-5.php"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.php.net/archive/2010.php#id2010-12-10-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.php.net/releases/5_2_15.php"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.php.net/releases/5_3_4.php"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/44723"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-1042-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2010/3313"
},
{
"source": "secalert@redhat.com",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2011/0077"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/42729"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/42812"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security-tracker.debian.org/tracker/CVE-2010-3436"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.490619"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT4581"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT5002"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://svn.php.net/viewvc/php/php-src/trunk/main/fopen_wrappers.c?r1=303824\u0026r2=303823\u0026pathrev=303824"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://svn.php.net/viewvc?view=revision\u0026revision=303824"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:218"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.php.net/ChangeLog-5.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.php.net/archive/2010.php#id2010-12-10-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.php.net/releases/5_2_15.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.php.net/releases/5_3_4.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/44723"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-1042-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2010/3313"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2011/0077"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-01-12 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
The Apache module for PHP 4.0.0 through PHP 4.0.4, when disabled with the 'engine = off' option for a virtual host, may disable PHP for other virtual hosts, which could cause Apache to serve the source code of PHP scripts.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | 4.0 | |
| php | php | 4.0.1 | |
| php | php | 4.0.3 | |
| php | php | 4.0.4 | |
| mandrakesoft | mandrake_linux | 7.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EDBEC461-D553-41B7-8D85-20B6A933C21C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78BAA18C-E5A0-4210-B64B-709BBFF31EEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "57B59616-A309-40B4-94B1-50A7BC00E35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0F39A1B1-416E-4436-8007-733B66904A14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0A8FBD5A-2FD0-43CD-AC4B-1D6984D336FE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Apache module for PHP 4.0.0 through PHP 4.0.4, when disabled with the \u0027engine = off\u0027 option for a virtual host, may disable PHP for other virtual hosts, which could cause Apache to serve the source code of PHP scripts."
}
],
"id": "CVE-2001-1385",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-01-12T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000373"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=97957961212852"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2001/dsa-020"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/5939.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-013.php3"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-136.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/2205"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000373"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=97957961212852"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2001/dsa-020"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/5939.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-013.php3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-136.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/2205"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-11-14 03:59
Modified
2025-04-12 10:46
Severity ?
Summary
PC-EGG pWebManager before 3.3.10, and before 2.2.2 for PHP 4.x, allows remote authenticated users to execute arbitrary OS commands by leveraging the editor role.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| vultures@jpcert.or.jp | http://jvn.jp/en/jp/JVN25323093/index.html | Vendor Advisory | |
| vultures@jpcert.or.jp | http://jvndb.jvn.jp/jvndb/JVNDB-2015-000180 | Vendor Advisory | |
| vultures@jpcert.or.jp | http://www.pwebmanager.org/ | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://jvn.jp/en/jp/JVN25323093/index.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://jvndb.jvn.jp/jvndb/JVNDB-2015-000180 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.pwebmanager.org/ | Patch, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pc-egg:pwebmanager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F687D9BB-BF64-4ECA-8503-C37BC55BC0F3",
"versionEndIncluding": "3.3.9a",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pc-egg:pwebmanager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "26BF4E5C-2F07-4BCC-A526-B08F6E7542C7",
"versionEndIncluding": "2.2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:4.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "78B7BA75-2A32-4A8E-ADF8-BCB4FC48CB5C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:php:php:4.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2BEA491B-77FD-4760-8F6F-3EBC6BD810D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:php:php:4.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BB25CFBB-347C-479E-8853-F49DD6CBD7D4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:php:php:4.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4D2937B3-D034-400E-84F5-33833CE3764D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:php:php:4.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "71AEE8B4-FCF8-483B-8D4C-2E80A02E925E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:php:php:4.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4C2AF1D9-33B6-4B2C-9269-426B6B720164",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:php:php:4.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "84B70263-37AA-4539-A286-12038A3792C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:php:php:4.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2E46E4B4-808C-4B47-81D9-EC2B02A5E57B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:php:php:4.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6FF30D7F-353B-4496-9A89-4EF2BB279E0A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:php:php:4.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "DD97DF34-35AB-4979-96E2-B23DC8556A79",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PC-EGG pWebManager before 3.3.10, and before 2.2.2 for PHP 4.x, allows remote authenticated users to execute arbitrary OS commands by leveraging the editor role."
},
{
"lang": "es",
"value": "PC-EGG pWebManager en versiones anteriores a 3.3.10 y en versiones anteriores a 2.2.2 para PHP 4.x permite a usuarios remotos autenticados ejecutar comandos del SO arbitrarios aprovechando el rol editor."
}
],
"id": "CVE-2015-7774",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-11-14T03:59:08.790",
"references": [
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
],
"url": "http://jvn.jp/en/jp/JVN25323093/index.html"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000180"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.pwebmanager.org/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://jvn.jp/en/jp/JVN25323093/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000180"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.pwebmanager.org/"
}
],
"sourceIdentifier": "vultures@jpcert.or.jp",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-07-10 14:29
Modified
2025-04-20 01:37
Severity ?
Summary
In PHP before 5.6.31, an invalid free in the WDDX deserialization of boolean parameters could be used by attackers able to inject XML for deserialization to crash the PHP interpreter, related to an invalid free for an empty boolean element in ext/wddx/wddx.c.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "399EA21A-9B46-4F4F-9A33-4DC557B11743",
"versionEndIncluding": "5.6.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In PHP before 5.6.31, an invalid free in the WDDX deserialization of boolean parameters could be used by attackers able to inject XML for deserialization to crash the PHP interpreter, related to an invalid free for an empty boolean element in ext/wddx/wddx.c."
},
{
"lang": "es",
"value": "En PHP anterior a versi\u00f3n 5.6.31, una liberaci\u00f3n no v\u00e1lida en la deserializaci\u00f3n WDDX de par\u00e1metros booleanos podr\u00eda ser utilizada por atacantes capaces de inyectar XML para la deserializaci\u00f3n en el bloqueo del int\u00e9rprete PHP, relacionado con una liberaci\u00f3n no v\u00e1lida para un elemento booleano vac\u00edo en el archivo ext/wddx/wddx.c."
}
],
"id": "CVE-2017-11143",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-07-10T14:29:00.587",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2017/07/10/6"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/99553"
},
{
"source": "cve@mitre.org",
"url": "https://access.redhat.com/errata/RHSA-2018:1296"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=74145"
},
{
"source": "cve@mitre.org",
"url": "https://git.php.net/?p=php-src.git%3Ba=commit%3Bh=2aae60461c2ff7b7fbcdd194c789ac841d0747d7"
},
{
"source": "cve@mitre.org",
"url": "https://security.netapp.com/advisory/ntap-20180112-0001/"
},
{
"source": "cve@mitre.org",
"url": "https://www.debian.org/security/2018/dsa-4081"
},
{
"source": "cve@mitre.org",
"url": "https://www.tenable.com/security/tns-2017-12"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://openwall.com/lists/oss-security/2017/07/10/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/99553"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2018:1296"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=74145"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://git.php.net/?p=php-src.git%3Ba=commit%3Bh=2aae60461c2ff7b7fbcdd194c789ac841d0747d7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20180112-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.debian.org/security/2018/dsa-4081"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.tenable.com/security/tns-2017-12"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
},
{
"lang": "en",
"value": "CWE-502"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-04-29 21:29
Modified
2024-11-21 03:41
Severity ?
Summary
An issue was discovered in ext/phar/phar_object.c in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. There is Reflected XSS on the PHAR 403 and 404 error pages via request data of a request for a .phar file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2018-5712.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| php | php | * | |
| php | php | * | |
| php | php | * | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 17.10 | |
| canonical | ubuntu_linux | 18.04 | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| netapp | storage_automation_store | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7AD0D220-7394-448F-8EAB-24621F5C2917",
"versionEndExcluding": "5.6.36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C96ECA76-0F81-4900-A9ED-87E3F72CA615",
"versionEndExcluding": "7.0.30",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8665618B-29C9-4044-A72C-AD09B2F9C866",
"versionEndExcluding": "7.1.17",
"versionStartIncluding": "7.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7EDE3F51-E37C-42BF-821D-E31D5664329C",
"versionEndExcluding": "7.2.5",
"versionStartIncluding": "7.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*",
"matchCriteriaId": "9070C9D8-A14A-467F-8253-33B966C16886",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B7A6697-98CC-4E36-93DB-B7160F8399F9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in ext/phar/phar_object.c in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. There is Reflected XSS on the PHAR 403 and 404 error pages via request data of a request for a .phar file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2018-5712."
},
{
"lang": "es",
"value": "Se ha descubierto un problema en ext/phar/phar_object.c en PHP en versiones anteriores a la 5.6.36, versiones 7.0.x anteriores a la 7.0.30, versiones 7.1.x anteriores a la 7.1.17 y versiones 7.2.x anteriores a la 7.2.5. Hay XSS reflejado en las p\u00e1gina de error 403 y 404 de PHAR mediante los datos de petici\u00f3n de una petici\u00f3n de un archivo .phar. NOTA: Esta vulnerabilidad existe debido a una soluci\u00f3n incompleta para CVE-2018-5712."
}
],
"id": "CVE-2018-10547",
"lastModified": "2024-11-21T03:41:32.410",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-04-29T21:29:00.400",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://php.net/ChangeLog-7.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040807"
},
{
"source": "cve@mitre.org",
"url": "https://access.redhat.com/errata/RHSA-2019:2519"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=76129"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00004.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/06/msg00005.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180607-0003/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3646-1/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3646-2/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4240"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/tns-2018-12"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://php.net/ChangeLog-7.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040807"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2019:2519"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=76129"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/06/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180607-0003/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3646-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3646-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4240"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/tns-2018-12"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-12-24 17:30
Modified
2025-04-09 00:30
Severity ?
Summary
The unserialize function in PHP 5.3.0 and earlier allows context-dependent attackers to cause a denial of service (resource consumption) via a deeply nested serialized variable, as demonstrated by a string beginning with a:1: followed by many {a:1: sequences.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| php | php | 5 | |
| php | php | 5.0 | |
| php | php | 5.0 | |
| php | php | 5.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.1 | |
| php | php | 5.0.2 | |
| php | php | 5.0.3 | |
| php | php | 5.0.4 | |
| php | php | 5.0.5 | |
| php | php | 5.1.0 | |
| php | php | 5.1.1 | |
| php | php | 5.1.2 | |
| php | php | 5.1.3 | |
| php | php | 5.1.4 | |
| php | php | 5.1.5 | |
| php | php | 5.1.6 | |
| php | php | 5.2.0 | |
| php | php | 5.2.1 | |
| php | php | 5.2.2 | |
| php | php | 5.2.3 | |
| php | php | 5.2.4 | |
| php | php | 5.2.4 | |
| php | php | 5.2.5 | |
| php | php | 5.2.6 | |
| php | php | 5.2.7 | |
| php | php | 5.2.8 | |
| php | php | 5.2.9 | |
| php | php | 5.2.10 | |
| php | php | 5.2.11 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74041A08-9056-48CA-99EC-3427600DC90C",
"versionEndIncluding": "5.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5:*:*:*:*:*:*:*",
"matchCriteriaId": "6A7EED44-A15E-451F-BF5B-DB0BECA73C4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0F9D7662-A5B6-41D0-B6A1-E5ABC5ABA47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "E3797AB5-9E49-4251-A212-B6E5D9996764",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "D61D9CE9-F7A3-4F52-9D4E-B2473804ECB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7007E77F-60EF-44D8-9676-15B59DF1325F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "E727CECE-E452-489A-A42F-5A069D6AF80E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "149A1FB8-593E-412B-8E1C-3E560301D500",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "5D6E8982-D7AE-4A52-8F7C-A4D59D2A2CA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "8FC144FA-8F84-44C0-B263-B639FEAD20FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "295907B4-C3DE-4021-BE3B-A8826D4379E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "DBC98F82-6E1D-4A89-8ED4-ECD9BD954EB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "B881352D-954E-4FC0-9E42-93D02A3F3089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "17437AED-816A-4CCF-96DE-8C3D0CC8DB2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "74E7AE59-1CB0-4300-BBE0-109F909789EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9222821E-370F-4616-B787-CC22C2F4E7CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9809449F-9A76-4318-B233-B4C2950A6EA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0AA962D4-A4EC-4DC3-B8A9-D10941B92781",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8CDFEF9-C367-4800-8A2F-375C261FAE55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "16E43B88-1563-4EFD-9267-AE3E8C35D67A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "11E5715F-A8BC-49EF-836B-BB78E1BC0790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5FA68843-158E-463E-B68A-1ACF041C4E10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1874F637-77E2-4C4A-BF92-AEE96A60BFB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9592B32E-55CD-42D0-901E-8319823BC820",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A9BF34B5-F74C-4D56-9841-42452D60CB87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD02D837-FD28-4E0F-93F8-25E8D1C84A99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "88358D1E-BE6F-4CE3-A522-83D1FA4739E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D8B97B03-7DA7-4A5F-89B4-E78CAB20DE17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "86767200-6C9C-4C3E-B111-0E5BE61E197B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B00B416D-FF23-4C76-8751-26D305F0FA0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.4:*:windows:*:*:*:*:*",
"matchCriteriaId": "F526115E-A68E-4B10-AA6A-9CD26CB81AF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CCB6CDDD-70D3-4004-BCE0-8C4723076103",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A782CA26-9C38-40A8-92AE-D47B14D2FCE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1C0E7E2A-4770-4B68-B74C-5F5A6E1876DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "0892C89E-9389-4452-B7E0-981A763CD426",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "635F3CB1-B042-43CC-91AB-746098018D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E1F32DDF-17A3-45B5-9227-833EBEBD3923",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "2CDFB7E9-8510-430F-BFBC-FD811D60DC78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The unserialize function in PHP 5.3.0 and earlier allows context-dependent attackers to cause a denial of service (resource consumption) via a deeply nested serialized variable, as demonstrated by a string beginning with a:1: followed by many {a:1: sequences."
},
{
"lang": "es",
"value": "La funci\u00f3n deserializada (unserialize) en PHP 5.3.0 y anteriores permite a atacantes dependientes del contexto causar una denegaci\u00f3n de servicio (consumo de recursos) a trav\u00e9s una variables anidadas profundamente, como queda demostrada con una cadena inicializada con a:1: seguida de una larga secuencia {a:1: ."
}
],
"id": "CVE-2009-4418",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-12-24T17:30:00.233",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.suspekt.org/2009/11/28/shocking-news-in-php-exploitation/"
},
{
"source": "cve@mitre.org",
"url": "http://www.suspekt.org/downloads/POC2009-ShockingNewsInPHPExploitation.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.suspekt.org/2009/11/28/shocking-news-in-php-exploitation/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.suspekt.org/downloads/POC2009-ShockingNewsInPHPExploitation.pdf"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Red Hat does not consider this to be a security flaw. For further details, see https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-4418",
"lastModified": "2010-01-04T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-06-26 03:29
Modified
2024-11-21 03:46
Severity ?
Summary
exif_read_from_impl in ext/exif/exif.c in PHP 7.2.x through 7.2.7 allows attackers to trigger a use-after-free (in exif_read_from_file) because it closes a stream that it is not responsible for closing. The vulnerable code is reachable through the PHP exif_read_data function.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/104551 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://bugs.php.net/bug.php?id=76409 | Issue Tracking, Patch, Vendor Advisory | |
| cve@mitre.org | https://security.netapp.com/advisory/ntap-20181109-0001/ | Third Party Advisory | |
| cve@mitre.org | https://usn.ubuntu.com/3702-1/ | Third Party Advisory | |
| cve@mitre.org | https://usn.ubuntu.com/3702-2/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/104551 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.php.net/bug.php?id=76409 | Issue Tracking, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20181109-0001/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3702-1/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3702-2/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| canonical | ubuntu_linux | 18.04 | |
| netapp | storage_automation_store | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B6891109-843A-4826-9392-874FFEA68D86",
"versionEndIncluding": "7.2.7",
"versionStartIncluding": "7.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B7A6697-98CC-4E36-93DB-B7160F8399F9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "exif_read_from_impl in ext/exif/exif.c in PHP 7.2.x through 7.2.7 allows attackers to trigger a use-after-free (in exif_read_from_file) because it closes a stream that it is not responsible for closing. The vulnerable code is reachable through the PHP exif_read_data function."
},
{
"lang": "es",
"value": "exif_read_from_impl en ext/exif/exif.c en PHP en versiones 7.2.x hasta la 7.2.7 permite que los atacantes desencadenen un uso de memoria previamente liberada (en exif_read_from_file) debido a que cierra un flujo que no es responsable del cierre. El c\u00f3digo vulnerable puede alcanzarse mediante la funci\u00f3n de PHP exif_read_data."
}
],
"id": "CVE-2018-12882",
"lastModified": "2024-11-21T03:46:02.080",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-06-26T03:29:00.210",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104551"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=76409"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20181109-0001/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3702-1/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3702-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104551"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=76409"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20181109-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3702-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3702-2/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-02-18 19:55
Modified
2025-04-11 00:51
Severity ?
Summary
Fine Free file before 5.17 allows context-dependent attackers to cause a denial of service (infinite recursion, CPU consumption, and crash) via a crafted indirect offset value in the magic of a file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fine_free_file_project | fine_free_file | * | |
| php | php | * | |
| php | php | * | |
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 12.10 | |
| canonical | ubuntu_linux | 13.10 | |
| debian | debian_linux | 6.0 | |
| debian | debian_linux | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fine_free_file_project:fine_free_file:*:*:*:*:*:*:*:*",
"matchCriteriaId": "14E4DA46-13D2-45E6-83E2-E10C43DDCDF3",
"versionEndExcluding": "5.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F2384D47-CED8-4884-8A17-A7FC132F696D",
"versionEndExcluding": "5.4.26",
"versionStartIncluding": "5.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B8ED3B2D-7952-49A4-A253-3B566A648E1D",
"versionEndExcluding": "5.5.10",
"versionStartIncluding": "5.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
"matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*",
"matchCriteriaId": "CB66DB75-2B16-4EBF-9B93-CE49D8086E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E2076871-2E80-4605-A470-A41C1A8EC7EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*",
"matchCriteriaId": "7F61F047-129C-41A6-8A27-FFCBB8563E91",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "036E8A89-7A16-411F-9D31-676313BB7244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Fine Free file before 5.17 allows context-dependent attackers to cause a denial of service (infinite recursion, CPU consumption, and crash) via a crafted indirect offset value in the magic of a file."
},
{
"lang": "es",
"value": "Fine Free File anterior a 5.17 permite a atacantes dependientes de contexto causar una denegaci\u00f3n de servicio (recursi\u00f3n infinita, consumo de CPU y ca\u00edda) a trav\u00e9s de un valor manipulado de desplazamiento indirecto en el \"magic\" de un archivo."
}
],
"id": "CVE-2014-1943",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-02-18T19:55:04.377",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Tool Signature"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00034.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Tool Signature"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00037.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://mx.gw.com/pipermail/file/2014/001327.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://mx.gw.com/pipermail/file/2014/001330.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://mx.gw.com/pipermail/file/2014/001334.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://mx.gw.com/pipermail/file/2014/001337.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1765.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT6443"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2861"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2868"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://www.php.net/ChangeLog-5.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2123-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2126-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/glensc/file/blob/FILE5_17/ChangeLog"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Tool Signature"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00034.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Tool Signature"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00037.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://mx.gw.com/pipermail/file/2014/001327.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://mx.gw.com/pipermail/file/2014/001330.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://mx.gw.com/pipermail/file/2014/001334.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://mx.gw.com/pipermail/file/2014/001337.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1765.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT6443"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2861"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2014/dsa-2868"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://www.php.net/ChangeLog-5.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2123-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2126-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/glensc/file/blob/FILE5_17/ChangeLog"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-755"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-06-19 00:15
Modified
2024-11-21 04:20
Severity ?
Summary
When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "56CFABDE-1BA0-42D1-B38E-A08F27B2BF16",
"versionEndExcluding": "7.1.30",
"versionStartIncluding": "7.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2537B4A2-025F-4641-AFCF-82E492378C12",
"versionEndExcluding": "7.2.19",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B91B8478-BF61-468E-A7CC-5F418DDF2EB6",
"versionEndExcluding": "7.3.6",
"versionStartIncluding": "7.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9D7EE4B6-A6EC-4B9B-91DF-79615796673F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F1E78106-58E6-4D59-990F-75DA575BFAD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash."
},
{
"lang": "es",
"value": "Cuando la extensi\u00f3n PHP EXIF ??est\u00e1 analizando la informaci\u00f3n EXIF ??de una imagen, por ejemplo. A trav\u00e9s de la funci\u00f3n exif_read_data (), en las versiones de PHP 7.1.x a continuaci\u00f3n de 7.1.30, 7.2.x a continuaci\u00f3n de 7.2.19 y 7.3.x a continuaci\u00f3n de 7.3.6, es posible suministrar datos que har\u00e1n que lea m\u00e1s all\u00e1 del b\u00fafer asignado . Esto puede llevar a la divulgaci\u00f3n de informaci\u00f3n o colisi\u00f3n."
}
],
"id": "CVE-2019-11040",
"lastModified": "2024-11-21T04:20:25.590",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 2.5,
"source": "security@php.net",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-06-19T00:15:12.470",
"references": [
{
"source": "security@php.net",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00029.html"
},
{
"source": "security@php.net",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2519"
},
{
"source": "security@php.net",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3299"
},
{
"source": "security@php.net",
"tags": [
"Exploit",
"Mailing List",
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=77988"
},
{
"source": "security@php.net",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/Sep/35"
},
{
"source": "security@php.net",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/Sep/38"
},
{
"source": "security@php.net",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2019/dsa-4527"
},
{
"source": "security@php.net",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2019/dsa-4529"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00029.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2519"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3299"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=77988"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/Sep/35"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/Sep/38"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2019/dsa-4527"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2019/dsa-4529"
}
],
"sourceIdentifier": "security@php.net",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "security@php.net",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-01 04:15
Modified
2024-11-21 05:36
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
Summary
In PHP versions 7.2.x below 7.2.9, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while parsing EXIF data with exif_read_data() function, it is possible for malicious data to cause PHP to read one byte of uninitialized memory. This could potentially lead to information disclosure or crash.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| php | php | * | |
| php | php | * | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 | |
| canonical | ubuntu_linux | 19.10 | |
| canonical | ubuntu_linux | 20.04 | |
| opensuse | leap | 15.1 | |
| tenable | tenable.sc | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A758E148-563D-4E04-A321-71FB7622314F",
"versionEndExcluding": "7.2.29",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ECF918F4-EEAF-4F96-A49A-D367D549C52B",
"versionEndExcluding": "7.3.16",
"versionStartIncluding": "7.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F809DF30-2CCC-4E3D-819B-75E5E0827E45",
"versionEndExcluding": "7.4.4",
"versionStartIncluding": "7.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*",
"matchCriteriaId": "A31C8344-3E02-4EB8-8BD8-4C84B7959624",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "902B8056-9E37-443B-8905-8AA93E2447FB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "41DBA7C7-8084-45F6-B59D-13A9022C34DF",
"versionEndExcluding": "5.19.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In PHP versions 7.2.x below 7.2.9, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while parsing EXIF data with exif_read_data() function, it is possible for malicious data to cause PHP to read one byte of uninitialized memory. This could potentially lead to information disclosure or crash."
},
{
"lang": "es",
"value": "En PHP versiones 7.2.x por debajo de 7.2.9, versiones 7.3.x por debajo de 7.3.16 y versiones 7.4.x por debajo de 7.4.4, al analizar datos EXIF ??con la funci\u00f3n exif_read_data(), es posible que unos datos maliciosos causen que PHP lea un byte de memoria no inicializada. Esto podr\u00eda potencialmente conllevar a una divulgaci\u00f3n de informaci\u00f3n o a un bloqueo"
}
],
"id": "CVE-2020-7064",
"lastModified": "2024-11-21T05:36:36.027",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5,
"source": "security@php.net",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-01T04:15:13.693",
"references": [
{
"source": "security@php.net",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00025.html"
},
{
"source": "security@php.net",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=79282"
},
{
"source": "security@php.net",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/04/msg00021.html"
},
{
"source": "security@php.net",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20200403-0001/"
},
{
"source": "security@php.net",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4330-1/"
},
{
"source": "security@php.net",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4330-2/"
},
{
"source": "security@php.net",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2020/dsa-4717"
},
{
"source": "security@php.net",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2020/dsa-4719"
},
{
"source": "security@php.net",
"tags": [
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujan2021.html"
},
{
"source": "security@php.net",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/tns-2021-14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00025.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=79282"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/04/msg00021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20200403-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4330-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4330-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2020/dsa-4717"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2020/dsa-4719"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujan2021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/tns-2021-14"
}
],
"sourceIdentifier": "security@php.net",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "security@php.net",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-03-30 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages use of the unset function within an __wakeup function, a related issue to CVE-2015-0231.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6773B830-647B-4DCA-ABAF-BCF414C4F07C",
"versionEndIncluding": "5.4.38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9F6D9B19-E64D-4BED-9194-17460CE19E6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "3D25E591-448C-4E3B-8557-6E48F7571796",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "6DA18F3F-B4B5-40C3-BF19-67C1F0C1787D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha3:*:*:*:*:*:*",
"matchCriteriaId": "3AF783C9-26E7-4E02-BD41-77B9783667E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha4:*:*:*:*:*:*",
"matchCriteriaId": "EF49701D-ECE4-4CEB-BDAB-24C09C8AD4B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha5:*:*:*:*:*:*",
"matchCriteriaId": "7AEDF6F7-001D-4A35-A26F-417991AD377F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha6:*:*:*:*:*:*",
"matchCriteriaId": "4031DB99-B4B4-41EC-B3C1-543D92C575A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "D5450EA7-A398-49D2-AA8E-7C95B074BAB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "04FE0E4E-BC94-4DC9-BE9B-DC57B952B2FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "BB8E09D8-9CBE-4279-88B7-24A214A5A537",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "2D41ECCE-887D-49A2-9BB3-B559495AC55B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "79B418BC-27F4-4443-A0F7-FF4ADA568C1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "8EEBDF62-BA1B-4438-9AEA-8B56AA5713E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F644EA6C-50C6-4A1C-A4AC-287AA9477B46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4DD47F30-74F5-48E8-8657-C2373FE2BD22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0C09527B-6B47-41F8-BDE6-01C47E452286",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2E454D87-23CB-4D7F-90FE-942EE54D661F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1031E646-F2CF-4A3E-8E6A-5D4BC950BEDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "130E50C1-D209-4CFF-9399-69D561340FBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F29948-9417-460B-8B04-D91AE4E8B423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A37D00C1-4F41-4400-9CE4-8E8BAA3E4142",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "093D08B7-CC3C-4616-8697-F15B253A7D9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E9CD8FEE-DE7B-47CB-9985-4092BFA071D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "A30B2D9E-F289-43C9-BFBC-1CEF284A417E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*",
"matchCriteriaId": "FE41CFDF-8ECD-41C1-94A7-5AFD42C5DDEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*",
"matchCriteriaId": "6AEAC9BA-AF82-4345-839C-D339DCB962A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:*",
"matchCriteriaId": "1EFE682F-52E3-48EC-A993-F522FC29712F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.15:*:*:*:*:*:*:*",
"matchCriteriaId": "840EE3AC-5293-4F33-9E2C-96A0A2534B02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.16:*:*:*:*:*:*:*",
"matchCriteriaId": "1C0FC407-96DB-425E-BB57-7A5BA839C37F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.17:*:*:*:*:*:*:*",
"matchCriteriaId": "D3839C81-3DAB-4E1D-9D95-BEFFD491F43D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.18:*:*:*:*:*:*:*",
"matchCriteriaId": "AC63A449-5D92-4F5F-8186-B58FFFBA54FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.19:*:*:*:*:*:*:*",
"matchCriteriaId": "F18236F6-2065-4A6A-93E7-FD90E650C689",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.20:*:*:*:*:*:*:*",
"matchCriteriaId": "DEFBA84A-A4E4-438B-B9B5-8549809DCECC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.21:*:*:*:*:*:*:*",
"matchCriteriaId": "146D3DC9-50F4-430B-B321-68ECE78879A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.22:*:*:*:*:*:*:*",
"matchCriteriaId": "1D5A7CA6-7653-46C5-8DF7-95584BF7A879",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "5BF4E8FF-A3EC-43E8-A0C1-FD38AFCB77B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "54ADECFC-3C07-43BC-B296-6C25AC7F1C95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*",
"matchCriteriaId": "FE192054-2FBB-4388-A52A-422E20DEA2D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*",
"matchCriteriaId": "F0195D48-3B42-4AC0-B9C5-436E01C63879",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*",
"matchCriteriaId": "BF0E5D67-ABC1-41A5-94E1-7DD3CDB51D81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "319E0573-B1AD-40B6-B4BC-8BE67ED3EFDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "1A7C00EB-87B7-4EB7-A4AC-8665D8C78467",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "21BFCF10-786A-4D1E-9C37-50A1EC6056F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "95A6D6C8-5F46-4897-A0B0-778631E8CE6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F1F13E2D-A8F7-4B74-8D03-7905C81672C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE18933A-5FE6-41C7-B1B6-DA3E762C3FB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9AE1289F-03A6-4621-B387-5F5ADAC4AE92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "383697F5-D29E-475A-84F3-46B54A928889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "786ED182-5D71-4197-9196-12AB5CF05F85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF90980D-74AD-44AA-A7C5-A0B294CCE4F8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D1A0EBC0-73C1-4640-90AD-4371D1C0D09F",
"versionEndIncluding": "10.6.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "06A4AE53-A477-4386-887C-4B7408575C23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C8A2286E-9D1C-4B56-8B40-150201B818AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0AF9BC68-7F0D-4DF9-9CD8-6CE9844555C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D35FAC77-A0DD-4AF9-AA9E-A4B170842D2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "831B1114-7CA7-43E3-9A15-592218060A1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.10.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E8B0A12E-E122-4189-A05E-4FEA43C19876",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84489B-B08C-4854-8A12-D01B6E45CF79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8CD4EF-DC90-40BB-A721-6EC087507906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages use of the unset function within an __wakeup function, a related issue to CVE-2015-0231."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n en la funci\u00f3n process_nested_data en ext/standard/var_unserializer.re en PHP anterior a 5.4.39, 5.5.x anterior a 5.5.23, y 5.6.x anterior a 5.6.7 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de una llamada no serializada manipulada que aprovecha el uso de la funci\u00f3n unset dentro de una funci\u00f3n __wakeup, un problema relacionado con CVE-2015-0231."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/416.html\"\u003eCWE-416: Use After Free\u003c/a\u003e",
"id": "CVE-2015-2787",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-03-30T10:59:15.663",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00015.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=143748090628601\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=144050155601375\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1053.html"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1066.html"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1135.html"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1218.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/73431"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1032485"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-2572-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "https://bugs.php.net/bug.php?id=68976"
},
{
"source": "cve@mitre.org",
"url": "https://gist.github.com/smalyshev/eea9eafc7c88a4a6d10d"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201606-10"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/HT205267"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/kb/HT205031"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=143748090628601\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=144050155601375\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1053.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1066.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1135.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1218.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/73431"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032485"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2572-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://bugs.php.net/bug.php?id=68976"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://gist.github.com/smalyshev/eea9eafc7c88a4a6d10d"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201606-10"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/HT205267"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/kb/HT205031"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-05-31 20:55
Modified
2025-04-11 00:51
Severity ?
Summary
Stack-based buffer overflow in the socket_connect function in ext/sockets/sockets.c in PHP 5.3.3 through 5.3.6 might allow context-dependent attackers to execute arbitrary code via a long pathname for a UNIX socket.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:5.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B0F40E4A-E125-4099-A8B3-D42614AA9312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4933D9DD-A630-4A3D-9D13-9E182F5F6F8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A9E6D530-91FC-42F4-A427-6601238E0187",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9EC938DB-E066-407F-BDF8-61A1C41136F7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the socket_connect function in ext/sockets/sockets.c in PHP 5.3.3 through 5.3.6 might allow context-dependent attackers to execute arbitrary code via a long pathname for a UNIX socket."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en pila en la funci\u00f3n socket_connect en ext/sockets/sockets.c en PHP v5.3.3 a v5.3.6 podr\u00eda permitir a atacantes dependientes de contexto ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de una ruta larga para un socket UNIX."
}
],
"id": "CVE-2011-1938",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-05-31T20:55:05.220",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html"
},
{
"source": "secalert@redhat.com",
"url": "http://marc.info/?l=bugtraq\u0026m=133469208622507\u0026w=2"
},
{
"source": "secalert@redhat.com",
"url": "http://marc.info/?l=bugtraq\u0026m=133469208622507\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://openwall.com/lists/oss-security/2011/05/24/1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://openwall.com/lists/oss-security/2011/05/24/9"
},
{
"source": "secalert@redhat.com",
"url": "http://osvdb.org/72644"
},
{
"source": "secalert@redhat.com",
"url": "http://securityreason.com/securityalert/8262"
},
{
"source": "secalert@redhat.com",
"url": "http://securityreason.com/securityalert/8294"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT5130"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://svn.php.net/viewvc/php/php-src/trunk/ext/sockets/sockets.c?r1=311369\u0026r2=311368\u0026pathrev=311369"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://svn.php.net/viewvc?view=revision\u0026revision=311369"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2012/dsa-2399"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/17318/"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:165"
},
{
"source": "secalert@redhat.com",
"url": "http://www.php.net/ChangeLog-5.php#5.3.7"
},
{
"source": "secalert@redhat.com",
"url": "http://www.php.net/archive/2011.php#id2011-08-18-1"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1423.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/49241"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67606"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=133469208622507\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=133469208622507\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://openwall.com/lists/oss-security/2011/05/24/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://openwall.com/lists/oss-security/2011/05/24/9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/72644"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/8262"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/8294"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5130"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://svn.php.net/viewvc/php/php-src/trunk/ext/sockets/sockets.c?r1=311369\u0026r2=311368\u0026pathrev=311369"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://svn.php.net/viewvc?view=revision\u0026revision=311369"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2012/dsa-2399"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/17318/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:165"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.php.net/ChangeLog-5.php#5.3.7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.php.net/archive/2011.php#id2011-08-18-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1423.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/49241"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67606"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-11-02 16:15
Modified
2025-03-20 17:01
Severity ?
6.2 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability was found in PHP where setting the environment variable PHP_CLI_SERVER_WORKERS to a large value leads to a heap buffer overflow.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| redhat | software_collections | - | |
| redhat | enterprise_linux | 6.0 | |
| redhat | enterprise_linux | 7.0 | |
| redhat | enterprise_linux | 8.0 | |
| redhat | enterprise_linux | 9.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D7897613-672B-40B3-8703-855F44666019",
"versionEndExcluding": "8.0.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:software_collections:-:*:*:*:*:*:*:*",
"matchCriteriaId": "749804DA-4B27-492A-9ABA-6BB562A6B3AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in PHP where setting the environment variable PHP_CLI_SERVER_WORKERS to a large value leads to a heap buffer overflow."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad en PHP donde establecer la variable de entorno PHP_CLI_SERVER_WORKERS en un valor grande provoca un desbordamiento del b\u00fafer del heap."
}
],
"id": "CVE-2022-4900",
"lastModified": "2025-03-20T17:01:07.010",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.5,
"impactScore": 3.6,
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-11-02T16:15:08.700",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2022-4900"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179880"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20231130-0008/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2022-4900"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179880"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20231130-0008/"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-08-07 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
spl_array.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and application crash) via crafted serialized data.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "10C889AC-EEC6-4BD3-9302-628FB7DEF0CF",
"versionEndExcluding": "5.5.37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "610F5BCE-2990-470F-8B54-FD3AC222B70B",
"versionEndExcluding": "5.6.23",
"versionStartIncluding": "5.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3325587F-EF6F-46ED-B3D6-A7DE522AF10F",
"versionEndExcluding": "7.0.8",
"versionStartIncluding": "7.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4863BE36-D16A-4D75-90D9-FD76DB5B48B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "spl_array.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and application crash) via crafted serialized data."
},
{
"lang": "es",
"value": "spl_array.c en la extension SPL en PHP en versiones anteriores a 5.5.37 y 5.6.x en versiones anteriores a 5.6.23 interact\u00faa incorrectamente con la implementaci\u00f3n no serializada y la recolecci\u00f3n de basura, lo que permite a atacantes remotos ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (uso despu\u00e9s de liberaci\u00f3n y ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de datos serializados manipulados."
}
],
"id": "CVE-2016-5771",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-08-07T10:59:19.167",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://github.com/php/php-src/commit/3f627e580acfdaf0595ae3b115b8bec677f203ee?w=1"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Mailing List"
],
"url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00004.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00003.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Release Notes",
"Vendor Advisory"
],
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2016/dsa-3618"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/06/23/4"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/91401"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=72433"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/HT207170"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://github.com/php/php-src/commit/3f627e580acfdaf0595ae3b115b8bec677f203ee?w=1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Mailing List"
],
"url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Release Notes",
"Vendor Advisory"
],
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2016/dsa-3618"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/06/23/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/91401"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=72433"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/HT207170"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-06-09 20:15
Modified
2025-03-21 18:15
Severity ?
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
The openssl_private_decrypt function in PHP, when using PKCS1 padding (OPENSSL_PKCS1_PADDING, which is the default), is vulnerable to the Marvin Attack unless it is used with an OpenSSL version that includes the changes from this pull request: https://github.com/openssl/openssl/pull/13817 (rsa_pkcs1_implicit_rejection). These changes are part of OpenSSL 3.2 and have also been backported to stable versions of various Linux distributions, as well as to the PHP builds provided for Windows since the previous release. All distributors and builders should ensure that this version is used to prevent PHP from being vulnerable.
PHP Windows builds for the versions 8.1.29, 8.2.20 and 8.3.8 and above include OpenSSL patches that fix the vulnerability.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7DC2EEF8-834B-42A1-8DA3-0C2CF22A7070",
"versionEndExcluding": "8.1.29",
"versionStartIncluding": "8.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A39988FF-D854-4277-9D66-6911AF371DD3",
"versionEndExcluding": "8.2.20",
"versionStartIncluding": "8.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F579FFC1-4F81-4755-B14B-3AA73AC9FF7A",
"versionEndExcluding": "8.3.8",
"versionStartIncluding": "8.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*",
"matchCriteriaId": "CA277A6C-83EC-4536-9125-97B84C4FAF59",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The openssl_private_decrypt function in PHP, when using PKCS1 padding (OPENSSL_PKCS1_PADDING, which is the default), is vulnerable to the Marvin Attack unless it is used with an OpenSSL version that includes the changes from this pull request: https://github.com/openssl/openssl/pull/13817 (rsa_pkcs1_implicit_rejection). These changes are part of OpenSSL 3.2 and have also been backported to stable versions of various Linux distributions, as well as to the PHP builds provided for Windows since the previous release. All distributors and builders should ensure that this version is used to prevent PHP from being vulnerable.\n\nPHP Windows builds for the versions\u00a08.1.29,\u00a08.2.20 and\u00a08.3.8 and above include OpenSSL patches that fix the vulnerability."
},
{
"lang": "es",
"value": "La funci\u00f3n openssl_private_decrypt en PHP, cuando se usa el relleno PKCS1 (OPENSSL_PKCS1_PADDING, que es el valor predeterminado), es vulnerable al ataque Marvin a menos que se use con una versi\u00f3n de OpenSSL que incluya los cambios de esta solicitud de extracci\u00f3n: https://github.com/ openssl/openssl/pull/13817 (rsa_pkcs1_implicit_rejection). Estos cambios son parte de OpenSSL 3.2 y tambi\u00e9n se han adaptado a versiones estables de varias distribuciones de Linux, as\u00ed como a las compilaciones de PHP proporcionadas para Windows desde la versi\u00f3n anterior. Todos los distribuidores y constructores deben asegurarse de que esta versi\u00f3n se utilice para evitar que PHP sea vulnerable. Las compilaciones PHP de Windows para las versiones 8.1.29, 8.2.20 y 8.3.8 y superiores incluyen parches OpenSSL que corrigen la vulnerabilidad."
}
],
"id": "CVE-2024-2408",
"lastModified": "2025-03-21T18:15:32.457",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2024-06-09T20:15:09.270",
"references": [
{
"source": "security@php.net",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/php/php-src/security/advisories/GHSA-hh26-4ppw-5864"
},
{
"source": "security@php.net",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/"
},
{
"source": "security@php.net",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/php/php-src/security/advisories/GHSA-hh26-4ppw-5864"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20250321-0008/"
}
],
"sourceIdentifier": "security@php.net",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-203"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-203"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-09-24 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Argument injection vulnerability in the mail function for PHP 4.x to 4.2.2 may allow attackers to bypass safe mode restrictions and modify command line arguments to the MTA (e.g. sendmail) in the 5th argument to mail(), altering MTA behavior and possibly executing commands.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E7CF9839-3A11-4934-B956-B590261FDAFC",
"versionEndIncluding": "4.2.2",
"versionStartIncluding": "4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openpkg:openpkg:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "85CCF640-211C-4EC0-9F41-68F5B39CA3F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openpkg:openpkg:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B6ADD463-E918-4F4D-9FA7-D109EBC98BD8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Argument injection vulnerability in the mail function for PHP 4.x to 4.2.2 may allow attackers to bypass safe mode restrictions and modify command line arguments to the MTA (e.g. sendmail) in the 5th argument to mail(), altering MTA behavior and possibly executing commands."
}
],
"id": "CVE-2002-0985",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-09-24T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-008.0.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000545"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103011916928204\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105760591228031\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2002/dsa-168"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:082"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.novell.com/linux/security/advisories/2002_036_modphp4.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.osvdb.org/2111"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-213.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-214.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-243.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-244.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-248.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-159.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9966"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-008.0.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000545"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103011916928204\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105760591228031\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2002/dsa-168"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:082"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.novell.com/linux/security/advisories/2002_036_modphp4.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.osvdb.org/2111"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-213.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-214.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-243.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-244.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-248.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-159.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9966"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-88"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-12-10 20:28
Modified
2025-04-09 00:30
Severity ?
Summary
PHP 5.2.0 and 4.4 allows local users to bypass safe_mode and open_basedir restrictions via a malicious path and a null byte before a ";" in a session_save_path argument, followed by an allowed path, which causes a parsing inconsistency in which PHP validates the allowed path but sets session.save_path to the malicious path.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:4.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "78B7BA75-2A32-4A8E-ADF8-BCB4FC48CB5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD02D837-FD28-4E0F-93F8-25E8D1C84A99",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PHP 5.2.0 and 4.4 allows local users to bypass safe_mode and open_basedir restrictions via a malicious path and a null byte before a \";\" in a session_save_path argument, followed by an allowed path, which causes a parsing inconsistency in which PHP validates the allowed path but sets session.save_path to the malicious path."
},
{
"lang": "es",
"value": "PHP 5.2.0 y 4.4 permite a usuarios locales evitar restricciones safe_mode y open_basedir a trav\u00e9s de una ruta maliciosa y un byte nulo anterior a \";\" en el argumento session_save_path, seguido por una ruta permitida, lo caul provoca una inconsistencia de validaci\u00f3n en el cual PHP valida la ruta permitida pero asigna session.save_path a la ruta maliciosa."
}
],
"id": "CVE-2006-6383",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-12-10T20:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://cvs.php.net/viewcvs.cgi/php-src/ext/session/session.c?r1=1.336.2.53.2.7\u0026r2=1.336.2.53.2.8"
},
{
"source": "cve@mitre.org",
"url": "http://lists.suse.com/archive/suse-security-announce/2007-Mar/0003.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24022"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24514"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://securityreason.com/achievement_securityalert/43"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/2000"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:038"
},
{
"source": "cve@mitre.org",
"url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.010.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/453938/30/9270/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/21508"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://cvs.php.net/viewcvs.cgi/php-src/ext/session/session.c?r1=1.336.2.53.2.7\u0026r2=1.336.2.53.2.8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.suse.com/archive/suse-security-announce/2007-Mar/0003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24514"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://securityreason.com/achievement_securityalert/43"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/2000"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:038"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/453938/30/9270/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/21508"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "We do not consider these to be security issues. For more details see http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=169857#c1\nand http://www.php.net/security-note.php\n",
"lastModified": "2006-12-19T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-11-23 17:30
Modified
2025-04-09 00:30
Severity ?
Summary
The posix_mkfifo function in ext/posix/posix.c in PHP before 5.2.12 and 5.3.x before 5.3.1 allows context-dependent attackers to bypass open_basedir restrictions, and create FIFO files, via the pathname and mode arguments, as demonstrated by creating a .htaccess file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| php | php | 1.0 | |
| php | php | 2.0 | |
| php | php | 2.0b10 | |
| php | php | 3.0 | |
| php | php | 3.0.1 | |
| php | php | 3.0.2 | |
| php | php | 3.0.3 | |
| php | php | 3.0.4 | |
| php | php | 3.0.5 | |
| php | php | 3.0.6 | |
| php | php | 3.0.7 | |
| php | php | 3.0.8 | |
| php | php | 3.0.9 | |
| php | php | 3.0.10 | |
| php | php | 3.0.11 | |
| php | php | 3.0.12 | |
| php | php | 3.0.13 | |
| php | php | 3.0.14 | |
| php | php | 3.0.15 | |
| php | php | 3.0.16 | |
| php | php | 3.0.17 | |
| php | php | 3.0.18 | |
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0.0 | |
| php | php | 4.0.1 | |
| php | php | 4.0.2 | |
| php | php | 4.0.3 | |
| php | php | 4.0.4 | |
| php | php | 4.0.5 | |
| php | php | 4.0.6 | |
| php | php | 4.0.7 | |
| php | php | 4.1.0 | |
| php | php | 4.1.1 | |
| php | php | 4.1.2 | |
| php | php | 4.2.0 | |
| php | php | 4.2.1 | |
| php | php | 4.2.2 | |
| php | php | 4.2.3 | |
| php | php | 4.3.0 | |
| php | php | 4.3.1 | |
| php | php | 4.3.2 | |
| php | php | 4.3.7 | |
| php | php | 4.3.10 | |
| php | php | 4.3.11 | |
| php | php | 4.4.2 | |
| php | php | 4.4.7 | |
| php | php | 4.4.8 | |
| php | php | 4.4.9 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.3 | |
| php | php | 5.1.1 | |
| php | php | 5.2.1 | |
| php | php | 5.2.5 | |
| php | php | 5.2.6 | |
| php | php | 5.3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AFD586D6-585F-4259-B845-24D7057678F7",
"versionEndIncluding": "5.2.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "92647629-083F-4042-8365-4AD2EBC9C1BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FF72E8D5-9F8C-4BD4-9AA4-28E23CB48A47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:2.0b10:*:*:*:*:*:*:*",
"matchCriteriaId": "83BE1120-6370-4470-8586-6581EDF3FD69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "245C601D-0FE7-47E3-8304-6FF45E9567D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "691BB8BB-329A-4640-B758-7590C99B5E42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E2BC4CCE-2774-463E-82EA-36CD442D3A7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C478024C-2FCD-463F-A75E-E04660AA9DF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AC9C32F4-5102-4E9B-9F32-B24B65A5ED2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A5BD99C0-E875-496E-BE5E-A8DCBD414B5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1851ADE5-C70C-46E0-941A-6ADF7DB5C126",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "69DA3BA2-AF53-4C9D-93FA-0317841595B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0CFEE5-2274-4BBC-A24A-3A0D13F607FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "67B59D6A-7EDA-4C34-81D6-C2557C85D164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "AEBA40B6-8FDF-41AA-8166-F491FF7F3118",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E74E2B72-A428-4BB3-B6F8-0AF5E487A807",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "1E2F1D82-8E6A-4FBF-9055-A0F395DC17FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "945FF149-3446-4905-BCA1-C397E3497B58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "8E446DBD-FEFA-4D22-9C9D-51F61C01E414",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "3C8DE728-78E1-4F9F-BC56-CD9B10E61287",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "80E31CC6-9356-4BB7-9F49-320AAF341E1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB8AD3A-9181-459A-9AF2-B3FC6BAF6FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "4B3E7199-8FB7-4930-9C0A-A36A698940B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EDBEC461-D553-41B7-8D85-20B6A933C21C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta_4_patch1:*:*:*:*:*:*",
"matchCriteriaId": "AEEF2298-98E8-409F-9205-84817CEF947B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "6AFC00BA-D64D-4407-AC69-FDD9FF013943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "D80F2A8B-B57F-4970-867A-55E8187C1502",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "EF4E0EFE-4FF6-4E8F-8EC5-68B059FC0C42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "49965B80-DC27-4864-BDF0-CBBFF16BFD80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF57C14-86B6-419A-BAFF-93D01CB1E081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78BAA18C-E5A0-4210-B64B-709BBFF31EEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "13A159B4-B847-47DE-B7F8-89384E6C551B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "57B59616-A309-40B4-94B1-50A7BC00E35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0F39A1B1-416E-4436-8007-733B66904A14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DD5FC218-3DDB-4981-81C9-6C69F8DA6F4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2E5F96-66D2-4F99-A74D-6A2305EE218E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2D724D09-0D45-4701-93C9-348301217C8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6713614A-B14E-4A85-BF89-ED780068FC68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FD95F8EB-B428-4B3C-9254-A5DECE03A989",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "069EB7EE-06B9-454F-9007-8DE5DCA33C53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "18BF5BE6-09EA-45AD-93BF-2BEF1742534E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EC1460DF-1687-4314-BF1A-01290B20302D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "470380B0-3982-48FC-871B-C8B43C81900D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAA7712-10F0-4BB6-BAFB-D0806AFD9DE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "63190D9B-7958-4B93-87C6-E7D5A572F6DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7AB2E2E8-81D6-4973-AC0F-AA644EE99DD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4AAF4586-74FF-47C6-864B-656FDF3F33D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "72BD447A-4EED-482C-8F61-48FAD4FCF8BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C69CDE21-2FD4-4529-8F02-8709CF5E3D7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "221B9AC4-C63C-4386-B3BD-E4BC102C6124",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BB25CFBB-347C-479E-8853-F49DD6CBD7D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2E46E4B4-808C-4B47-81D9-EC2B02A5E57B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6FF30D7F-353B-4496-9A89-4EF2BB279E0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "DD97DF34-35AB-4979-96E2-B23DC8556A79",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7007E77F-60EF-44D8-9676-15B59DF1325F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "8FC144FA-8F84-44C0-B263-B639FEAD20FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9222821E-370F-4616-B787-CC22C2F4E7CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "16E43B88-1563-4EFD-9267-AE3E8C35D67A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "88358D1E-BE6F-4CE3-A522-83D1FA4739E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CCB6CDDD-70D3-4004-BCE0-8C4723076103",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A782CA26-9C38-40A8-92AE-D47B14D2FCE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9EF4B938-BB14-4C06-BEE9-10CA755C5DEF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The posix_mkfifo function in ext/posix/posix.c in PHP before 5.2.12 and 5.3.x before 5.3.1 allows context-dependent attackers to bypass open_basedir restrictions, and create FIFO files, via the pathname and mode arguments, as demonstrated by creating a .htaccess file."
},
{
"lang": "es",
"value": "La funci\u00f3n posix_mkfifo de ext/posix/posix.c de PHP v5.2.11 y anteriores, y v5.3.x anteriores a la v5.3.1, permite a atacantes dependiendo del contexto evitar las restricciones open_basedir, y crear ficheros FIFO, a trav\u00e9s de los argumentos \"pathname\" y \"mode\", como se ha demostrado creando un fichero .htaccess."
}
],
"evaluatorImpact": "Access Complexity selected medium according to the information from X-force link regarding enabling \"open_basedir\" option.\r\n\r\nhttp://xforce.iss.net/xforce/xfdb/53568\r\n\r\n\r\n",
"id": "CVE-2009-3558",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-11-23T17:30:00.530",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
},
{
"source": "secalert@redhat.com",
"url": "http://news.php.net/php.announce/79"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37412"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/37821"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "http://securityreason.com/securityalert/6600"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT4077"
},
{
"source": "secalert@redhat.com",
"url": "http://svn.php.net/viewvc/php/php-src/branches/PHP_5_2/ext/posix/posix.c?view=log"
},
{
"source": "secalert@redhat.com",
"url": "http://svn.php.net/viewvc/php/php-src/branches/PHP_5_3/ext/posix/posix.c?view=log"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://svn.php.net/viewvc?view=revision\u0026revision=288943"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:285"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:302"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:303"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2009/11/20/2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2009/11/20/3"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2009/11/20/5"
},
{
"source": "secalert@redhat.com",
"url": "http://www.php.net/ChangeLog-5.php"
},
{
"source": "secalert@redhat.com",
"url": "http://www.php.net/releases/5_2_12.php"
},
{
"source": "secalert@redhat.com",
"url": "http://www.php.net/releases/5_3_1.php"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2009/3593"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://news.php.net/php.announce/79"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37412"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/37821"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://securityreason.com/securityalert/6600"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT4077"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://svn.php.net/viewvc/php/php-src/branches/PHP_5_2/ext/posix/posix.c?view=log"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://svn.php.net/viewvc/php/php-src/branches/PHP_5_3/ext/posix/posix.c?view=log"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://svn.php.net/viewvc?view=revision\u0026revision=288943"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:285"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:302"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:303"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2009/11/20/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2009/11/20/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2009/11/20/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.php.net/ChangeLog-5.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.php.net/releases/5_2_12.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.php.net/releases/5_3_1.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2009/3593"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vendorComments": [
{
"comment": "We do not consider safe_mode / open_basedir restriction bypass issues being security sensitive. For more details see http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=169857#c1 and http://www.php.net/security-note.php",
"lastModified": "2009-11-24T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-06-09 18:59
Modified
2025-04-12 10:46
Severity ?
Summary
Multiple stack-based buffer overflows in the phar_set_inode function in phar_internal.h in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allow remote attackers to execute arbitrary code via a crafted length value in a (1) tar, (2) phar, or (3) ZIP archive.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D1A0EBC0-73C1-4640-90AD-4371D1C0D09F",
"versionEndIncluding": "10.6.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "06A4AE53-A477-4386-887C-4B7408575C23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C8A2286E-9D1C-4B56-8B40-150201B818AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0AF9BC68-7F0D-4DF9-9CD8-6CE9844555C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D35FAC77-A0DD-4AF9-AA9E-A4B170842D2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "831B1114-7CA7-43E3-9A15-592218060A1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.10.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E8B0A12E-E122-4189-A05E-4FEA43C19876",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84489B-B08C-4854-8A12-D01B6E45CF79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8CD4EF-DC90-40BB-A721-6EC087507906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*",
"matchCriteriaId": "CC7A498A-A669-4C42-8134-86103C799D13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*",
"matchCriteriaId": "104DA87B-DEE4-4262-AE50-8E6BC43B228B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0B1C288F-326B-497B-B26C-D26E01262DDB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1228E622-0524-4254-BA07-6EED39637EA4",
"versionEndIncluding": "5.4.39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9F6D9B19-E64D-4BED-9194-17460CE19E6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "3D25E591-448C-4E3B-8557-6E48F7571796",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "6DA18F3F-B4B5-40C3-BF19-67C1F0C1787D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha3:*:*:*:*:*:*",
"matchCriteriaId": "3AF783C9-26E7-4E02-BD41-77B9783667E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha4:*:*:*:*:*:*",
"matchCriteriaId": "EF49701D-ECE4-4CEB-BDAB-24C09C8AD4B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha5:*:*:*:*:*:*",
"matchCriteriaId": "7AEDF6F7-001D-4A35-A26F-417991AD377F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha6:*:*:*:*:*:*",
"matchCriteriaId": "4031DB99-B4B4-41EC-B3C1-543D92C575A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "D5450EA7-A398-49D2-AA8E-7C95B074BAB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "04FE0E4E-BC94-4DC9-BE9B-DC57B952B2FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "BB8E09D8-9CBE-4279-88B7-24A214A5A537",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "2D41ECCE-887D-49A2-9BB3-B559495AC55B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "79B418BC-27F4-4443-A0F7-FF4ADA568C1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "8EEBDF62-BA1B-4438-9AEA-8B56AA5713E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F644EA6C-50C6-4A1C-A4AC-287AA9477B46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4DD47F30-74F5-48E8-8657-C2373FE2BD22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0C09527B-6B47-41F8-BDE6-01C47E452286",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2E454D87-23CB-4D7F-90FE-942EE54D661F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1031E646-F2CF-4A3E-8E6A-5D4BC950BEDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "130E50C1-D209-4CFF-9399-69D561340FBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F29948-9417-460B-8B04-D91AE4E8B423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A37D00C1-4F41-4400-9CE4-8E8BAA3E4142",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "093D08B7-CC3C-4616-8697-F15B253A7D9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E9CD8FEE-DE7B-47CB-9985-4092BFA071D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "A30B2D9E-F289-43C9-BFBC-1CEF284A417E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*",
"matchCriteriaId": "FE41CFDF-8ECD-41C1-94A7-5AFD42C5DDEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*",
"matchCriteriaId": "6AEAC9BA-AF82-4345-839C-D339DCB962A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:*",
"matchCriteriaId": "1EFE682F-52E3-48EC-A993-F522FC29712F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.18:*:*:*:*:*:*:*",
"matchCriteriaId": "AC63A449-5D92-4F5F-8186-B58FFFBA54FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.19:*:*:*:*:*:*:*",
"matchCriteriaId": "F18236F6-2065-4A6A-93E7-FD90E650C689",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.20:*:*:*:*:*:*:*",
"matchCriteriaId": "DEFBA84A-A4E4-438B-B9B5-8549809DCECC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.21:*:*:*:*:*:*:*",
"matchCriteriaId": "146D3DC9-50F4-430B-B321-68ECE78879A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.22:*:*:*:*:*:*:*",
"matchCriteriaId": "1D5A7CA6-7653-46C5-8DF7-95584BF7A879",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.23:*:*:*:*:*:*:*",
"matchCriteriaId": "C5BA8300-2F4D-4C1E-8CCE-F45E8F3547A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "5BF4E8FF-A3EC-43E8-A0C1-FD38AFCB77B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "54ADECFC-3C07-43BC-B296-6C25AC7F1C95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*",
"matchCriteriaId": "FE192054-2FBB-4388-A52A-422E20DEA2D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*",
"matchCriteriaId": "F0195D48-3B42-4AC0-B9C5-436E01C63879",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*",
"matchCriteriaId": "BF0E5D67-ABC1-41A5-94E1-7DD3CDB51D81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "319E0573-B1AD-40B6-B4BC-8BE67ED3EFDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "1A7C00EB-87B7-4EB7-A4AC-8665D8C78467",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "21BFCF10-786A-4D1E-9C37-50A1EC6056F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "95A6D6C8-5F46-4897-A0B0-778631E8CE6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE18933A-5FE6-41C7-B1B6-DA3E762C3FB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9AE1289F-03A6-4621-B387-5F5ADAC4AE92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "383697F5-D29E-475A-84F3-46B54A928889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "786ED182-5D71-4197-9196-12AB5CF05F85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF90980D-74AD-44AA-A7C5-A0B294CCE4F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "48D6B69C-8F27-4F4C-B953-67A7F9C2FBA5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in the phar_set_inode function in phar_internal.h in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allow remote attackers to execute arbitrary code via a crafted length value in a (1) tar, (2) phar, or (3) ZIP archive."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de buffer basado en pila en la funci\u00f3n phar_set_inode en phar_internal.h en PHP anterior a 5.4.40, 5.5.x anterior a 5.5.24, y 5.6.x anterior a 5.6.8 permiten a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un valor de longitud manipulado en un archivo (1) tar, (2) phar, o (3) ZIP."
}
],
"id": "CVE-2015-3329",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-06-09T18:59:02.537",
"references": [
{
"source": "cve@mitre.org",
"url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=f59b67ae50064560d7bfcdb0d6a8ab284179053c"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00004.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1066.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1135.html"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1186.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1187.html"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1218.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2015/dsa-3280"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/74240"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1032145"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-2572-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
],
"url": "https://bugs.php.net/bug.php?id=69441"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201606-10"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/HT205267"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/kb/HT205031"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=f59b67ae50064560d7bfcdb0d6a8ab284179053c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1066.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1135.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1186.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1187.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1218.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3280"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/74240"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032145"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2572-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "https://bugs.php.net/bug.php?id=69441"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201606-10"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/HT205267"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/kb/HT205031"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-01-18 20:00
Modified
2025-04-11 00:51
Severity ?
Summary
The iconv_mime_decode_headers function in the Iconv extension in PHP before 5.3.4 does not properly handle encodings that are unrecognized by the iconv and mbstring (aka Multibyte String) implementations, which allows remote attackers to trigger an incomplete output array, and possibly bypass spam detection or have unspecified other impact, via a crafted Subject header in an e-mail message, as demonstrated by the ks_c_5601-1987 character set.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| php | php | 1.0 | |
| php | php | 2.0 | |
| php | php | 2.0b10 | |
| php | php | 3.0 | |
| php | php | 3.0.1 | |
| php | php | 3.0.2 | |
| php | php | 3.0.3 | |
| php | php | 3.0.4 | |
| php | php | 3.0.5 | |
| php | php | 3.0.6 | |
| php | php | 3.0.7 | |
| php | php | 3.0.8 | |
| php | php | 3.0.9 | |
| php | php | 3.0.10 | |
| php | php | 3.0.11 | |
| php | php | 3.0.12 | |
| php | php | 3.0.13 | |
| php | php | 3.0.14 | |
| php | php | 3.0.15 | |
| php | php | 3.0.16 | |
| php | php | 3.0.17 | |
| php | php | 3.0.18 | |
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0.0 | |
| php | php | 4.0.1 | |
| php | php | 4.0.2 | |
| php | php | 4.0.3 | |
| php | php | 4.0.4 | |
| php | php | 4.0.5 | |
| php | php | 4.0.6 | |
| php | php | 4.0.7 | |
| php | php | 4.1.0 | |
| php | php | 4.1.1 | |
| php | php | 4.1.2 | |
| php | php | 4.2.0 | |
| php | php | 4.2.1 | |
| php | php | 4.2.2 | |
| php | php | 4.2.3 | |
| php | php | 4.3.0 | |
| php | php | 4.3.1 | |
| php | php | 4.3.2 | |
| php | php | 4.3.3 | |
| php | php | 4.3.4 | |
| php | php | 4.3.5 | |
| php | php | 4.3.6 | |
| php | php | 4.3.7 | |
| php | php | 4.3.8 | |
| php | php | 4.3.9 | |
| php | php | 4.3.10 | |
| php | php | 4.3.11 | |
| php | php | 4.4.0 | |
| php | php | 4.4.1 | |
| php | php | 4.4.2 | |
| php | php | 4.4.3 | |
| php | php | 4.4.4 | |
| php | php | 4.4.5 | |
| php | php | 4.4.6 | |
| php | php | 4.4.7 | |
| php | php | 4.4.8 | |
| php | php | 4.4.9 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.1 | |
| php | php | 5.0.2 | |
| php | php | 5.0.3 | |
| php | php | 5.0.4 | |
| php | php | 5.0.5 | |
| php | php | 5.1.0 | |
| php | php | 5.1.1 | |
| php | php | 5.1.2 | |
| php | php | 5.1.3 | |
| php | php | 5.1.4 | |
| php | php | 5.1.5 | |
| php | php | 5.1.6 | |
| php | php | 5.2.0 | |
| php | php | 5.2.1 | |
| php | php | 5.2.2 | |
| php | php | 5.2.3 | |
| php | php | 5.2.4 | |
| php | php | 5.2.4 | |
| php | php | 5.2.5 | |
| php | php | 5.2.6 | |
| php | php | 5.2.7 | |
| php | php | 5.2.8 | |
| php | php | 5.2.9 | |
| php | php | 5.2.10 | |
| php | php | 5.2.11 | |
| php | php | 5.2.12 | |
| php | php | 5.2.13 | |
| php | php | 5.2.14 | |
| php | php | 5.2.15 | |
| php | php | 5.2.16 | |
| php | php | 5.2.17 | |
| php | php | 5.3.0 | |
| php | php | 5.3.1 | |
| php | php | 5.3.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8DBECF81-14F2-419F-9910-C86CA83328EB",
"versionEndIncluding": "5.3.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "92647629-083F-4042-8365-4AD2EBC9C1BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FF72E8D5-9F8C-4BD4-9AA4-28E23CB48A47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:2.0b10:*:*:*:*:*:*:*",
"matchCriteriaId": "83BE1120-6370-4470-8586-6581EDF3FD69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "245C601D-0FE7-47E3-8304-6FF45E9567D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "691BB8BB-329A-4640-B758-7590C99B5E42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E2BC4CCE-2774-463E-82EA-36CD442D3A7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C478024C-2FCD-463F-A75E-E04660AA9DF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AC9C32F4-5102-4E9B-9F32-B24B65A5ED2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A5BD99C0-E875-496E-BE5E-A8DCBD414B5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1851ADE5-C70C-46E0-941A-6ADF7DB5C126",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "69DA3BA2-AF53-4C9D-93FA-0317841595B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0CFEE5-2274-4BBC-A24A-3A0D13F607FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "67B59D6A-7EDA-4C34-81D6-C2557C85D164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "AEBA40B6-8FDF-41AA-8166-F491FF7F3118",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E74E2B72-A428-4BB3-B6F8-0AF5E487A807",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "1E2F1D82-8E6A-4FBF-9055-A0F395DC17FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "945FF149-3446-4905-BCA1-C397E3497B58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "8E446DBD-FEFA-4D22-9C9D-51F61C01E414",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "3C8DE728-78E1-4F9F-BC56-CD9B10E61287",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "80E31CC6-9356-4BB7-9F49-320AAF341E1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB8AD3A-9181-459A-9AF2-B3FC6BAF6FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "4B3E7199-8FB7-4930-9C0A-A36A698940B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EDBEC461-D553-41B7-8D85-20B6A933C21C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta_4_patch1:*:*:*:*:*:*",
"matchCriteriaId": "AEEF2298-98E8-409F-9205-84817CEF947B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "6AFC00BA-D64D-4407-AC69-FDD9FF013943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "D80F2A8B-B57F-4970-867A-55E8187C1502",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "EF4E0EFE-4FF6-4E8F-8EC5-68B059FC0C42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "49965B80-DC27-4864-BDF0-CBBFF16BFD80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF57C14-86B6-419A-BAFF-93D01CB1E081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78BAA18C-E5A0-4210-B64B-709BBFF31EEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "13A159B4-B847-47DE-B7F8-89384E6C551B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "57B59616-A309-40B4-94B1-50A7BC00E35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0F39A1B1-416E-4436-8007-733B66904A14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DD5FC218-3DDB-4981-81C9-6C69F8DA6F4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2E5F96-66D2-4F99-A74D-6A2305EE218E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2D724D09-0D45-4701-93C9-348301217C8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6713614A-B14E-4A85-BF89-ED780068FC68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FD95F8EB-B428-4B3C-9254-A5DECE03A989",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "069EB7EE-06B9-454F-9007-8DE5DCA33C53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "18BF5BE6-09EA-45AD-93BF-2BEF1742534E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EC1460DF-1687-4314-BF1A-01290B20302D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "470380B0-3982-48FC-871B-C8B43C81900D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAA7712-10F0-4BB6-BAFB-D0806AFD9DE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "63190D9B-7958-4B93-87C6-E7D5A572F6DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7AB2E2E8-81D6-4973-AC0F-AA644EE99DD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4AAF4586-74FF-47C6-864B-656FDF3F33D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B14EF0C7-61F2-47A4-B7F8-43FF03C62DCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5245F990-B4A7-4ED8-909D-B8137CE79FAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5652D5B0-68E4-4239-B9B7-599AFCF4C53E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "57B71BB7-5239-4860-9100-8CABC3992D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "72BD447A-4EED-482C-8F61-48FAD4FCF8BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B3F9DF9D-15E5-4387-ABE3-A7583331A928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "11579E5C-D7CF-46EE-B015-5F4185C174E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C69CDE21-2FD4-4529-8F02-8709CF5E3D7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "221B9AC4-C63C-4386-B3BD-E4BC102C6124",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "78B7BA75-2A32-4A8E-ADF8-BCB4FC48CB5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2BEA491B-77FD-4760-8F6F-3EBC6BD810D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BB25CFBB-347C-479E-8853-F49DD6CBD7D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4D2937B3-D034-400E-84F5-33833CE3764D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "71AEE8B4-FCF8-483B-8D4C-2E80A02E925E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4C2AF1D9-33B6-4B2C-9269-426B6B720164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "84B70263-37AA-4539-A286-12038A3792C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2E46E4B4-808C-4B47-81D9-EC2B02A5E57B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6FF30D7F-353B-4496-9A89-4EF2BB279E0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "DD97DF34-35AB-4979-96E2-B23DC8556A79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7007E77F-60EF-44D8-9676-15B59DF1325F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "E727CECE-E452-489A-A42F-5A069D6AF80E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "149A1FB8-593E-412B-8E1C-3E560301D500",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "5D6E8982-D7AE-4A52-8F7C-A4D59D2A2CA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "8FC144FA-8F84-44C0-B263-B639FEAD20FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "295907B4-C3DE-4021-BE3B-A8826D4379E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "DBC98F82-6E1D-4A89-8ED4-ECD9BD954EB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "B881352D-954E-4FC0-9E42-93D02A3F3089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "17437AED-816A-4CCF-96DE-8C3D0CC8DB2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "74E7AE59-1CB0-4300-BBE0-109F909789EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9222821E-370F-4616-B787-CC22C2F4E7CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9809449F-9A76-4318-B233-B4C2950A6EA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0AA962D4-A4EC-4DC3-B8A9-D10941B92781",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8CDFEF9-C367-4800-8A2F-375C261FAE55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "16E43B88-1563-4EFD-9267-AE3E8C35D67A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "11E5715F-A8BC-49EF-836B-BB78E1BC0790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5FA68843-158E-463E-B68A-1ACF041C4E10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1874F637-77E2-4C4A-BF92-AEE96A60BFB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9592B32E-55CD-42D0-901E-8319823BC820",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A9BF34B5-F74C-4D56-9841-42452D60CB87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD02D837-FD28-4E0F-93F8-25E8D1C84A99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "88358D1E-BE6F-4CE3-A522-83D1FA4739E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D8B97B03-7DA7-4A5F-89B4-E78CAB20DE17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "86767200-6C9C-4C3E-B111-0E5BE61E197B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B00B416D-FF23-4C76-8751-26D305F0FA0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.4:*:windows:*:*:*:*:*",
"matchCriteriaId": "F526115E-A68E-4B10-AA6A-9CD26CB81AF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CCB6CDDD-70D3-4004-BCE0-8C4723076103",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A782CA26-9C38-40A8-92AE-D47B14D2FCE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1C0E7E2A-4770-4B68-B74C-5F5A6E1876DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "0892C89E-9389-4452-B7E0-981A763CD426",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "635F3CB1-B042-43CC-91AB-746098018D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E1F32DDF-17A3-45B5-9227-833EBEBD3923",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "2CDFB7E9-8510-430F-BFBC-FD811D60DC78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "79D5336A-14AA-483E-9CBE-A7B53120B925",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "3AADA875-E0EA-483A-A07E-2914FE969972",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.14:*:*:*:*:*:*:*",
"matchCriteriaId": "95D48A71-B84E-4B6C-9603-B3373052E568",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "CAAB7D55-F155-43F9-A563-F2E35CFFEF26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.16:*:*:*:*:*:*:*",
"matchCriteriaId": "72243A3F-6BFD-472B-9EA4-82BE4253ED27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "E415CC22-09CA-47D2-9F1A-0BCA8960835B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9EF4B938-BB14-4C06-BEE9-10CA755C5DEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "981C922C-7A7D-473E-8C43-03AB62FB5B8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5D0CD11A-09C2-4C60-8F0C-68E55BD6EE63",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The iconv_mime_decode_headers function in the Iconv extension in PHP before 5.3.4 does not properly handle encodings that are unrecognized by the iconv and mbstring (aka Multibyte String) implementations, which allows remote attackers to trigger an incomplete output array, and possibly bypass spam detection or have unspecified other impact, via a crafted Subject header in an e-mail message, as demonstrated by the ks_c_5601-1987 character set."
},
{
"lang": "es",
"value": "La funci\u00f3n iconv_mime_decode_headers en la extensi\u00f3n Iconv para PHP anterior a v5.3.4 no controla adecuadamente las codificaciones que no son reconocidas por las implementaciones iconv y mbstring (tambi\u00e9n conocido como cadena multibyte), lo que permite a atacantes remotos provocar una matriz de salida incompleta, y posiblemente evitar la detecci\u00f3n de spam o tener un impacto no especificado, a trav\u00e9s de una cabecera \"Asunto\" manipulada en un mensaje de correo electr\u00f3nico, como lo demuestra el conjunto de caracteres ks_c_5601-1987."
}
],
"id": "CVE-2010-4699",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-01-18T20:00:10.783",
"references": [
{
"source": "cve@mitre.org",
"url": "http://bugs.php.net/52941"
},
{
"source": "cve@mitre.org",
"url": "http://coding.derkeiler.com/Archive/PHP/php.general/2007-04/msg00605.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.php.net/ChangeLog-5.php"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64963"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12393"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.php.net/52941"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://coding.derkeiler.com/Archive/PHP/php.general/2007-04/msg00605.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.php.net/ChangeLog-5.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64963"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12393"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-03-30 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Integer overflow in the _zip_cdir_new function in zip_dirent.c in libzip 0.11.2 and earlier, as used in the ZIP extension in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a ZIP archive that contains many entries, leading to a heap-based buffer overflow.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nih | libzip | * | |
| php | php | * | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.1 | |
| php | php | 5.5.2 | |
| php | php | 5.5.3 | |
| php | php | 5.5.4 | |
| php | php | 5.5.5 | |
| php | php | 5.5.6 | |
| php | php | 5.5.7 | |
| php | php | 5.5.8 | |
| php | php | 5.5.9 | |
| php | php | 5.5.10 | |
| php | php | 5.5.11 | |
| php | php | 5.5.12 | |
| php | php | 5.5.13 | |
| php | php | 5.5.14 | |
| php | php | 5.5.15 | |
| php | php | 5.5.16 | |
| php | php | 5.5.17 | |
| php | php | 5.5.18 | |
| php | php | 5.5.19 | |
| php | php | 5.5.20 | |
| php | php | 5.5.21 | |
| php | php | 5.5.22 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.1 | |
| php | php | 5.6.2 | |
| php | php | 5.6.3 | |
| php | php | 5.6.4 | |
| php | php | 5.6.5 | |
| php | php | 5.6.6 | |
| debian | debian_linux | 7.0 | |
| fedoraproject | fedora | 22 | |
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:nih:libzip:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EFB30367-339D-48DB-98FA-92C4834F878A",
"versionEndIncluding": "0.11.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6773B830-647B-4DCA-ABAF-BCF414C4F07C",
"versionEndIncluding": "5.4.38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9F6D9B19-E64D-4BED-9194-17460CE19E6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "3D25E591-448C-4E3B-8557-6E48F7571796",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "6DA18F3F-B4B5-40C3-BF19-67C1F0C1787D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha3:*:*:*:*:*:*",
"matchCriteriaId": "3AF783C9-26E7-4E02-BD41-77B9783667E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha4:*:*:*:*:*:*",
"matchCriteriaId": "EF49701D-ECE4-4CEB-BDAB-24C09C8AD4B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha5:*:*:*:*:*:*",
"matchCriteriaId": "7AEDF6F7-001D-4A35-A26F-417991AD377F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha6:*:*:*:*:*:*",
"matchCriteriaId": "4031DB99-B4B4-41EC-B3C1-543D92C575A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "D5450EA7-A398-49D2-AA8E-7C95B074BAB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "04FE0E4E-BC94-4DC9-BE9B-DC57B952B2FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "BB8E09D8-9CBE-4279-88B7-24A214A5A537",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "2D41ECCE-887D-49A2-9BB3-B559495AC55B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "79B418BC-27F4-4443-A0F7-FF4ADA568C1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "8EEBDF62-BA1B-4438-9AEA-8B56AA5713E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F644EA6C-50C6-4A1C-A4AC-287AA9477B46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4DD47F30-74F5-48E8-8657-C2373FE2BD22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0C09527B-6B47-41F8-BDE6-01C47E452286",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2E454D87-23CB-4D7F-90FE-942EE54D661F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1031E646-F2CF-4A3E-8E6A-5D4BC950BEDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "130E50C1-D209-4CFF-9399-69D561340FBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F29948-9417-460B-8B04-D91AE4E8B423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A37D00C1-4F41-4400-9CE4-8E8BAA3E4142",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "093D08B7-CC3C-4616-8697-F15B253A7D9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E9CD8FEE-DE7B-47CB-9985-4092BFA071D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "A30B2D9E-F289-43C9-BFBC-1CEF284A417E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*",
"matchCriteriaId": "FE41CFDF-8ECD-41C1-94A7-5AFD42C5DDEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*",
"matchCriteriaId": "6AEAC9BA-AF82-4345-839C-D339DCB962A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:*",
"matchCriteriaId": "1EFE682F-52E3-48EC-A993-F522FC29712F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.15:*:*:*:*:*:*:*",
"matchCriteriaId": "840EE3AC-5293-4F33-9E2C-96A0A2534B02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.16:*:*:*:*:*:*:*",
"matchCriteriaId": "1C0FC407-96DB-425E-BB57-7A5BA839C37F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.17:*:*:*:*:*:*:*",
"matchCriteriaId": "D3839C81-3DAB-4E1D-9D95-BEFFD491F43D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.18:*:*:*:*:*:*:*",
"matchCriteriaId": "AC63A449-5D92-4F5F-8186-B58FFFBA54FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.19:*:*:*:*:*:*:*",
"matchCriteriaId": "F18236F6-2065-4A6A-93E7-FD90E650C689",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.20:*:*:*:*:*:*:*",
"matchCriteriaId": "DEFBA84A-A4E4-438B-B9B5-8549809DCECC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.21:*:*:*:*:*:*:*",
"matchCriteriaId": "146D3DC9-50F4-430B-B321-68ECE78879A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.22:*:*:*:*:*:*:*",
"matchCriteriaId": "1D5A7CA6-7653-46C5-8DF7-95584BF7A879",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "5BF4E8FF-A3EC-43E8-A0C1-FD38AFCB77B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "54ADECFC-3C07-43BC-B296-6C25AC7F1C95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*",
"matchCriteriaId": "FE192054-2FBB-4388-A52A-422E20DEA2D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*",
"matchCriteriaId": "F0195D48-3B42-4AC0-B9C5-436E01C63879",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*",
"matchCriteriaId": "BF0E5D67-ABC1-41A5-94E1-7DD3CDB51D81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "319E0573-B1AD-40B6-B4BC-8BE67ED3EFDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "1A7C00EB-87B7-4EB7-A4AC-8665D8C78467",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "21BFCF10-786A-4D1E-9C37-50A1EC6056F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "95A6D6C8-5F46-4897-A0B0-778631E8CE6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F1F13E2D-A8F7-4B74-8D03-7905C81672C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE18933A-5FE6-41C7-B1B6-DA3E762C3FB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9AE1289F-03A6-4621-B387-5F5ADAC4AE92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "383697F5-D29E-475A-84F3-46B54A928889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "786ED182-5D71-4197-9196-12AB5CF05F85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF90980D-74AD-44AA-A7C5-A0B294CCE4F8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*",
"matchCriteriaId": "253C303A-E577-4488-93E6-68A8DD942C38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the _zip_cdir_new function in zip_dirent.c in libzip 0.11.2 and earlier, as used in the ZIP extension in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a ZIP archive that contains many entries, leading to a heap-based buffer overflow."
},
{
"lang": "es",
"value": "Desbordamiento de enteros en la funci\u00f3n _zip_cdir_new en zip_dirent.c en libzip 0.11.2 y anteriores, utilizado en la extensi\u00f3n ZIP en PHP anterior a 5.4.39, 5.5.x anterior a 5.5.23, y 5.6.x anterior a 5.6.7 y otros productos, permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de un archivo ZIP que contiene muchas entradas, posteriormente conduciendo a un desbordamiento de buffer basado en memoria din\u00e1mica."
}
],
"id": "CVE-2015-2331",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-03-30T10:59:12.727",
"references": [
{
"source": "cve@mitre.org",
"url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=ef8fc4b53d92fbfcd8ef1abbd6f2f5fe2c4a11e5"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://hg.nih.at/libzip/rev/9f11d54f692e"
},
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154266.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154276.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154666.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155299.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155622.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153983.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00083.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00002.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=143403519711434\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=143403519711434\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=143748090628601\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=144050155601375\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2015/dsa-3198"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:079"
},
{
"source": "cve@mitre.org",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1031985"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "https://bugs.php.net/bug.php?id=69253"
},
{
"source": "cve@mitre.org",
"url": "https://support.apple.com/HT205267"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=ef8fc4b53d92fbfcd8ef1abbd6f2f5fe2c4a11e5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://hg.nih.at/libzip/rev/9f11d54f692e"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154266.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154276.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154666.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155299.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155622.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153983.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00083.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=143403519711434\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=143403519711434\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=143748090628601\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=144050155601375\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3198"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:079"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1031985"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://bugs.php.net/bug.php?id=69253"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.apple.com/HT205267"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-03-31 16:59
Modified
2025-04-12 10:46
Severity ?
Summary
The phar_parse_zipfile function in zip.c in the PHAR extension in PHP before 5.5.33 and 5.6.x before 5.6.19 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read and application crash) by placing a PK\x05\x06 signature at an invalid location.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| php | php | 5.6.0 | |
| php | php | 5.6.1 | |
| php | php | 5.6.2 | |
| php | php | 5.6.3 | |
| php | php | 5.6.4 | |
| php | php | 5.6.5 | |
| php | php | 5.6.6 | |
| php | php | 5.6.7 | |
| php | php | 5.6.8 | |
| php | php | 5.6.9 | |
| php | php | 5.6.10 | |
| php | php | 5.6.11 | |
| php | php | 5.6.12 | |
| php | php | 5.6.13 | |
| php | php | 5.6.14 | |
| php | php | 5.6.15 | |
| php | php | 5.6.16 | |
| php | php | 5.6.17 | |
| php | php | 5.6.18 | |
| apple | mac_os_x | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BA2CD05C-85C1-41EA-87B3-5DF382481EDB",
"versionEndIncluding": "5.5.32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CE65D0D4-CB56-4946-AB44-2EF554602A96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F1F13E2D-A8F7-4B74-8D03-7905C81672C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE18933A-5FE6-41C7-B1B6-DA3E762C3FB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9AE1289F-03A6-4621-B387-5F5ADAC4AE92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "383697F5-D29E-475A-84F3-46B54A928889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "786ED182-5D71-4197-9196-12AB5CF05F85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF90980D-74AD-44AA-A7C5-A0B294CCE4F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "48D6B69C-8F27-4F4C-B953-67A7F9C2FBA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B53DC0C3-EA19-4465-B65A-BC7CDB10D8BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "BEA4DFC1-6C0C-42FB-9F47-E3E1AA9E47E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "D904E21A-4B3B-4D96-850C-0C0315F14E6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.11:*:*:*:*:*:*:*",
"matchCriteriaId": "C7CEF6D7-8966-45E7-BEBB-12055F5898C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.12:*:*:*:*:*:*:*",
"matchCriteriaId": "171C1035-414C-4F3A-90F4-1A8ED26E3346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.13:*:*:*:*:*:*:*",
"matchCriteriaId": "725BBA4E-B3BA-4AFA-A284-E0CDE3EC8FB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.14:*:*:*:*:*:*:*",
"matchCriteriaId": "F7793408-66A2-4DE7-B5AA-E49E8A2EE043",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.15:*:*:*:*:*:*:*",
"matchCriteriaId": "95840EC0-512D-468D-99B0-17E8CFDD6BE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.16:*:*:*:*:*:*:*",
"matchCriteriaId": "E1078D15-8073-4C04-82C2-3C8111E18B6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.17:*:*:*:*:*:*:*",
"matchCriteriaId": "1B2E5E0C-8DD7-4CF8-A7E7-28ED0FD8B0C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.18:*:*:*:*:*:*:*",
"matchCriteriaId": "3E6EE9E4-9D6E-4CCC-B116-6020DA6884BE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "40347FFA-6649-4B77-A252-728945507D43",
"versionEndIncluding": "10.11.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The phar_parse_zipfile function in zip.c in the PHAR extension in PHP before 5.5.33 and 5.6.x before 5.6.19 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read and application crash) by placing a PK\\x05\\x06 signature at an invalid location."
},
{
"lang": "es",
"value": "La funci\u00f3n phar_parse_zipfile en zip.c en la extensi\u00f3n PHAR en PHP en versiones anteriores a 5.5.33 y 5.6.x en versiones anteriores a 5.6.19 permite a atacantes remotos obtener informaci\u00f3n sensible de la memoria de proceso o causar una denegaci\u00f3n de servicio (lectura fuera de rango y c\u00e1ida de aplicaci\u00f3n) colocando una firma PK\\x05\\x06 en una localizaci\u00f3n no v\u00e1lida."
}
],
"id": "CVE-2016-3142",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-03-31T16:59:01.210",
"references": [
{
"source": "security@opentext.com",
"url": "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html"
},
{
"source": "security@opentext.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00052.html"
},
{
"source": "security@opentext.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00056.html"
},
{
"source": "security@opentext.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00057.html"
},
{
"source": "security@opentext.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00058.html"
},
{
"source": "security@opentext.com",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html"
},
{
"source": "security@opentext.com",
"url": "http://www.securitytracker.com/id/1035255"
},
{
"source": "security@opentext.com",
"url": "http://www.ubuntu.com/usn/USN-2952-1"
},
{
"source": "security@opentext.com",
"url": "http://www.ubuntu.com/usn/USN-2952-2"
},
{
"source": "security@opentext.com",
"url": "https://bugs.php.net/bug.php?id=71498"
},
{
"source": "security@opentext.com",
"url": "https://git.php.net/?p=php-src.git%3Ba=commit%3Bh=a6fdc5bb27b20d889de0cd29318b3968aabb57bd"
},
{
"source": "security@opentext.com",
"url": "https://php.net/ChangeLog-5.php"
},
{
"source": "security@opentext.com",
"url": "https://support.apple.com/HT206567"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00052.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00056.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00057.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00058.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035255"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2952-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2952-2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugs.php.net/bug.php?id=71498"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://git.php.net/?p=php-src.git%3Ba=commit%3Bh=a6fdc5bb27b20d889de0cd29318b3968aabb57bd"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://php.net/ChangeLog-5.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.apple.com/HT206567"
}
],
"sourceIdentifier": "security@opentext.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-08-19 05:24
Modified
2025-04-09 00:30
Severity ?
Summary
PHP 5.2.5 does not enforce (a) open_basedir and (b) safe_mode_exec_dir restrictions for certain functions, which might allow local users to bypass intended access restrictions and call programs outside of the intended directory via the (1) exec, (2) system, (3) shell_exec, (4) passthru, or (5) popen functions, possibly involving pathnames such as "C:" drive notation.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CCB6CDDD-70D3-4004-BCE0-8C4723076103",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PHP 5.2.5 does not enforce (a) open_basedir and (b) safe_mode_exec_dir restrictions for certain functions, which might allow local users to bypass intended access restrictions and call programs outside of the intended directory via the (1) exec, (2) system, (3) shell_exec, (4) passthru, or (5) popen functions, possibly involving pathnames such as \"C:\" drive notation."
},
{
"lang": "es",
"value": "PHP v.5.2.5 no respeta las restricciones de ciertas funciones(a) open_basedir y(b) safe_mode_exec_dir, que pueden permitir a usuarios locales saltarse las restricciones de acceso previstas y las llamadas a programas externas del directorio previsto a trav\u00e9s de las funciones (1) exec, (2) system, (3) shell_exec, (4) passthru, o(5) popen , probablemente relacionados con nombres de ruta como \"C:\" notaci\u00f3n unidad."
}
],
"id": "CVE-2008-7002",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-08-19T05:24:52.907",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://downloads.securityfocus.com/vulnerabilities/exploits/31064.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/31064"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://downloads.securityfocus.com/vulnerabilities/exploits/31064.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/31064"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "This is not a security issue. For further details, see: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-7002#c7",
"lastModified": "2009-09-02T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-02-13 23:28
Modified
2025-04-09 00:30
Severity ?
Summary
PHP before 5.2.1 allows attackers to bypass safe_mode and open_basedir restrictions via unspecified vectors in the session extension. NOTE: it is possible that this issue is a duplicate of CVE-2006-6383.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | 3.0 | |
| php | php | 3.0.1 | |
| php | php | 3.0.2 | |
| php | php | 3.0.3 | |
| php | php | 3.0.4 | |
| php | php | 3.0.5 | |
| php | php | 3.0.6 | |
| php | php | 3.0.7 | |
| php | php | 3.0.8 | |
| php | php | 3.0.9 | |
| php | php | 3.0.10 | |
| php | php | 3.0.11 | |
| php | php | 3.0.12 | |
| php | php | 3.0.13 | |
| php | php | 3.0.14 | |
| php | php | 3.0.15 | |
| php | php | 3.0.16 | |
| php | php | 3.0.17 | |
| php | php | 3.0.18 | |
| php | php | 4.0 | |
| php | php | 4.0.1 | |
| php | php | 4.0.1 | |
| php | php | 4.0.1 | |
| php | php | 4.0.2 | |
| php | php | 4.0.3 | |
| php | php | 4.0.3 | |
| php | php | 4.0.4 | |
| php | php | 4.0.5 | |
| php | php | 4.0.6 | |
| php | php | 4.0.7 | |
| php | php | 4.0.7 | |
| php | php | 4.0.7 | |
| php | php | 4.0.7 | |
| php | php | 4.1.0 | |
| php | php | 4.1.1 | |
| php | php | 4.1.2 | |
| php | php | 4.2 | |
| php | php | 4.2.0 | |
| php | php | 4.2.1 | |
| php | php | 4.2.2 | |
| php | php | 4.2.3 | |
| php | php | 4.3.0 | |
| php | php | 4.3.1 | |
| php | php | 4.3.2 | |
| php | php | 4.3.3 | |
| php | php | 4.3.4 | |
| php | php | 4.3.5 | |
| php | php | 4.3.6 | |
| php | php | 4.3.7 | |
| php | php | 4.3.8 | |
| php | php | 4.3.9 | |
| php | php | 4.3.10 | |
| php | php | 4.3.11 | |
| php | php | 4.4.0 | |
| php | php | 4.4.1 | |
| php | php | 4.4.2 | |
| php | php | 4.4.3 | |
| php | php | 4.4.4 | |
| php | php | 5.0 | |
| php | php | 5.0 | |
| php | php | 5.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.1 | |
| php | php | 5.0.2 | |
| php | php | 5.0.3 | |
| php | php | 5.0.4 | |
| php | php | 5.0.5 | |
| php | php | 5.1.0 | |
| php | php | 5.1.1 | |
| php | php | 5.1.2 | |
| php | php | 5.1.3 | |
| php | php | 5.1.4 | |
| php | php | 5.1.5 | |
| php | php | 5.1.6 | |
| php | php | 5.2.0 | |
| trustix | secure_linux | 2.2 | |
| trustix | secure_linux | 3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "245C601D-0FE7-47E3-8304-6FF45E9567D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "691BB8BB-329A-4640-B758-7590C99B5E42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E2BC4CCE-2774-463E-82EA-36CD442D3A7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C478024C-2FCD-463F-A75E-E04660AA9DF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AC9C32F4-5102-4E9B-9F32-B24B65A5ED2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A5BD99C0-E875-496E-BE5E-A8DCBD414B5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1851ADE5-C70C-46E0-941A-6ADF7DB5C126",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "69DA3BA2-AF53-4C9D-93FA-0317841595B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0CFEE5-2274-4BBC-A24A-3A0D13F607FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "67B59D6A-7EDA-4C34-81D6-C2557C85D164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "AEBA40B6-8FDF-41AA-8166-F491FF7F3118",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E74E2B72-A428-4BB3-B6F8-0AF5E487A807",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "1E2F1D82-8E6A-4FBF-9055-A0F395DC17FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "945FF149-3446-4905-BCA1-C397E3497B58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "8E446DBD-FEFA-4D22-9C9D-51F61C01E414",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "3C8DE728-78E1-4F9F-BC56-CD9B10E61287",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "80E31CC6-9356-4BB7-9F49-320AAF341E1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB8AD3A-9181-459A-9AF2-B3FC6BAF6FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "4B3E7199-8FB7-4930-9C0A-A36A698940B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EDBEC461-D553-41B7-8D85-20B6A933C21C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78BAA18C-E5A0-4210-B64B-709BBFF31EEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.1:patch1:*:*:*:*:*:*",
"matchCriteriaId": "419867C6-37BE-43B4-BFE0-6325FEE3807D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.1:patch2:*:*:*:*:*:*",
"matchCriteriaId": "37896E87-95C2-4039-8362-BC03B1C56706",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "13A159B4-B847-47DE-B7F8-89384E6C551B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "57B59616-A309-40B4-94B1-50A7BC00E35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.3:patch1:*:*:*:*:*:*",
"matchCriteriaId": "8667FBC6-04B6-40E5-93B3-6C22BEED4B26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0F39A1B1-416E-4436-8007-733B66904A14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DD5FC218-3DDB-4981-81C9-6C69F8DA6F4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2E5F96-66D2-4F99-A74D-6A2305EE218E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2D724D09-0D45-4701-93C9-348301217C8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:rc1:*:*:*:*:*:*",
"matchCriteriaId": "FC6A6F47-5C7C-4F82-B23B-9C959C69B27F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:rc2:*:*:*:*:*:*",
"matchCriteriaId": "AE1A4DA6-6181-43A8-B0D8-5A016C3E75FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:rc3:*:*:*:*:*:*",
"matchCriteriaId": "6E36203C-1392-49BB-AE7E-49626963D673",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6713614A-B14E-4A85-BF89-ED780068FC68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FD95F8EB-B428-4B3C-9254-A5DECE03A989",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "069EB7EE-06B9-454F-9007-8DE5DCA33C53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2:*:dev:*:*:*:*:*",
"matchCriteriaId": "BBA861A2-F0CD-4DBB-B43A-4970EB114DA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "18BF5BE6-09EA-45AD-93BF-2BEF1742534E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EC1460DF-1687-4314-BF1A-01290B20302D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "470380B0-3982-48FC-871B-C8B43C81900D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAA7712-10F0-4BB6-BAFB-D0806AFD9DE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "63190D9B-7958-4B93-87C6-E7D5A572F6DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7AB2E2E8-81D6-4973-AC0F-AA644EE99DD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4AAF4586-74FF-47C6-864B-656FDF3F33D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B14EF0C7-61F2-47A4-B7F8-43FF03C62DCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5245F990-B4A7-4ED8-909D-B8137CE79FAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5652D5B0-68E4-4239-B9B7-599AFCF4C53E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "57B71BB7-5239-4860-9100-8CABC3992D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "72BD447A-4EED-482C-8F61-48FAD4FCF8BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B3F9DF9D-15E5-4387-ABE3-A7583331A928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "11579E5C-D7CF-46EE-B015-5F4185C174E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C69CDE21-2FD4-4529-8F02-8709CF5E3D7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "221B9AC4-C63C-4386-B3BD-E4BC102C6124",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "78B7BA75-2A32-4A8E-ADF8-BCB4FC48CB5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2BEA491B-77FD-4760-8F6F-3EBC6BD810D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BB25CFBB-347C-479E-8853-F49DD6CBD7D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4D2937B3-D034-400E-84F5-33833CE3764D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "71AEE8B4-FCF8-483B-8D4C-2E80A02E925E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0F9D7662-A5B6-41D0-B6A1-E5ABC5ABA47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "E3797AB5-9E49-4251-A212-B6E5D9996764",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "D61D9CE9-F7A3-4F52-9D4E-B2473804ECB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7007E77F-60EF-44D8-9676-15B59DF1325F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "17437AED-816A-4CCF-96DE-8C3D0CC8DB2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "74E7AE59-1CB0-4300-BBE0-109F909789EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9222821E-370F-4616-B787-CC22C2F4E7CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9809449F-9A76-4318-B233-B4C2950A6EA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0AA962D4-A4EC-4DC3-B8A9-D10941B92781",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8CDFEF9-C367-4800-8A2F-375C261FAE55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "16E43B88-1563-4EFD-9267-AE3E8C35D67A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "11E5715F-A8BC-49EF-836B-BB78E1BC0790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5FA68843-158E-463E-B68A-1ACF041C4E10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1874F637-77E2-4C4A-BF92-AEE96A60BFB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9592B32E-55CD-42D0-901E-8319823BC820",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A9BF34B5-F74C-4D56-9841-42452D60CB87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD02D837-FD28-4E0F-93F8-25E8D1C84A99",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5AB70F82-52BB-4D0D-9A24-9AF67278466D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "100A2456-BF20-4461-8DC9-C61889322B29",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PHP before 5.2.1 allows attackers to bypass safe_mode and open_basedir restrictions via unspecified vectors in the session extension. NOTE: it is possible that this issue is a duplicate of CVE-2006-6383."
},
{
"lang": "es",
"value": "PHP anterior a 5.2.1 permite a atacantes remotos evitar las restricciones safe_mode y open_basedir mediante vectores no especificados en la extensi\u00f3n de sesi\u00f3n. NOTAL: es posible que este asunto sea un duplicado de CVE-2006-6383."
}
],
"id": "CVE-2007-0905",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-02-13T23:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/32768"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24089"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/24419"
},
{
"source": "cve@mitre.org",
"url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.010.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.php.net/ChangeLog-5.php#5.2.1"
},
{
"source": "cve@mitre.org",
"url": "http://www.php.net/releases/5_2_1.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/22496"
},
{
"source": "cve@mitre.org",
"url": "http://www.trustix.org/errata/2007/0009/"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/0546"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/32768"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24089"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24419"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.php.net/ChangeLog-5.php#5.2.1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.php.net/releases/5_2_1.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/22496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.trustix.org/errata/2007/0009/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/0546"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "We do not consider these to be security issues. For more details see http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=169857#c1\nand http://www.php.net/security-note.php",
"lastModified": "2008-04-02T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-09-12 20:17
Modified
2025-04-09 00:30
Severity ?
Summary
PHP 5.2.4 and earlier allows context-dependent attackers to cause a denial of service (application crash) via (1) a long string in the out_charset parameter to the iconv function; or a long string in the charset parameter to the (2) iconv_mime_decode_headers, (3) iconv_mime_decode, or (4) iconv_strlen function. NOTE: this might not be a vulnerability in most web server environments that support multiple threads, unless these issues can be demonstrated for code execution.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5B6B1C7-B7B8-495E-9FE5-FF39718DC64E",
"versionEndIncluding": "5.2.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PHP 5.2.4 and earlier allows context-dependent attackers to cause a denial of service (application crash) via (1) a long string in the out_charset parameter to the iconv function; or a long string in the charset parameter to the (2) iconv_mime_decode_headers, (3) iconv_mime_decode, or (4) iconv_strlen function. NOTE: this might not be a vulnerability in most web server environments that support multiple threads, unless these issues can be demonstrated for code execution."
},
{
"lang": "es",
"value": "PHP 5.2.4 y anteriores permite a usuarios locales o remotos dependiendo del contexto provocar una denegaci\u00f3n de serviciO (ca\u00edda de aplicaci\u00f3n) mediante (1) una cadena larga en el par\u00e1metro out_charset para la funci\u00f3n iconf; o una cadena larga en el par\u00e1metro charset para las funciones (2) iconv_mime_decode_headers, (3) iconv_mime_decode, o (4) iconf_strlen. NOTA: esto no podr\u00edan ser una vulnerabilidad en la mayor\u00eda de los entornos de servidor web que soportan m\u00faltiples hilos, a no ser que se pueda demostrar que estos problemas permiten ejecuci\u00f3n de c\u00f3digo."
}
],
"id": "CVE-2007-4840",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-09-12T20:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/38916"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/27102"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/27659"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/28658"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/30040"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/3122"
},
{
"source": "cve@mitre.org",
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0242"
},
{
"source": "cve@mitre.org",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/478730/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/491693/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/491693/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "https://issues.rpath.com/browse/RPL-1943"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/38916"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/27102"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/27659"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/28658"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/30040"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/3122"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0242"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/478730/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/491693/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/491693/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://issues.rpath.com/browse/RPL-1943"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "We do not consider this to be a security issue. For more information please see\nhttp://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=169857#c1\nand http://www.php.net/security-note.php",
"lastModified": "2007-09-13T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-11-01 12:47
Modified
2025-04-03 01:03
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in the phpinfo function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5 allows remote attackers to inject arbitrary web script or HTML via a crafted URL with a "stacked array assignment."
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | 4.0.0 | |
| php | php | 4.0.1 | |
| php | php | 4.0.1 | |
| php | php | 4.0.1 | |
| php | php | 4.0.2 | |
| php | php | 4.0.3 | |
| php | php | 4.0.3 | |
| php | php | 4.0.4 | |
| php | php | 4.0.5 | |
| php | php | 4.0.6 | |
| php | php | 4.0.7 | |
| php | php | 4.0.7 | |
| php | php | 4.0.7 | |
| php | php | 4.0.7 | |
| php | php | 4.1.0 | |
| php | php | 4.1.1 | |
| php | php | 4.1.2 | |
| php | php | 4.2 | |
| php | php | 4.2.0 | |
| php | php | 4.2.1 | |
| php | php | 4.2.2 | |
| php | php | 4.2.3 | |
| php | php | 4.3.0 | |
| php | php | 4.3.1 | |
| php | php | 4.3.2 | |
| php | php | 4.3.3 | |
| php | php | 4.3.4 | |
| php | php | 4.3.5 | |
| php | php | 4.3.6 | |
| php | php | 4.3.7 | |
| php | php | 4.3.8 | |
| php | php | 4.3.9 | |
| php | php | 4.3.10 | |
| php | php | 4.3.11 | |
| php | php | 4.4.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.1 | |
| php | php | 5.0.2 | |
| php | php | 5.0.3 | |
| php | php | 5.0.4 | |
| php | php | 5.0.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF57C14-86B6-419A-BAFF-93D01CB1E081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78BAA18C-E5A0-4210-B64B-709BBFF31EEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.1:patch1:*:*:*:*:*:*",
"matchCriteriaId": "419867C6-37BE-43B4-BFE0-6325FEE3807D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.1:patch2:*:*:*:*:*:*",
"matchCriteriaId": "37896E87-95C2-4039-8362-BC03B1C56706",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "13A159B4-B847-47DE-B7F8-89384E6C551B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "57B59616-A309-40B4-94B1-50A7BC00E35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.3:patch1:*:*:*:*:*:*",
"matchCriteriaId": "8667FBC6-04B6-40E5-93B3-6C22BEED4B26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0F39A1B1-416E-4436-8007-733B66904A14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DD5FC218-3DDB-4981-81C9-6C69F8DA6F4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2E5F96-66D2-4F99-A74D-6A2305EE218E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2D724D09-0D45-4701-93C9-348301217C8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:rc1:*:*:*:*:*:*",
"matchCriteriaId": "FC6A6F47-5C7C-4F82-B23B-9C959C69B27F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:rc2:*:*:*:*:*:*",
"matchCriteriaId": "AE1A4DA6-6181-43A8-B0D8-5A016C3E75FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:rc3:*:*:*:*:*:*",
"matchCriteriaId": "6E36203C-1392-49BB-AE7E-49626963D673",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6713614A-B14E-4A85-BF89-ED780068FC68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FD95F8EB-B428-4B3C-9254-A5DECE03A989",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "069EB7EE-06B9-454F-9007-8DE5DCA33C53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2:*:dev:*:*:*:*:*",
"matchCriteriaId": "BBA861A2-F0CD-4DBB-B43A-4970EB114DA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "18BF5BE6-09EA-45AD-93BF-2BEF1742534E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EC1460DF-1687-4314-BF1A-01290B20302D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "470380B0-3982-48FC-871B-C8B43C81900D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAA7712-10F0-4BB6-BAFB-D0806AFD9DE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "63190D9B-7958-4B93-87C6-E7D5A572F6DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7AB2E2E8-81D6-4973-AC0F-AA644EE99DD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4AAF4586-74FF-47C6-864B-656FDF3F33D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B14EF0C7-61F2-47A4-B7F8-43FF03C62DCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5245F990-B4A7-4ED8-909D-B8137CE79FAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5652D5B0-68E4-4239-B9B7-599AFCF4C53E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "57B71BB7-5239-4860-9100-8CABC3992D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "72BD447A-4EED-482C-8F61-48FAD4FCF8BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B3F9DF9D-15E5-4387-ABE3-A7583331A928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "11579E5C-D7CF-46EE-B015-5F4185C174E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C69CDE21-2FD4-4529-8F02-8709CF5E3D7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "221B9AC4-C63C-4386-B3BD-E4BC102C6124",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "78B7BA75-2A32-4A8E-ADF8-BCB4FC48CB5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7007E77F-60EF-44D8-9676-15B59DF1325F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "E727CECE-E452-489A-A42F-5A069D6AF80E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "149A1FB8-593E-412B-8E1C-3E560301D500",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "5D6E8982-D7AE-4A52-8F7C-A4D59D2A2CA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "8FC144FA-8F84-44C0-B263-B639FEAD20FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "295907B4-C3DE-4021-BE3B-A8826D4379E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "DBC98F82-6E1D-4A89-8ED4-ECD9BD954EB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "B881352D-954E-4FC0-9E42-93D02A3F3089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "17437AED-816A-4CCF-96DE-8C3D0CC8DB2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "74E7AE59-1CB0-4300-BBE0-109F909789EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9222821E-370F-4616-B787-CC22C2F4E7CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9809449F-9A76-4318-B233-B4C2950A6EA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0AA962D4-A4EC-4DC3-B8A9-D10941B92781",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the phpinfo function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5 allows remote attackers to inject arbitrary web script or HTML via a crafted URL with a \"stacked array assignment.\""
}
],
"id": "CVE-2005-3388",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-11-01T12:47:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00786522"
},
{
"source": "cve@mitre.org",
"url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00786522"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2006-0549.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17371"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/17490"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/17510"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/17531"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/17557"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/17559"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/18198"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/18669"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/21252"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/22691"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/133"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1015130"
},
{
"source": "cve@mitre.org",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-037.htm"
},
{
"source": "cve@mitre.org",
"url": "http://www.fedoralegacy.org/updates/FC2/2005-11-28-FLSA_2005_166943__Updated_php_packages_fix_security_issues.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200511-08.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.hardened-php.net/advisory_182005.77.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:213"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2005_27_sr.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.openpkg.org/security/OpenPKG-SA-2005.027-php.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.php.net/release_4_4_1.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-831.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-838.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/415292"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/15248"
},
{
"source": "cve@mitre.org",
"url": "http://www.turbolinux.com/security/2006/TLSA-2006-38.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2005/2254"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/4320"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PIRZJHM6UDNWNHZ3PCMEZ2YUK3CWY2UE/"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10542"
},
{
"source": "cve@mitre.org",
"url": "https://www.ubuntu.com/usn/usn-232-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00786522"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00786522"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2006-0549.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17371"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/17490"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/17510"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/17531"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/17557"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/17559"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18198"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18669"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/21252"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/22691"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/133"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1015130"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-037.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.fedoralegacy.org/updates/FC2/2005-11-28-FLSA_2005_166943__Updated_php_packages_fix_security_issues.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200511-08.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.hardened-php.net/advisory_182005.77.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:213"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2005_27_sr.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openpkg.org/security/OpenPKG-SA-2005.027-php.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.php.net/release_4_4_1.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-831.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-838.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/415292"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/15248"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.turbolinux.com/security/2006/TLSA-2006-38.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2005/2254"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/4320"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PIRZJHM6UDNWNHZ3PCMEZ2YUK3CWY2UE/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10542"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.ubuntu.com/usn/usn-232-1/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-22 01:59
Modified
2025-04-12 10:46
Severity ?
Summary
The bcpowmod function in ext/bcmath/bcmath.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 accepts a negative integer for the scale argument, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted call.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| php | php | 5.6.0 | |
| php | php | 5.6.1 | |
| php | php | 5.6.2 | |
| php | php | 5.6.3 | |
| php | php | 5.6.4 | |
| php | php | 5.6.5 | |
| php | php | 5.6.6 | |
| php | php | 5.6.7 | |
| php | php | 5.6.8 | |
| php | php | 5.6.9 | |
| php | php | 5.6.10 | |
| php | php | 5.6.11 | |
| php | php | 5.6.12 | |
| php | php | 5.6.13 | |
| php | php | 5.6.14 | |
| php | php | 5.6.15 | |
| php | php | 5.6.16 | |
| php | php | 5.6.17 | |
| php | php | 5.6.18 | |
| php | php | 5.6.19 | |
| php | php | 5.6.20 | |
| php | php | 7.0.0 | |
| php | php | 7.0.1 | |
| php | php | 7.0.2 | |
| php | php | 7.0.3 | |
| php | php | 7.0.4 | |
| php | php | 7.0.5 | |
| opensuse | leap | 42.1 | |
| fedoraproject | fedora | 24 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "96334260-684E-43BA-A088-0EF6800075A6",
"versionEndIncluding": "5.5.34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CE65D0D4-CB56-4946-AB44-2EF554602A96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F1F13E2D-A8F7-4B74-8D03-7905C81672C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE18933A-5FE6-41C7-B1B6-DA3E762C3FB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9AE1289F-03A6-4621-B387-5F5ADAC4AE92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "383697F5-D29E-475A-84F3-46B54A928889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "786ED182-5D71-4197-9196-12AB5CF05F85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF90980D-74AD-44AA-A7C5-A0B294CCE4F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "48D6B69C-8F27-4F4C-B953-67A7F9C2FBA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B53DC0C3-EA19-4465-B65A-BC7CDB10D8BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "BEA4DFC1-6C0C-42FB-9F47-E3E1AA9E47E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "D904E21A-4B3B-4D96-850C-0C0315F14E6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.11:*:*:*:*:*:*:*",
"matchCriteriaId": "C7CEF6D7-8966-45E7-BEBB-12055F5898C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.12:*:*:*:*:*:*:*",
"matchCriteriaId": "171C1035-414C-4F3A-90F4-1A8ED26E3346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.13:*:*:*:*:*:*:*",
"matchCriteriaId": "725BBA4E-B3BA-4AFA-A284-E0CDE3EC8FB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.14:*:*:*:*:*:*:*",
"matchCriteriaId": "F7793408-66A2-4DE7-B5AA-E49E8A2EE043",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.15:*:*:*:*:*:*:*",
"matchCriteriaId": "95840EC0-512D-468D-99B0-17E8CFDD6BE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.16:*:*:*:*:*:*:*",
"matchCriteriaId": "E1078D15-8073-4C04-82C2-3C8111E18B6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.17:*:*:*:*:*:*:*",
"matchCriteriaId": "1B2E5E0C-8DD7-4CF8-A7E7-28ED0FD8B0C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.18:*:*:*:*:*:*:*",
"matchCriteriaId": "3E6EE9E4-9D6E-4CCC-B116-6020DA6884BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.19:*:*:*:*:*:*:*",
"matchCriteriaId": "F9A23E37-8B94-440A-8014-389AC5389A19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.20:*:*:*:*:*:*:*",
"matchCriteriaId": "AD5E20AF-724B-4DBD-9AED-920375666B6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6890AF-8A0A-46EE-AAD5-CF9AAE14A321",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6B90B947-7B54-47F3-9637-2F4AC44079EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "35848414-BD5D-4164-84DC-61ABBB1C4152",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2B1F8402-8551-4F66-A9A7-81D472AB058E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7A773E8E-48CD-4D35-A0FD-629BD9334486",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FC492340-79AF-4676-A161-079A97EC6F0C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4863BE36-D16A-4D75-90D9-FD76DB5B48B7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*",
"matchCriteriaId": "C729D5D1-ED95-443A-9F53-5D7C2FD9B80C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The bcpowmod function in ext/bcmath/bcmath.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 accepts a negative integer for the scale argument, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted call."
},
{
"lang": "es",
"value": "La funci\u00f3n bcpowmod en ext/bcmath/bcmath.c en PHP en versiones anteriores a 5.5.35, 5.6.x en versiones anteriores a 5.6.21 y 7.x en versiones anteriores a 7.0.6 acepta un entero negativo para el argumento escala, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio o posiblemente tener otro impacto no especificado a trav\u00e9s de una llamada manipulada."
}
],
"id": "CVE-2016-4537",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-22T01:59:21.963",
"references": [
{
"source": "security@debian.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183736.html"
},
{
"source": "security@debian.org",
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00086.html"
},
{
"source": "security@debian.org",
"url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00027.html"
},
{
"source": "security@debian.org",
"tags": [
"Patch"
],
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "security@debian.org",
"tags": [
"Patch"
],
"url": "http://php.net/ChangeLog-7.php"
},
{
"source": "security@debian.org",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html"
},
{
"source": "security@debian.org",
"url": "http://www.debian.org/security/2016/dsa-3602"
},
{
"source": "security@debian.org",
"url": "http://www.openwall.com/lists/oss-security/2016/05/05/21"
},
{
"source": "security@debian.org",
"url": "http://www.securityfocus.com/bid/90173"
},
{
"source": "security@debian.org",
"tags": [
"Exploit"
],
"url": "https://bugs.php.net/bug.php?id=72093"
},
{
"source": "security@debian.org",
"url": "https://git.php.net/?p=php-src.git%3Ba=commit%3Bh=d650063a0457aec56364e4005a636dc6c401f9cd"
},
{
"source": "security@debian.org",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731"
},
{
"source": "security@debian.org",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149"
},
{
"source": "security@debian.org",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"source": "security@debian.org",
"url": "https://security.gentoo.org/glsa/201611-22"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183736.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00086.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00027.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://php.net/ChangeLog-7.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3602"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2016/05/05/21"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/90173"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://bugs.php.net/bug.php?id=72093"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://git.php.net/?p=php-src.git%3Ba=commit%3Bh=d650063a0457aec56364e4005a636dc6c401f9cd"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201611-22"
}
],
"sourceIdentifier": "security@debian.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-09-05 00:17
Modified
2025-04-09 00:30
Severity ?
Summary
Unspecified vulnerability in PHP before 5.2.4 has unknown impact and attack vectors, related to an "Improved fix for MOPB-03-2007," probably a variant of CVE-2007-1285.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0CDA10FE-C930-4399-A0AE-1C9A6D547FB9",
"versionEndIncluding": "5.2.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in PHP before 5.2.4 has unknown impact and attack vectors, related to an \"Improved fix for MOPB-03-2007,\" probably a variant of CVE-2007-1285."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en PHP anterior a 5.2.4 tiene un impacto desconocido y vectores de ataque, relacionado con un \"parche de mejora para MOPB-03-2007,\" probablemente una variante de CVE-2007-1285."
}
],
"id": "CVE-2007-4670",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-09-05T00:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2007-0889.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/26822"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/26838"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/26871"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/26895"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/26930"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/26967"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/27102"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/27351"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/27377"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/27545"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/27864"
},
{
"source": "cve@mitre.org",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-449.htm"
},
{
"source": "cve@mitre.org",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:187"
},
{
"source": "cve@mitre.org",
"url": "http://www.php.net/ChangeLog-5.php#5.2.4"
},
{
"source": "cve@mitre.org",
"url": "http://www.php.net/releases/5_2_4.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0888.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0890.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0891.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.trustix.org/errata/2007/0026/"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/usn-549-2"
},
{
"source": "cve@mitre.org",
"url": "https://issues.rpath.com/browse/RPL-1693"
},
{
"source": "cve@mitre.org",
"url": "https://issues.rpath.com/browse/RPL-1702"
},
{
"source": "cve@mitre.org",
"url": "https://launchpad.net/bugs/173043"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11028"
},
{
"source": "cve@mitre.org",
"url": "https://usn.ubuntu.com/549-1/"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00354.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2007-0889.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26822"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26838"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26871"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26895"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26930"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26967"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/27102"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/27351"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/27377"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/27545"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/27864"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-449.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:187"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.php.net/ChangeLog-5.php#5.2.4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.php.net/releases/5_2_4.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0888.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0890.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0891.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.trustix.org/errata/2007/0026/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-549-2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://issues.rpath.com/browse/RPL-1693"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://issues.rpath.com/browse/RPL-1702"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://launchpad.net/bugs/173043"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11028"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/549-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00354.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-01-15 17:15
Modified
2024-11-21 02:35
Severity ?
Summary
The create function in app/code/core/Mage/Catalog/Model/Product/Api/V2.php in Magento Community Edition (CE) before 1.9.2.1 and Enterprise Edition (EE) before 1.14.2.1, when used with PHP before 5.4.24 or 5.5.8, allows remote authenticated users to execute arbitrary PHP code via the productData parameter to index.php/api/v2_soap.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:magento:magento:*:*:*:*:community:*:*:*",
"matchCriteriaId": "3477C30C-8E29-40BA-B476-97B8F38F12EB",
"versionEndExcluding": "1.9.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:magento:magento:*:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "32B8D340-3A4B-4DAE-A8C6-75B92C31EC07",
"versionEndExcluding": "1.14.2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "527F2580-90ED-48D4-8216-6A3C0FCA6AC0",
"versionEndExcluding": "5.4.24",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FA489F21-F012-4394-908A-5D912078FC13",
"versionEndExcluding": "5.5.8",
"versionStartIncluding": "5.4.25",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The create function in app/code/core/Mage/Catalog/Model/Product/Api/V2.php in Magento Community Edition (CE) before 1.9.2.1 and Enterprise Edition (EE) before 1.14.2.1, when used with PHP before 5.4.24 or 5.5.8, allows remote authenticated users to execute arbitrary PHP code via the productData parameter to index.php/api/v2_soap."
},
{
"lang": "es",
"value": "La funci\u00f3n create en el archivo app/code/core/Mage/Catalog/Model/Product/Api/V2.php en Magento Community Edition (CE) versiones anteriores a 1.9.2.1 y Enterprise Edition (EE) versiones anteriores a 1.14.2.1, cuando es usado con PHP versiones anteriores a 5.4.24 o 5.5.8, permite a usuarios autenticados remotos ejecutar c\u00f3digo PHP arbitrario por medio del par\u00e1metro productData en index.php/api/v2_soap."
}
],
"id": "CVE-2015-6497",
"lastModified": "2024-11-21T02:35:05.090",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-01-15T17:15:13.597",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://blog.mindedsecurity.com/2015/09/autoloaded-file-inclusion-in-magento.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://karmainsecurity.com/KIS-2015-04"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://magento.com/security/patches/supee-6482"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/133544/Magento-1.9.2-File-Inclusion.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2015/Sep/48"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://blog.mindedsecurity.com/2015/09/autoloaded-file-inclusion-in-magento.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://karmainsecurity.com/KIS-2015-04"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://magento.com/security/patches/supee-6482"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/133544/Magento-1.9.2-File-Inclusion.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2015/Sep/48"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-02-22 23:29
Modified
2024-11-21 04:50
Severity ?
Summary
An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. xmlrpc_decode() can allow a hostile XMLRPC server to cause PHP to read memory outside of allocated areas in base64_decode_xmlrpc in ext/xmlrpc/libxmlrpc/base64.c.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| php | php | * | |
| php | php | * | |
| php | php | * | |
| debian | debian_linux | 9.0 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| netapp | storage_automation_store | - | |
| opensuse | leap | 42.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "95DE8FCE-DE35-4F6B-BF8A-548A7D92E718",
"versionEndExcluding": "5.6.40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "761D6FA2-48EF-4A41-AD56-B147405FA66C",
"versionEndExcluding": "7.1.26",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "36BCA6E4-9A35-4F14-8C12-38F4BBCBF3AF",
"versionEndExcluding": "7.2.14",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CEDB82E2-4A4D-40F0-9A09-0A36522CE2D9",
"versionEndExcluding": "7.3.1",
"versionStartIncluding": "7.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B7A6697-98CC-4E36-93DB-B7160F8399F9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. xmlrpc_decode() can allow a hostile XMLRPC server to cause PHP to read memory outside of allocated areas in base64_decode_xmlrpc in ext/xmlrpc/libxmlrpc/base64.c."
},
{
"lang": "es",
"value": "Se ha descubierto un problema en PHP en versiones anteriores a la 5.6.40, versiones 7.x anteriores a la 7.1.26, versiones 7.2.x anteriores a la 7.2.14 y versiones 7.3.x anteriores a la 7.3.1. xmlrpc_decode() puede permitir que un servidor XMLRPC hostil provoque que la memoria PHP lea memoria m\u00e1s all\u00e1 de las \u00e1reas asignadas en base64_decode_xmlrpc en ext/xmlrpc/libxmlrpc/base64.c."
}
],
"id": "CVE-2019-9024",
"lastModified": "2024-11-21T04:50:50.157",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-02-22T23:29:00.627",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00083.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/107156"
},
{
"source": "cve@mitre.org",
"url": "https://access.redhat.com/errata/RHSA-2019:2519"
},
{
"source": "cve@mitre.org",
"url": "https://access.redhat.com/errata/RHSA-2019:3299"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=77380"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20190321-0001/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3902-1/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3902-2/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2019/dsa-4398"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00083.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/107156"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2019:2519"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2019:3299"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=77380"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20190321-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3902-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3902-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2019/dsa-4398"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-01-04 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
PHP3 with safe_mode enabled does not properly filter shell metacharacters from commands that are executed by popen, which could allow remote attackers to execute commands.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "245C601D-0FE7-47E3-8304-6FF45E9567D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "691BB8BB-329A-4640-B758-7590C99B5E42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E2BC4CCE-2774-463E-82EA-36CD442D3A7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C478024C-2FCD-463F-A75E-E04660AA9DF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AC9C32F4-5102-4E9B-9F32-B24B65A5ED2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A5BD99C0-E875-496E-BE5E-A8DCBD414B5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1851ADE5-C70C-46E0-941A-6ADF7DB5C126",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "69DA3BA2-AF53-4C9D-93FA-0317841595B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0CFEE5-2274-4BBC-A24A-3A0D13F607FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "67B59D6A-7EDA-4C34-81D6-C2557C85D164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "AEBA40B6-8FDF-41AA-8166-F491FF7F3118",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E74E2B72-A428-4BB3-B6F8-0AF5E487A807",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "1E2F1D82-8E6A-4FBF-9055-A0F395DC17FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "945FF149-3446-4905-BCA1-C397E3497B58",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PHP3 with safe_mode enabled does not properly filter shell metacharacters from commands that are executed by popen, which could allow remote attackers to execute commands."
}
],
"id": "CVE-2000-0059",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-01-04T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/911"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/911"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-02-18 11:55
Modified
2025-04-11 00:51
Severity ?
Summary
ext/gd/gd.c in PHP 5.5.x before 5.5.9 does not check data types, which might allow remote attackers to obtain sensitive information by using a (1) string or (2) array data type in place of a numeric data type, as demonstrated by an imagecrop function call with a string for the x dimension value, a different vulnerability than CVE-2013-7226.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "31C95DB8-99A7-4318-AFB5-C9C9C77430AC",
"versionEndIncluding": "5.5.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "3D25E591-448C-4E3B-8557-6E48F7571796",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "6DA18F3F-B4B5-40C3-BF19-67C1F0C1787D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha3:*:*:*:*:*:*",
"matchCriteriaId": "3AF783C9-26E7-4E02-BD41-77B9783667E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha4:*:*:*:*:*:*",
"matchCriteriaId": "EF49701D-ECE4-4CEB-BDAB-24C09C8AD4B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha5:*:*:*:*:*:*",
"matchCriteriaId": "7AEDF6F7-001D-4A35-A26F-417991AD377F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha6:*:*:*:*:*:*",
"matchCriteriaId": "4031DB99-B4B4-41EC-B3C1-543D92C575A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "D5450EA7-A398-49D2-AA8E-7C95B074BAB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "04FE0E4E-BC94-4DC9-BE9B-DC57B952B2FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "BB8E09D8-9CBE-4279-88B7-24A214A5A537",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "2D41ECCE-887D-49A2-9BB3-B559495AC55B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "79B418BC-27F4-4443-A0F7-FF4ADA568C1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "8EEBDF62-BA1B-4438-9AEA-8B56AA5713E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F644EA6C-50C6-4A1C-A4AC-287AA9477B46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4DD47F30-74F5-48E8-8657-C2373FE2BD22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0C09527B-6B47-41F8-BDE6-01C47E452286",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2E454D87-23CB-4D7F-90FE-942EE54D661F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1031E646-F2CF-4A3E-8E6A-5D4BC950BEDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "130E50C1-D209-4CFF-9399-69D561340FBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F29948-9417-460B-8B04-D91AE4E8B423",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ext/gd/gd.c in PHP 5.5.x before 5.5.9 does not check data types, which might allow remote attackers to obtain sensitive information by using a (1) string or (2) array data type in place of a numeric data type, as demonstrated by an imagecrop function call with a string for the x dimension value, a different vulnerability than CVE-2013-7226."
},
{
"lang": "es",
"value": "ext/gd/gd.c en PHP 5.5.x anterior a 5.5.9 no comprueba tipos de datos, lo que podr\u00eda permitir a atacantes remotos obtener informaci\u00f3n sensible mediante el uso de (1) una cadena o (2) un tipo de dato array en lugar de un tipo de dato num\u00e9rico, tal y como se demostr\u00f3 mediante la llamada de la funci\u00f3n imagecrop con una cadena para el valor de dimensi\u00f3n x, una vulnerabilidad diferente a CVE-2013-7226."
}
],
"id": "CVE-2014-2020",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-02-18T11:55:17.057",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-2126-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=66356"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/php/php-src/commit/2938329ce19cb8c4197dec146c3ec887c6f61d01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2126-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=66356"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/php/php-src/commit/2938329ce19cb8c4197dec146c3ec887c6f61d01"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-03-30 06:15
Modified
2025-07-02 20:17
Severity ?
Summary
In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when parsing HTTP redirect in the response to an HTTP request, there is currently limit on the location value size caused by limited size of the location buffer to 1024. However as per RFC9110, the limit is recommended to be 8000. This may lead to incorrect URL truncation and redirecting to a wrong location.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@php.net | https://github.com/php/php-src/security/advisories/GHSA-52jp-hrpf-2jff | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20250523-0005/ | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE6E1B68-3EB9-4C67-97A6-226EA02CC2EA",
"versionEndExcluding": "8.1.31",
"versionStartIncluding": "8.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C160D91A-CF97-4DD1-A34F-8B8C852B3CEC",
"versionEndExcluding": "8.2.26",
"versionStartIncluding": "8.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "35B1BA7F-0EAE-4F40-ACA4-EBC5D63F609A",
"versionEndExcluding": "8.3.14",
"versionStartIncluding": "8.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC94B1EC-530A-4A25-9BCD-DAC5F52F6813",
"versionEndExcluding": "8.4.5",
"versionStartIncluding": "8.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:ontap:9:*:*:*:*:*:*:*",
"matchCriteriaId": "A20333EE-4C13-426E-8B54-D78679D5DDB8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when parsing HTTP redirect in the response to an HTTP request, there is currently limit on the location value size caused by limited size of the location buffer to 1024. However as per RFC9110, the limit is recommended to be 8000. This may lead to incorrect URL truncation and redirecting to a wrong location."
},
{
"lang": "es",
"value": "En PHP desde 8.1.* antes de 8.1.32, desde 8.2.* antes de 8.2.28, desde 8.3.* antes de 8.3.19, desde 8.4.* antes de 8.4.5, al analizar la redirecci\u00f3n HTTP en la respuesta a una solicitud HTTP, actualmente hay un l\u00edmite en el tama\u00f1o del valor de ubicaci\u00f3n debido al tama\u00f1o limitado del b\u00fafer de ubicaci\u00f3n a 1024. Sin embargo, seg\u00fan RFC9110, se recomienda que el l\u00edmite sea 8000. Esto puede provocar un truncamiento incorrecto de la URL y la redirecci\u00f3n a una ubicaci\u00f3n incorrecta."
}
],
"id": "CVE-2025-1861",
"lastModified": "2025-07-02T20:17:38.193",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "security@php.net",
"type": "Secondary"
}
]
},
"published": "2025-03-30T06:15:14.957",
"references": [
{
"source": "security@php.net",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/php/php-src/security/advisories/GHSA-52jp-hrpf-2jff"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20250523-0005/"
}
],
"sourceIdentifier": "security@php.net",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-131"
}
],
"source": "security@php.net",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-01-16 09:29
Modified
2024-11-21 04:09
Severity ?
Summary
An issue was discovered in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1. There is Reflected XSS on the PHAR 404 error page via the URI of a request for a .phar file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| php | php | * | |
| php | php | * | |
| php | php | 7.2.0 | |
| debian | debian_linux | 7.0 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 17.10 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "41A22DA0-EE98-49B2-B8E7-40F56E626501",
"versionEndIncluding": "5.6.32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9164AFA9-D1F7-4C0F-BE46-D0509C193618",
"versionEndIncluding": "7.0.26",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CD1C4486-6DC7-4F3D-839D-69826E9BA767",
"versionEndIncluding": "7.1.12",
"versionStartExcluding": "7.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "23D5409A-2C95-4696-8C66-AF69A5500FAF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*",
"matchCriteriaId": "9070C9D8-A14A-467F-8253-33B966C16886",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1. There is Reflected XSS on the PHAR 404 error page via the URI of a request for a .phar file."
},
{
"lang": "es",
"value": "Se ha descubierto un problema en PHP en versiones anteriores a la 5.6.33, versiones 7.0.x anteriores a la 7.0.27, versiones 7.1.x anteriores a la 7.1.13 y versiones 7.2.x anteriores a la 7.2.1. Hay XSS reflejado en la p\u00e1gina de error PHAR 404 mediante el URI de una petici\u00f3n de un archivo .phar."
}
],
"id": "CVE-2018-5712",
"lastModified": "2024-11-21T04:09:13.503",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-01-16T09:29:00.623",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://php.net/ChangeLog-7.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102742"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104020"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040363"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1296"
},
{
"source": "cve@mitre.org",
"url": "https://access.redhat.com/errata/RHSA-2019:2519"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=74782"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00025.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3566-1/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3600-1/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3600-2/"
},
{
"source": "cve@mitre.org",
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://php.net/ChangeLog-7.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102742"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104020"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040363"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1296"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2019:2519"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=74782"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00025.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3566-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3600-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3600-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-12-02 01:59
Modified
2025-04-12 10:46
Severity ?
Summary
PCRE before 8.38 mishandles the [: and \\ substrings in character classes, which allows remote attackers to cause a denial of service (uninitialized memory read) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| pcre | perl_compatible_regular_expression_library | * | |
| fedoraproject | fedora | 22 | |
| php | php | * | |
| php | php | * | |
| php | php | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pcre:perl_compatible_regular_expression_library:*:*:*:*:*:*:*:*",
"matchCriteriaId": "22A2867E-F109-44E6-8E01-A7010D5B6FDA",
"versionEndIncluding": "8.37",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*",
"matchCriteriaId": "253C303A-E577-4488-93E6-68A8DD942C38",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B055DFDD-2D3F-40CD-A62E-1D9B1C005771",
"versionEndExcluding": "5.5.32",
"versionStartIncluding": "5.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "04060332-EC2C-4281-A627-8FBDCEB79154",
"versionEndExcluding": "5.6.18",
"versionStartIncluding": "5.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A20A620-CDCF-4496-86E9-1ECA1A3C665E",
"versionEndExcluding": "7.0.3",
"versionStartIncluding": "7.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PCRE before 8.38 mishandles the [: and \\\\ substrings in character classes, which allows remote attackers to cause a denial of service (uninitialized memory read) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror."
},
{
"lang": "es",
"value": "PCRE en versiones anteriores a 8.38 no maneja correctamente las subcadenas [: and \\\\ en clases car\u00e1cter, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (lectura de memoria no inicializada) o posiblemente tener otro impacto no especificado a trav\u00e9s de una expresi\u00f3n regular manipulada, seg\u00fan lo demostrado por un objeto JavaScript RegExp encontrado por Konqueror."
}
],
"id": "CVE-2015-8390",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2015-12-02T01:59:14.370",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174931.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2015/11/29/1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/82990"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "https://bto.bluecoat.com/security-advisory/sa128"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201607-02"
},
{
"source": "cve@mitre.org",
"url": "https://security.netapp.com/advisory/ntap-20230216-0002/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174931.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2015/11/29/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/82990"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "https://bto.bluecoat.com/security-advisory/sa128"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201607-02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20230216-0002/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-908"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-06-08 00:30
Modified
2025-04-11 00:51
Severity ?
Summary
The (1) trim, (2) ltrim, (3) rtrim, and (4) substr_replace functions in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allow context-dependent attackers to obtain sensitive information (memory contents) by causing a userspace interruption of an internal function, related to the call time pass by reference feature.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD02D837-FD28-4E0F-93F8-25E8D1C84A99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "88358D1E-BE6F-4CE3-A522-83D1FA4739E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D8B97B03-7DA7-4A5F-89B4-E78CAB20DE17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "86767200-6C9C-4C3E-B111-0E5BE61E197B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B00B416D-FF23-4C76-8751-26D305F0FA0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CCB6CDDD-70D3-4004-BCE0-8C4723076103",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A782CA26-9C38-40A8-92AE-D47B14D2FCE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1C0E7E2A-4770-4B68-B74C-5F5A6E1876DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "0892C89E-9389-4452-B7E0-981A763CD426",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "635F3CB1-B042-43CC-91AB-746098018D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E1F32DDF-17A3-45B5-9227-833EBEBD3923",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "2CDFB7E9-8510-430F-BFBC-FD811D60DC78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "79D5336A-14AA-483E-9CBE-A7B53120B925",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "3AADA875-E0EA-483A-A07E-2914FE969972",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9EF4B938-BB14-4C06-BEE9-10CA755C5DEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "981C922C-7A7D-473E-8C43-03AB62FB5B8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5D0CD11A-09C2-4C60-8F0C-68E55BD6EE63",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The (1) trim, (2) ltrim, (3) rtrim, and (4) substr_replace functions in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allow context-dependent attackers to obtain sensitive information (memory contents) by causing a userspace interruption of an internal function, related to the call time pass by reference feature."
},
{
"lang": "es",
"value": "Las funciones (1) trim, (2) ltrim, (3) rtrim, y (4) substr_replace en PHP v5.2 a v5.2.13 y v5.3 a v5.3.2 permiten obtener a atacantes informaci\u00f3n sensible variable en funci\u00f3n del contexto (el contenido de la memoria) provocando una interrupci\u00f3n del espacio de usuario de una funci\u00f3n interna, relacionado con la llamada por referencia de la funcionalidad \"time pass\"."
}
],
"id": "CVE-2010-2190",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-06-08T00:30:01.820",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=133469208622507\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=133469208622507\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.php-security.org/2010/05/30/mops-2010-047-php-trimltrimrtrim-interruption-information-leak-vulnerability/index.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.php-security.org/2010/05/30/mops-2010-048-php-substr_replace-interruption-information-leak-vulnerability/index.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59220"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=133469208622507\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=133469208622507\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.php-security.org/2010/05/30/mops-2010-047-php-trimltrimrtrim-interruption-information-leak-vulnerability/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.php-security.org/2010/05/30/mops-2010-048-php-substr_replace-interruption-information-leak-vulnerability/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59220"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-08-07 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
The get_icu_value_internal function in ext/intl/locale/locale_methods.c in PHP before 5.5.36, 5.6.x before 5.6.22, and 7.x before 7.0.7 does not ensure the presence of a '\0' character, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted locale_get_primary_language call.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.1 | |
| php | php | 5.6.2 | |
| php | php | 5.6.3 | |
| php | php | 5.6.4 | |
| php | php | 5.6.5 | |
| php | php | 5.6.6 | |
| php | php | 5.6.7 | |
| php | php | 5.6.8 | |
| php | php | 5.6.9 | |
| php | php | 5.6.10 | |
| php | php | 5.6.11 | |
| php | php | 5.6.12 | |
| php | php | 5.6.13 | |
| php | php | 5.6.14 | |
| php | php | 5.6.15 | |
| php | php | 5.6.16 | |
| php | php | 5.6.17 | |
| php | php | 5.6.18 | |
| php | php | 5.6.19 | |
| php | php | 5.6.20 | |
| php | php | 5.6.21 | |
| php | php | 7.0.0 | |
| php | php | 7.0.1 | |
| php | php | 7.0.2 | |
| php | php | 7.0.3 | |
| php | php | 7.0.4 | |
| php | php | 7.0.5 | |
| php | php | 7.0.6 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "664B217B-9913-4A60-ACDA-1C5F5F4861A7",
"versionEndIncluding": "5.5.35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "5BF4E8FF-A3EC-43E8-A0C1-FD38AFCB77B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "54ADECFC-3C07-43BC-B296-6C25AC7F1C95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*",
"matchCriteriaId": "FE192054-2FBB-4388-A52A-422E20DEA2D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*",
"matchCriteriaId": "F0195D48-3B42-4AC0-B9C5-436E01C63879",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*",
"matchCriteriaId": "BF0E5D67-ABC1-41A5-94E1-7DD3CDB51D81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "319E0573-B1AD-40B6-B4BC-8BE67ED3EFDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "1A7C00EB-87B7-4EB7-A4AC-8665D8C78467",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "21BFCF10-786A-4D1E-9C37-50A1EC6056F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "95A6D6C8-5F46-4897-A0B0-778631E8CE6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F1F13E2D-A8F7-4B74-8D03-7905C81672C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE18933A-5FE6-41C7-B1B6-DA3E762C3FB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9AE1289F-03A6-4621-B387-5F5ADAC4AE92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "383697F5-D29E-475A-84F3-46B54A928889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "786ED182-5D71-4197-9196-12AB5CF05F85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF90980D-74AD-44AA-A7C5-A0B294CCE4F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "48D6B69C-8F27-4F4C-B953-67A7F9C2FBA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B53DC0C3-EA19-4465-B65A-BC7CDB10D8BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "BEA4DFC1-6C0C-42FB-9F47-E3E1AA9E47E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "D904E21A-4B3B-4D96-850C-0C0315F14E6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.11:*:*:*:*:*:*:*",
"matchCriteriaId": "C7CEF6D7-8966-45E7-BEBB-12055F5898C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.12:*:*:*:*:*:*:*",
"matchCriteriaId": "171C1035-414C-4F3A-90F4-1A8ED26E3346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.13:*:*:*:*:*:*:*",
"matchCriteriaId": "725BBA4E-B3BA-4AFA-A284-E0CDE3EC8FB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.14:*:*:*:*:*:*:*",
"matchCriteriaId": "F7793408-66A2-4DE7-B5AA-E49E8A2EE043",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.15:*:*:*:*:*:*:*",
"matchCriteriaId": "95840EC0-512D-468D-99B0-17E8CFDD6BE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.16:*:*:*:*:*:*:*",
"matchCriteriaId": "E1078D15-8073-4C04-82C2-3C8111E18B6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.17:*:*:*:*:*:*:*",
"matchCriteriaId": "1B2E5E0C-8DD7-4CF8-A7E7-28ED0FD8B0C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.18:*:*:*:*:*:*:*",
"matchCriteriaId": "3E6EE9E4-9D6E-4CCC-B116-6020DA6884BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.19:*:*:*:*:*:*:*",
"matchCriteriaId": "F9A23E37-8B94-440A-8014-389AC5389A19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.20:*:*:*:*:*:*:*",
"matchCriteriaId": "AD5E20AF-724B-4DBD-9AED-920375666B6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.21:*:*:*:*:*:*:*",
"matchCriteriaId": "FD008BBB-10C9-48E2-97B8-6B86B54FD48E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6890AF-8A0A-46EE-AAD5-CF9AAE14A321",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6B90B947-7B54-47F3-9637-2F4AC44079EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "35848414-BD5D-4164-84DC-61ABBB1C4152",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2B1F8402-8551-4F66-A9A7-81D472AB058E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7A773E8E-48CD-4D35-A0FD-629BD9334486",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FC492340-79AF-4676-A161-079A97EC6F0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F1C2D8FE-C380-4B43-B634-A3DBA4700A71",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The get_icu_value_internal function in ext/intl/locale/locale_methods.c in PHP before 5.5.36, 5.6.x before 5.6.22, and 7.x before 7.0.7 does not ensure the presence of a \u0027\\0\u0027 character, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted locale_get_primary_language call."
},
{
"lang": "es",
"value": "La funci\u00f3n get_icu_value_internal en ext/intl/locale/locale_methods.c en PHP en versiones anteriores a 5.5.36, 5.6.x en versiones anteriores a 5.6.22 y 7.x en versiones anteriores a 7.0.7 no asegura la presencia de un car\u00e1cter \u0027\\0\u0027, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (lectura fuera de rango) o posiblemente tener otro impacto no especificado a trav\u00e9s de una llamada locale_get_primary_language manipulada."
}
],
"id": "CVE-2016-5093",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-08-07T10:59:06.180",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Release Notes"
],
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Release Notes"
],
"url": "http://php.net/ChangeLog-7.php"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2016/dsa-3602"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes"
],
"url": "http://www.openwall.com/lists/oss-security/2016/05/26/3"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/90946"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "https://bugs.php.net/bug.php?id=72241"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://github.com/php/php-src/commit/97eff7eb57fc2320c267a949cffd622c38712484?w=1"
},
{
"source": "cve@mitre.org",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Release Notes"
],
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Release Notes"
],
"url": "http://php.net/ChangeLog-7.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3602"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "http://www.openwall.com/lists/oss-security/2016/05/26/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/90946"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://bugs.php.net/bug.php?id=72241"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://github.com/php/php-src/commit/97eff7eb57fc2320c267a949cffd622c38712484?w=1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-06-09 18:59
Modified
2025-04-12 10:46
Severity ?
Summary
The do_soap_call function in ext/soap/soap.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 does not verify that the uri property is a string, which allows remote attackers to obtain sensitive information by providing crafted serialized data with an int data type, related to a "type confusion" issue.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.1 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_eus | 7.1 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| php | php | * | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.1 | |
| php | php | 5.5.2 | |
| php | php | 5.5.3 | |
| php | php | 5.5.4 | |
| php | php | 5.5.5 | |
| php | php | 5.5.6 | |
| php | php | 5.5.7 | |
| php | php | 5.5.8 | |
| php | php | 5.5.9 | |
| php | php | 5.5.10 | |
| php | php | 5.5.11 | |
| php | php | 5.5.12 | |
| php | php | 5.5.13 | |
| php | php | 5.5.14 | |
| php | php | 5.5.18 | |
| php | php | 5.5.19 | |
| php | php | 5.5.20 | |
| php | php | 5.5.21 | |
| php | php | 5.5.22 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.2 | |
| php | php | 5.6.3 | |
| php | php | 5.6.4 | |
| php | php | 5.6.5 | |
| php | php | 5.6.6 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7883E465-932D-4C11-AA54-97E44181F906",
"versionEndIncluding": "10.10.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84489B-B08C-4854-8A12-D01B6E45CF79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8CD4EF-DC90-40BB-A721-6EC087507906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6773B830-647B-4DCA-ABAF-BCF414C4F07C",
"versionEndIncluding": "5.4.38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9F6D9B19-E64D-4BED-9194-17460CE19E6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "3D25E591-448C-4E3B-8557-6E48F7571796",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "6DA18F3F-B4B5-40C3-BF19-67C1F0C1787D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha3:*:*:*:*:*:*",
"matchCriteriaId": "3AF783C9-26E7-4E02-BD41-77B9783667E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha4:*:*:*:*:*:*",
"matchCriteriaId": "EF49701D-ECE4-4CEB-BDAB-24C09C8AD4B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha5:*:*:*:*:*:*",
"matchCriteriaId": "7AEDF6F7-001D-4A35-A26F-417991AD377F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha6:*:*:*:*:*:*",
"matchCriteriaId": "4031DB99-B4B4-41EC-B3C1-543D92C575A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "D5450EA7-A398-49D2-AA8E-7C95B074BAB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "04FE0E4E-BC94-4DC9-BE9B-DC57B952B2FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "BB8E09D8-9CBE-4279-88B7-24A214A5A537",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "2D41ECCE-887D-49A2-9BB3-B559495AC55B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "79B418BC-27F4-4443-A0F7-FF4ADA568C1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "8EEBDF62-BA1B-4438-9AEA-8B56AA5713E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F644EA6C-50C6-4A1C-A4AC-287AA9477B46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4DD47F30-74F5-48E8-8657-C2373FE2BD22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0C09527B-6B47-41F8-BDE6-01C47E452286",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2E454D87-23CB-4D7F-90FE-942EE54D661F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1031E646-F2CF-4A3E-8E6A-5D4BC950BEDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "130E50C1-D209-4CFF-9399-69D561340FBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F29948-9417-460B-8B04-D91AE4E8B423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A37D00C1-4F41-4400-9CE4-8E8BAA3E4142",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "093D08B7-CC3C-4616-8697-F15B253A7D9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E9CD8FEE-DE7B-47CB-9985-4092BFA071D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "A30B2D9E-F289-43C9-BFBC-1CEF284A417E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*",
"matchCriteriaId": "FE41CFDF-8ECD-41C1-94A7-5AFD42C5DDEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*",
"matchCriteriaId": "6AEAC9BA-AF82-4345-839C-D339DCB962A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:*",
"matchCriteriaId": "1EFE682F-52E3-48EC-A993-F522FC29712F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.18:*:*:*:*:*:*:*",
"matchCriteriaId": "AC63A449-5D92-4F5F-8186-B58FFFBA54FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.19:*:*:*:*:*:*:*",
"matchCriteriaId": "F18236F6-2065-4A6A-93E7-FD90E650C689",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.20:*:*:*:*:*:*:*",
"matchCriteriaId": "DEFBA84A-A4E4-438B-B9B5-8549809DCECC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.21:*:*:*:*:*:*:*",
"matchCriteriaId": "146D3DC9-50F4-430B-B321-68ECE78879A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.22:*:*:*:*:*:*:*",
"matchCriteriaId": "1D5A7CA6-7653-46C5-8DF7-95584BF7A879",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "5BF4E8FF-A3EC-43E8-A0C1-FD38AFCB77B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "54ADECFC-3C07-43BC-B296-6C25AC7F1C95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*",
"matchCriteriaId": "FE192054-2FBB-4388-A52A-422E20DEA2D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*",
"matchCriteriaId": "F0195D48-3B42-4AC0-B9C5-436E01C63879",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*",
"matchCriteriaId": "BF0E5D67-ABC1-41A5-94E1-7DD3CDB51D81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "319E0573-B1AD-40B6-B4BC-8BE67ED3EFDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "1A7C00EB-87B7-4EB7-A4AC-8665D8C78467",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "21BFCF10-786A-4D1E-9C37-50A1EC6056F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "95A6D6C8-5F46-4897-A0B0-778631E8CE6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE18933A-5FE6-41C7-B1B6-DA3E762C3FB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9AE1289F-03A6-4621-B387-5F5ADAC4AE92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "383697F5-D29E-475A-84F3-46B54A928889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "786ED182-5D71-4197-9196-12AB5CF05F85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF90980D-74AD-44AA-A7C5-A0B294CCE4F8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The do_soap_call function in ext/soap/soap.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 does not verify that the uri property is a string, which allows remote attackers to obtain sensitive information by providing crafted serialized data with an int data type, related to a \"type confusion\" issue."
},
{
"lang": "es",
"value": "La funci\u00f3n do_soap_call en ext/soap/soap.c en PHP anterior a 5.4.39, 5.5.x anterior a 5.5.23, y 5.6.x anterior a 5.6.7 no verifica que la propiedad uri es una cadena, lo que permite a atacantes remotos obtener informaci\u00f3n sensible mediante la provisi\u00f3n de datos serializados manipulados con un tipo de datos int, relacionados con un problema de \u0027confusi\u00f3n de tipo\u0027."
}
],
"id": "CVE-2015-4148",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-06-09T18:59:10.487",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00028.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://openwall.com/lists/oss-security/2015/06/01/4"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1053.html"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1066.html"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1135.html"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1218.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/75103"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1032459"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
],
"url": "https://bugs.php.net/bug.php?id=69085"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201606-10"
},
{
"source": "cve@mitre.org",
"url": "https://support.apple.com/kb/HT205031"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00028.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://openwall.com/lists/oss-security/2015/06/01/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1053.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1066.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1135.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1218.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/75103"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032459"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "https://bugs.php.net/bug.php?id=69085"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201606-10"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.apple.com/kb/HT205031"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-11-01 12:47
Modified
2025-04-03 01:03
Severity ?
Summary
The parse_str function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, when called with only one parameter, allows remote attackers to enable the register_globals directive via inputs that cause a request to be terminated due to the memory_limit setting, which causes PHP to set an internal flag that enables register_globals and allows attackers to exploit vulnerabilities in PHP applications that would otherwise be protected.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | 4.0.0 | |
| php | php | 4.0.1 | |
| php | php | 4.0.1 | |
| php | php | 4.0.1 | |
| php | php | 4.0.2 | |
| php | php | 4.0.3 | |
| php | php | 4.0.3 | |
| php | php | 4.0.4 | |
| php | php | 4.0.5 | |
| php | php | 4.0.6 | |
| php | php | 4.0.7 | |
| php | php | 4.0.7 | |
| php | php | 4.0.7 | |
| php | php | 4.0.7 | |
| php | php | 4.1.0 | |
| php | php | 4.1.1 | |
| php | php | 4.1.2 | |
| php | php | 4.2 | |
| php | php | 4.2.0 | |
| php | php | 4.2.1 | |
| php | php | 4.2.2 | |
| php | php | 4.2.3 | |
| php | php | 4.3.0 | |
| php | php | 4.3.1 | |
| php | php | 4.3.2 | |
| php | php | 4.3.3 | |
| php | php | 4.3.4 | |
| php | php | 4.3.5 | |
| php | php | 4.3.6 | |
| php | php | 4.3.7 | |
| php | php | 4.3.8 | |
| php | php | 4.3.9 | |
| php | php | 4.3.10 | |
| php | php | 4.3.11 | |
| php | php | 4.4.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.1 | |
| php | php | 5.0.2 | |
| php | php | 5.0.3 | |
| php | php | 5.0.4 | |
| php | php | 5.0.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF57C14-86B6-419A-BAFF-93D01CB1E081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78BAA18C-E5A0-4210-B64B-709BBFF31EEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.1:patch1:*:*:*:*:*:*",
"matchCriteriaId": "419867C6-37BE-43B4-BFE0-6325FEE3807D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.1:patch2:*:*:*:*:*:*",
"matchCriteriaId": "37896E87-95C2-4039-8362-BC03B1C56706",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "13A159B4-B847-47DE-B7F8-89384E6C551B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "57B59616-A309-40B4-94B1-50A7BC00E35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.3:patch1:*:*:*:*:*:*",
"matchCriteriaId": "8667FBC6-04B6-40E5-93B3-6C22BEED4B26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0F39A1B1-416E-4436-8007-733B66904A14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DD5FC218-3DDB-4981-81C9-6C69F8DA6F4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2E5F96-66D2-4F99-A74D-6A2305EE218E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2D724D09-0D45-4701-93C9-348301217C8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:rc1:*:*:*:*:*:*",
"matchCriteriaId": "FC6A6F47-5C7C-4F82-B23B-9C959C69B27F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:rc2:*:*:*:*:*:*",
"matchCriteriaId": "AE1A4DA6-6181-43A8-B0D8-5A016C3E75FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:rc3:*:*:*:*:*:*",
"matchCriteriaId": "6E36203C-1392-49BB-AE7E-49626963D673",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6713614A-B14E-4A85-BF89-ED780068FC68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FD95F8EB-B428-4B3C-9254-A5DECE03A989",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "069EB7EE-06B9-454F-9007-8DE5DCA33C53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2:*:dev:*:*:*:*:*",
"matchCriteriaId": "BBA861A2-F0CD-4DBB-B43A-4970EB114DA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "18BF5BE6-09EA-45AD-93BF-2BEF1742534E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EC1460DF-1687-4314-BF1A-01290B20302D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "470380B0-3982-48FC-871B-C8B43C81900D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAA7712-10F0-4BB6-BAFB-D0806AFD9DE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "63190D9B-7958-4B93-87C6-E7D5A572F6DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7AB2E2E8-81D6-4973-AC0F-AA644EE99DD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4AAF4586-74FF-47C6-864B-656FDF3F33D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B14EF0C7-61F2-47A4-B7F8-43FF03C62DCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5245F990-B4A7-4ED8-909D-B8137CE79FAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5652D5B0-68E4-4239-B9B7-599AFCF4C53E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "57B71BB7-5239-4860-9100-8CABC3992D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "72BD447A-4EED-482C-8F61-48FAD4FCF8BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B3F9DF9D-15E5-4387-ABE3-A7583331A928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "11579E5C-D7CF-46EE-B015-5F4185C174E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C69CDE21-2FD4-4529-8F02-8709CF5E3D7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "221B9AC4-C63C-4386-B3BD-E4BC102C6124",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "78B7BA75-2A32-4A8E-ADF8-BCB4FC48CB5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7007E77F-60EF-44D8-9676-15B59DF1325F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "E727CECE-E452-489A-A42F-5A069D6AF80E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "149A1FB8-593E-412B-8E1C-3E560301D500",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "5D6E8982-D7AE-4A52-8F7C-A4D59D2A2CA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "8FC144FA-8F84-44C0-B263-B639FEAD20FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "295907B4-C3DE-4021-BE3B-A8826D4379E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "DBC98F82-6E1D-4A89-8ED4-ECD9BD954EB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "B881352D-954E-4FC0-9E42-93D02A3F3089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "17437AED-816A-4CCF-96DE-8C3D0CC8DB2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "74E7AE59-1CB0-4300-BBE0-109F909789EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9222821E-370F-4616-B787-CC22C2F4E7CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9809449F-9A76-4318-B233-B4C2950A6EA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0AA962D4-A4EC-4DC3-B8A9-D10941B92781",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The parse_str function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, when called with only one parameter, allows remote attackers to enable the register_globals directive via inputs that cause a request to be terminated due to the memory_limit setting, which causes PHP to set an internal flag that enables register_globals and allows attackers to exploit vulnerabilities in PHP applications that would otherwise be protected."
}
],
"id": "CVE-2005-3389",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-11-01T12:47:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00786522"
},
{
"source": "cve@mitre.org",
"url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00786522"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2006-0549.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17371"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17490"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17510"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17531"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17557"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17559"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18054"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18198"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18669"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21252"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22691"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/134"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1015131"
},
{
"source": "cve@mitre.org",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-037.htm"
},
{
"source": "cve@mitre.org",
"url": "http://www.fedoralegacy.org/updates/FC2/2005-11-28-FLSA_2005_166943__Updated_php_packages_fix_security_issues.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200511-08.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.hardened-php.net/advisory_192005.78.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:213"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2005_27_sr.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.openpkg.org/security/OpenPKG-SA-2005.027-php.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.php.net/release_4_4_1.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-831.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-838.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/415291"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/419504/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/15249"
},
{
"source": "cve@mitre.org",
"url": "http://www.turbolinux.com/security/2006/TLSA-2006-38.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2005/2254"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/4320"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11481"
},
{
"source": "cve@mitre.org",
"url": "https://www.ubuntu.com/usn/usn-232-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00786522"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00786522"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2006-0549.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17371"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17490"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17510"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17531"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17557"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17559"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18054"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18198"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18669"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21252"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22691"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/134"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1015131"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-037.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.fedoralegacy.org/updates/FC2/2005-11-28-FLSA_2005_166943__Updated_php_packages_fix_security_issues.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200511-08.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.hardened-php.net/advisory_192005.78.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:213"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2005_27_sr.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openpkg.org/security/OpenPKG-SA-2005.027-php.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.php.net/release_4_4_1.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-831.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-838.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/415291"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/419504/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/15249"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.turbolinux.com/security/2006/TLSA-2006-38.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2005/2254"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/4320"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11481"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.ubuntu.com/usn/usn-232-1/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-02-10 08:15
Modified
2024-11-21 05:36
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Summary
When using certain mbstring functions to convert multibyte encodings, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause function mbfl_filt_conv_big5_wchar to read past the allocated buffer. This may lead to information disclosure or crash.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| php | php | * | |
| php | php | * | |
| tenable | tenable.sc | * | |
| oracle | communications_diameter_signaling_router | * | |
| opensuse | leap | 15.1 | |
| debian | debian_linux | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0C8F023B-DDEF-48ED-9E3F-785F61636F98",
"versionEndExcluding": "7.2.27",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A4DF319B-F27D-44FC-BD7E-4022925E121D",
"versionEndExcluding": "7.3.14",
"versionStartIncluding": "7.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF0A5CFA-33A0-4676-8A69-F0B3B4BC16A6",
"versionEndExcluding": "7.4.2",
"versionStartIncluding": "7.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "41DBA7C7-8084-45F6-B59D-13A9022C34DF",
"versionEndExcluding": "5.19.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C2A0171-EAC8-4202-BA1D-2A9D9FE055E1",
"versionEndIncluding": "8.4",
"versionStartIncluding": "8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "When using certain mbstring functions to convert multibyte encodings, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause function mbfl_filt_conv_big5_wchar to read past the allocated buffer. This may lead to information disclosure or crash."
},
{
"lang": "es",
"value": "Cuando se usan determinadas funciones de mbstring para convertir codificaciones multibyte, en PHP versiones 7.2.x por debajo de 7.2.27, versiones 7.3.x por debajo de 7.3.14 y versiones 7.4.x por debajo de 7.4.2, es posible suministrar datos que causar\u00e1n que la funci\u00f3n mbfl_filt_conv_big5_wchar lea m\u00e1s all\u00e1 del buffer asignado. Esto puede conllevar a una divulgaci\u00f3n de informaci\u00f3n o bloqueo."
}
],
"id": "CVE-2020-7060",
"lastModified": "2024-11-21T05:36:35.360",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5,
"source": "security@php.net",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-02-10T08:15:12.797",
"references": [
{
"source": "security@php.net",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00023.html"
},
{
"source": "security@php.net",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=79037"
},
{
"source": "security@php.net",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/02/msg00030.html"
},
{
"source": "security@php.net",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2020/Feb/27"
},
{
"source": "security@php.net",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2020/Feb/31"
},
{
"source": "security@php.net",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2021/Jan/3"
},
{
"source": "security@php.net",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202003-57"
},
{
"source": "security@php.net",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20200221-0002/"
},
{
"source": "security@php.net",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4279-1/"
},
{
"source": "security@php.net",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2020/dsa-4626"
},
{
"source": "security@php.net",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2020/dsa-4628"
},
{
"source": "security@php.net",
"tags": [
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
},
{
"source": "security@php.net",
"tags": [
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"source": "security@php.net",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/tns-2021-14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00023.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=79037"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/02/msg00030.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2020/Feb/27"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2020/Feb/31"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2021/Jan/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202003-57"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20200221-0002/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4279-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2020/dsa-4626"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2020/dsa-4628"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/tns-2021-14"
}
],
"sourceIdentifier": "security@php.net",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "security@php.net",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-11-29 07:15
Modified
2024-11-21 05:48
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary
In PHP versions 7.3.x below 7.3.33, 7.4.x below 7.4.26 and 8.0.x below 8.0.13, certain XML parsing functions, like simplexml_load_file(), URL-decode the filename passed to them. If that filename contains URL-encoded NUL character, this may cause the function to interpret this as the end of the filename, thus interpreting the filename differently from what the user intended, which may lead it to reading a different file than intended.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| php | php | * | |
| php | php | * | |
| netapp | clustered_data_ontap | - | |
| debian | debian_linux | 10.0 | |
| debian | debian_linux | 11.0 | |
| tenable | tenable.sc | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C87BA6C9-B0C3-4039-8F77-C310B1879FA5",
"versionEndExcluding": "7.3.33",
"versionStartIncluding": "7.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "83EEF959-AE5C-43C0-AF21-535B813E5DC6",
"versionEndExcluding": "7.4.26",
"versionStartIncluding": "7.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "60FBEAE8-F094-420B-8282-AFC3C33ABF28",
"versionEndExcluding": "8.0.13",
"versionStartIncluding": "8.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FE996B1-6951-4F85-AA58-B99A379D2163",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CAB9A41F-91F1-40DF-BF12-6ADA7229A84C",
"versionEndExcluding": "5.21.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In PHP versions 7.3.x below 7.3.33, 7.4.x below 7.4.26 and 8.0.x below 8.0.13, certain XML parsing functions, like simplexml_load_file(), URL-decode the filename passed to them. If that filename contains URL-encoded NUL character, this may cause the function to interpret this as the end of the filename, thus interpreting the filename differently from what the user intended, which may lead it to reading a different file than intended."
},
{
"lang": "es",
"value": "En PHP versiones 7.3.x anteriores a 7.3.33, 7.4.x anteriores a 7.4.26 y 8.0.x anteriores a 8.0.13, determinadas funciones de an\u00e1lisis de XML, como simplexml_load_file(), decodifican el nombre de archivo que les es pasado. Si ese nombre de archivo contiene un car\u00e1cter NUL codificado en la URL, esto puede causar que la funci\u00f3n lo interprete como el final del nombre de archivo, interpretando as\u00ed el nombre de archivo de forma diferente a la que el usuario pretend\u00eda, lo que puede conllevar a una lectura de un archivo diferente al deseado"
}
],
"id": "CVE-2021-21707",
"lastModified": "2024-11-21T05:48:52.593",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "security@php.net",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-11-29T07:15:06.397",
"references": [
{
"source": "security@php.net",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Release Notes",
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=79971"
},
{
"source": "security@php.net",
"tags": [
"Issue Tracking",
"Mailing List"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00030.html"
},
{
"source": "security@php.net",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20211223-0005/"
},
{
"source": "security@php.net",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5082"
},
{
"source": "security@php.net",
"tags": [
"Patch",
"Release Notes",
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/tns-2022-09"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Release Notes",
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=79971"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00030.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20211223-0005/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5082"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Release Notes",
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/tns-2022-09"
}
],
"sourceIdentifier": "security@php.net",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-159"
}
],
"source": "security@php.net",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-09-12 01:59
Modified
2025-04-12 10:46
Severity ?
Summary
The php_wddx_pop_element function in ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly have unspecified other impact via an invalid base64 binary value, as demonstrated by a wddx_deserialize call that mishandles a binary element in a wddxPacket XML document.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B6862C7D-F8A4-46E5-AAD4-72C29AB4FB3A",
"versionEndIncluding": "5.6.24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6890AF-8A0A-46EE-AAD5-CF9AAE14A321",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6B90B947-7B54-47F3-9637-2F4AC44079EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "35848414-BD5D-4164-84DC-61ABBB1C4152",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2B1F8402-8551-4F66-A9A7-81D472AB058E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7A773E8E-48CD-4D35-A0FD-629BD9334486",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FC492340-79AF-4676-A161-079A97EC6F0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F1C2D8FE-C380-4B43-B634-A3DBA4700A71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3EB58393-0C10-413C-8D95-6BAA8BC19A1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "751F51CA-9D88-4971-A6EC-8C0B72E8E22B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "37B74118-8FC2-44CB-9673-A83DF777B2E6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The php_wddx_pop_element function in ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly have unspecified other impact via an invalid base64 binary value, as demonstrated by a wddx_deserialize call that mishandles a binary element in a wddxPacket XML document."
},
{
"lang": "es",
"value": "La funci\u00f3n php_wddx_pop_element en ext/wddx/wddx.c en PHP en versiones anteriores a 5.6.25 y 7.x en versiones anteriores a 7.0.10 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (referencia a puntero NULL y ca\u00edda de aplicaci\u00f3n) o tener otro posible impacto no especificado a trav\u00e9s de un valor binario base64 no v\u00e1lido, seg\u00fan lo demostrado mediante una llamada wddx_deserialize que no maneja adecuadamente un elemento binario en un documento XML wddxPacket."
}
],
"id": "CVE-2016-7130",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-09-12T01:59:08.833",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://openwall.com/lists/oss-security/2016/09/02/9"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes"
],
"url": "http://www.php.net/ChangeLog-5.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes"
],
"url": "http://www.php.net/ChangeLog-7.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/92764"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1036680"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
],
"url": "https://bugs.php.net/bug.php?id=72750"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://github.com/php/php-src/commit/698a691724c0a949295991e5df091ce16f899e02?w=1"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201611-22"
},
{
"source": "cve@mitre.org",
"url": "https://www.tenable.com/security/tns-2016-19"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://openwall.com/lists/oss-security/2016/09/02/9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "http://www.php.net/ChangeLog-5.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "http://www.php.net/ChangeLog-7.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/92764"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036680"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking"
],
"url": "https://bugs.php.net/bug.php?id=72750"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://github.com/php/php-src/commit/698a691724c0a949295991e5df091ce16f899e02?w=1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201611-22"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.tenable.com/security/tns-2016-19"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-05-06 10:44
Modified
2025-04-12 10:46
Severity ?
Summary
sapi/fpm/fpm/fpm_unix.c in the FastCGI Process Manager (FPM) in PHP before 5.4.28 and 5.5.x before 5.5.12 uses 0666 permissions for the UNIX socket, which allows local users to gain privileges via a crafted FastCGI client.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AE5EC45B-7745-4ECE-82FC-478651A860C3",
"versionEndExcluding": "5.3.28",
"versionStartIncluding": "5.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8EB84629-28BF-47C7-8D33-099344266DD9",
"versionEndExcluding": "5.4.28",
"versionStartIncluding": "5.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3C4CDD11-8610-4107-910F-3364E3B2F1DF",
"versionEndExcluding": "5.5.12",
"versionStartIncluding": "5.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "sapi/fpm/fpm/fpm_unix.c in the FastCGI Process Manager (FPM) in PHP before 5.4.28 and 5.5.x before 5.5.12 uses 0666 permissions for the UNIX socket, which allows local users to gain privileges via a crafted FastCGI client."
},
{
"lang": "es",
"value": "sapi/fpm/fpm/fpm_unix.c en FastCGI Process Manager (FPM) en PHP anterior a 5.4.28 y 5.5.x anterior a 5.5.12 utiliza permisos 0666 para el socket UNIX, lo que permite a usuarios locales ganar privilegios a trav\u00e9s de un cliente FastCGI manipulado."
}
],
"id": "CVE-2014-0185",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-05-06T10:44:02.987",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00012.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59061"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59329"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT6443"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2014/04/29/5"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.php.net/ChangeLog-5.php"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.php.net/archive/2014.php#id2014-05-01-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/php5/+bug/1307027"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=67060"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1092815"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/php/php-src/commit/35ceea928b12373a3b1e3eecdc32ed323223a40d"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://hoffmann-christian.info/files/php-fpm/0001-Fix-bug-67060-use-default-mode-of-660.patch"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00012.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59061"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/59329"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT6443"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2014/04/29/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.php.net/ChangeLog-5.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.php.net/archive/2014.php#id2014-05-01-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/php5/+bug/1307027"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=67060"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1092815"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/php/php-src/commit/35ceea928b12373a3b1e3eecdc32ed323223a40d"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://hoffmann-christian.info/files/php-fpm/0001-Fix-bug-67060-use-default-mode-of-660.patch"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-02-15 04:15
Modified
2024-11-21 05:48
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
In PHP versions 7.3.x below 7.3.27, 7.4.x below 7.4.15 and 8.0.x below 8.0.2, when using SOAP extension to connect to a SOAP server, a malicious SOAP server could return malformed XML data as a response that would cause PHP to access a null pointer and thus cause a crash.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| php | php | * | |
| php | php | * | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| netapp | clustered_data_ontap | - | |
| oracle | communications_diameter_signaling_router | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "21A1DC5C-CFAD-4A37-8343-8F18F446ED45",
"versionEndExcluding": "7.3.27",
"versionStartIncluding": "7.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8043349D-1EEB-46ED-9DC4-7D1D7B60BC78",
"versionEndExcluding": "7.4.15",
"versionStartIncluding": "7.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D70FC63A-BC22-491B-836F-7FDA82D61908",
"versionEndExcluding": "8.0.2",
"versionStartIncluding": "8.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FE996B1-6951-4F85-AA58-B99A379D2163",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C88D46AF-459D-4917-9403-0F63FEC83512",
"versionEndIncluding": "8.5.0",
"versionStartIncluding": "8.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In PHP versions 7.3.x below 7.3.27, 7.4.x below 7.4.15 and 8.0.x below 8.0.2, when using SOAP extension to connect to a SOAP server, a malicious SOAP server could return malformed XML data as a response that would cause PHP to access a null pointer and thus cause a crash."
},
{
"lang": "es",
"value": "En PHP versiones 7.3.x por debajo de 7.3.27, 7.4.x por debajo de 7.4.15 y 8.0.x por debajo de 8.0.2, cuando se usa la extensi\u00f3n SOAP para conectarse a un servidor SOAP, un servidor SOAP malicioso podr\u00eda devolver datos XML malformados como respuesta eso har\u00eda que PHP acceda a un puntero null y, por tanto, causar\u00eda un bloqueo"
}
],
"id": "CVE-2021-21702",
"lastModified": "2024-11-21T05:48:51.847",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "security@php.net",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-02-15T04:15:12.673",
"references": [
{
"source": "security@php.net",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=80672"
},
{
"source": "security@php.net",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00008.html"
},
{
"source": "security@php.net",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202105-23"
},
{
"source": "security@php.net",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210312-0005/"
},
{
"source": "security@php.net",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2021/dsa-4856"
},
{
"source": "security@php.net",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"source": "security@php.net",
"tags": [
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/tns-2021-14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=80672"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00008.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202105-23"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20210312-0005/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2021/dsa-4856"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/tns-2021-14"
}
],
"sourceIdentifier": "security@php.net",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "security@php.net",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-07-25 14:59
Modified
2025-04-12 10:46
Severity ?
Summary
The locale_accept_from_http function in ext/intl/locale/locale_methods.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 does not properly restrict calls to the ICU uloc_acceptLanguageFromHTTP function, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a call with a long argument.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.1 | |
| php | php | 5.6.2 | |
| php | php | 5.6.3 | |
| php | php | 5.6.4 | |
| php | php | 5.6.5 | |
| php | php | 5.6.6 | |
| php | php | 5.6.7 | |
| php | php | 5.6.8 | |
| php | php | 5.6.9 | |
| php | php | 5.6.10 | |
| php | php | 5.6.11 | |
| php | php | 5.6.12 | |
| php | php | 5.6.13 | |
| php | php | 5.6.14 | |
| php | php | 5.6.15 | |
| php | php | 5.6.16 | |
| php | php | 5.6.17 | |
| php | php | 5.6.18 | |
| php | php | 5.6.19 | |
| php | php | 5.6.20 | |
| php | php | 5.6.21 | |
| php | php | 5.6.22 | |
| php | php | 5.6.23 | |
| php | php | 7.0.0 | |
| php | php | 7.0.1 | |
| php | php | 7.0.2 | |
| php | php | 7.0.3 | |
| php | php | 7.0.4 | |
| php | php | 7.0.5 | |
| php | php | 7.0.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11DF4C58-F13C-40DC-8821-A7C704CA964C",
"versionEndIncluding": "5.5.37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "5BF4E8FF-A3EC-43E8-A0C1-FD38AFCB77B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "54ADECFC-3C07-43BC-B296-6C25AC7F1C95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*",
"matchCriteriaId": "FE192054-2FBB-4388-A52A-422E20DEA2D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*",
"matchCriteriaId": "F0195D48-3B42-4AC0-B9C5-436E01C63879",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*",
"matchCriteriaId": "BF0E5D67-ABC1-41A5-94E1-7DD3CDB51D81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "319E0573-B1AD-40B6-B4BC-8BE67ED3EFDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "1A7C00EB-87B7-4EB7-A4AC-8665D8C78467",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "21BFCF10-786A-4D1E-9C37-50A1EC6056F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "95A6D6C8-5F46-4897-A0B0-778631E8CE6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F1F13E2D-A8F7-4B74-8D03-7905C81672C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE18933A-5FE6-41C7-B1B6-DA3E762C3FB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9AE1289F-03A6-4621-B387-5F5ADAC4AE92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "383697F5-D29E-475A-84F3-46B54A928889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "786ED182-5D71-4197-9196-12AB5CF05F85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF90980D-74AD-44AA-A7C5-A0B294CCE4F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "48D6B69C-8F27-4F4C-B953-67A7F9C2FBA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B53DC0C3-EA19-4465-B65A-BC7CDB10D8BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "BEA4DFC1-6C0C-42FB-9F47-E3E1AA9E47E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "D904E21A-4B3B-4D96-850C-0C0315F14E6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.11:*:*:*:*:*:*:*",
"matchCriteriaId": "C7CEF6D7-8966-45E7-BEBB-12055F5898C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.12:*:*:*:*:*:*:*",
"matchCriteriaId": "171C1035-414C-4F3A-90F4-1A8ED26E3346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.13:*:*:*:*:*:*:*",
"matchCriteriaId": "725BBA4E-B3BA-4AFA-A284-E0CDE3EC8FB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.14:*:*:*:*:*:*:*",
"matchCriteriaId": "F7793408-66A2-4DE7-B5AA-E49E8A2EE043",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.15:*:*:*:*:*:*:*",
"matchCriteriaId": "95840EC0-512D-468D-99B0-17E8CFDD6BE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.16:*:*:*:*:*:*:*",
"matchCriteriaId": "E1078D15-8073-4C04-82C2-3C8111E18B6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.17:*:*:*:*:*:*:*",
"matchCriteriaId": "1B2E5E0C-8DD7-4CF8-A7E7-28ED0FD8B0C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.18:*:*:*:*:*:*:*",
"matchCriteriaId": "3E6EE9E4-9D6E-4CCC-B116-6020DA6884BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.19:*:*:*:*:*:*:*",
"matchCriteriaId": "F9A23E37-8B94-440A-8014-389AC5389A19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.20:*:*:*:*:*:*:*",
"matchCriteriaId": "AD5E20AF-724B-4DBD-9AED-920375666B6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.21:*:*:*:*:*:*:*",
"matchCriteriaId": "FD008BBB-10C9-48E2-97B8-6B86B54FD48E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.22:*:*:*:*:*:*:*",
"matchCriteriaId": "90727984-6853-4348-B3CD-4869788117FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.23:*:*:*:*:*:*:*",
"matchCriteriaId": "08AA5F56-9D59-436E-BEB8-68A8A73B6D32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6890AF-8A0A-46EE-AAD5-CF9AAE14A321",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6B90B947-7B54-47F3-9637-2F4AC44079EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "35848414-BD5D-4164-84DC-61ABBB1C4152",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2B1F8402-8551-4F66-A9A7-81D472AB058E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7A773E8E-48CD-4D35-A0FD-629BD9334486",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FC492340-79AF-4676-A161-079A97EC6F0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "751F51CA-9D88-4971-A6EC-8C0B72E8E22B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The locale_accept_from_http function in ext/intl/locale/locale_methods.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 does not properly restrict calls to the ICU uloc_acceptLanguageFromHTTP function, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a call with a long argument."
},
{
"lang": "es",
"value": "La funci\u00f3n locale_accept_from_http en ext/intl/locale/locale_methods.c en PHP en versiones anteriores a 5.5.38, 5.6.x en versiones anteriores a 5.6.24 y 7.x en versiones anteriores a 7.0.9 no restringe correctamente llamadas para la funci\u00f3n ICU uloc_acceptLanguageFromHTTP, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (lectura fuera de rango) o posiblemente tener otro impacto no especificado a trav\u00e9s de una llamada con un argumento largo"
}
],
"id": "CVE-2016-6294",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-07-25T14:59:07.577",
"references": [
{
"source": "cve@mitre.org",
"url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=aa82e99ed8003c01f1ef4f0940e56b85c5b032d4"
},
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://openwall.com/lists/oss-security/2016/07/24/2"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes"
],
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes"
],
"url": "http://php.net/ChangeLog-7.php"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2016/dsa-3631"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/92115"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1036430"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Mitigation",
"Patch",
"Third Party Advisory"
],
"url": "https://bugs.php.net/72533"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201611-22"
},
{
"source": "cve@mitre.org",
"url": "https://support.apple.com/HT207170"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=aa82e99ed8003c01f1ef4f0940e56b85c5b032d4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://openwall.com/lists/oss-security/2016/07/24/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "http://php.net/ChangeLog-7.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3631"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/92115"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036430"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Mitigation",
"Patch",
"Third Party Advisory"
],
"url": "https://bugs.php.net/72533"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201611-22"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.apple.com/HT207170"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-16 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Oracle MySQL before 5.7.3, Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3, and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack, aka a "BACKRONYM" attack.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | mysql | * | |
| oracle | mysql_connector\/c | * | |
| mariadb | mariadb | * | |
| mariadb | mariadb | * | |
| fedoraproject | fedora | 21 | |
| fedoraproject | fedora | 22 | |
| debian | debian_linux | 8.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_eus | 7.1 | |
| redhat | enterprise_linux_eus | 7.2 | |
| redhat | enterprise_linux_eus | 7.3 | |
| redhat | enterprise_linux_eus | 7.4 | |
| redhat | enterprise_linux_eus | 7.5 | |
| redhat | enterprise_linux_eus | 7.6 | |
| redhat | enterprise_linux_eus | 7.7 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.3 | |
| redhat | enterprise_linux_server_aus | 7.4 | |
| redhat | enterprise_linux_server_aus | 7.6 | |
| redhat | enterprise_linux_server_aus | 7.7 | |
| redhat | enterprise_linux_server_tus | 7.3 | |
| redhat | enterprise_linux_server_tus | 7.6 | |
| redhat | enterprise_linux_server_tus | 7.7 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| php | php | * | |
| php | php | * | |
| php | php | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*",
"matchCriteriaId": "926168AA-A4C7-4D0F-B7E6-505F14EC6F77",
"versionEndIncluding": "5.7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:mysql_connector\\/c:*:*:*:*:*:*:*:*",
"matchCriteriaId": "415DC27C-6D55-4A72-996C-4FAF6F236452",
"versionEndIncluding": "6.1.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0355A15B-CA1A-4FC6-A56B-80867F7A3B65",
"versionEndExcluding": "5.5.44",
"versionStartIncluding": "5.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ADBF8224-90AF-4BDB-8F1B-C54BD72D863C",
"versionEndExcluding": "10.0.20",
"versionStartIncluding": "10.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*",
"matchCriteriaId": "56BDB5A0-0839-4A20-A003-B8CD56F48171",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*",
"matchCriteriaId": "253C303A-E577-4488-93E6-68A8DD942C38",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A67A7B7A-998D-4B8C-8831-6E58406565FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE1D81A1-CD24-4B17-8AFD-DC95E90AD7D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "807C024A-F8E8-4B48-A349-4C68CD252CA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F96E3779-F56A-45FF-BB3D-4980527D721E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0CF73560-2F5B-4723-A8A1-9AADBB3ADA00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF3C7A5-9117-42C7-BEA1-4AA378A582EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "83737173-E12E-4641-BC49-0BD84A6B29D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "98381E61-F082-4302-B51F-5648884F998B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7431ABC1-9252-419E-8CC1-311B41360078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "17F256A9-D3B9-4C72-B013-4EFD878BFEA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C6938C3C-06A2-47BD-8F9E-D2CF73A6E241",
"versionEndExcluding": "5.4.43",
"versionStartIncluding": "5.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5AD26FB9-C4EA-493C-A0FA-B51F99179C53",
"versionEndExcluding": "5.5.27",
"versionStartIncluding": "5.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "442A88BF-E4CD-42CF-87B4-941E7A530F7D",
"versionEndExcluding": "5.6.11",
"versionStartIncluding": "5.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Oracle MySQL before 5.7.3, Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3, and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack, aka a \"BACKRONYM\" attack."
},
{
"lang": "es",
"value": "Oracle MySQL en versiones anteriores a 5.7.3, Oracle MySQL Connector/C (tambi\u00e9n conocido como libmysqlclient) en versiones anteriores a 6.1.3 y MariaDB en versiones anteriores a 5.5.44 utiliza la opci\u00f3n --ssl significa que SSL es opcional, lo que permite a atacantes man-in-the-middle suplantar servidores a trav\u00e9s de un ataque de degradaci\u00f3n de texto plano, tambi\u00e9n conocida como un ataque \"BACKRONYM\"."
}
],
"id": "CVE-2015-3152",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-16T10:59:01.220",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161436.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161625.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://mysqlblog.fivefarmers.com/2014/04/02/redefining-ssl-option/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://mysqlblog.fivefarmers.com/2015/04/29/ssltls-in-5-6-and-5-5-ocert-advisory/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/131688/MySQL-SSL-TLS-Downgrade.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1646.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1647.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1665.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3311"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ocert.org/advisories/ocert-2015-003.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/535397/100/1100/threaded"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/74398"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032216"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/cve-2015-3152"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/mysql/mysql-server/commit/3bd5589e1a5a93f9c224badf983cd65c45215390"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://jira.mariadb.org/browse/MDEV-7937"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.duosecurity.com/blog/backronym-mysql-vulnerability"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161436.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161625.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://mysqlblog.fivefarmers.com/2014/04/02/redefining-ssl-option/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://mysqlblog.fivefarmers.com/2015/04/29/ssltls-in-5-6-and-5-5-ocert-advisory/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/131688/MySQL-SSL-TLS-Downgrade.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1646.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1647.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1665.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3311"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ocert.org/advisories/ocert-2015-003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/535397/100/1100/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/74398"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032216"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/cve-2015-3152"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/mysql/mysql-server/commit/3bd5589e1a5a93f9c224badf983cd65c45215390"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://jira.mariadb.org/browse/MDEV-7937"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.duosecurity.com/blog/backronym-mysql-vulnerability"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-295"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-24 21:59
Modified
2025-04-20 01:37
Severity ?
Summary
Off-by-one error in the phar_parse_pharfile function in ext/phar/phar.c in PHP before 5.6.30 and 7.0.x before 7.0.15 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted PHAR archive with an alias mismatch.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| php | php | * | |
| php | php | * | |
| netapp | clustered_data_ontap | - | |
| debian | debian_linux | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F62FA4CA-E2F5-4414-B07D-AFD68388412A",
"versionEndExcluding": "5.6.30",
"versionStartIncluding": "5.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A59822F-11EA-4F4D-9721-6D3DD9842FC8",
"versionEndExcluding": "7.0.15",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "473456E3-B45F-46C0-AEF8-72D78487CF38",
"versionEndExcluding": "7.1.1",
"versionStartIncluding": "7.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FE996B1-6951-4F85-AA58-B99A379D2163",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Off-by-one error in the phar_parse_pharfile function in ext/phar/phar.c in PHP before 5.6.30 and 7.0.x before 7.0.15 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted PHAR archive with an alias mismatch."
},
{
"lang": "es",
"value": "Error por un paso en la funci\u00f3n phar_parse_pharfile en ext/phar/phar.c en PHP en versiones anteriores a 5.6.30 y 7.0.x en versiones anteriores a 7.0.15 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de un archivo PHAR manipulado con un desajuste del alias."
}
],
"id": "CVE-2016-10160",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-24T21:59:00.227",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://php.net/ChangeLog-7.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3783"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95783"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037659"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1296"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=73768"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/php/php-src/commit/b28b8b2fee6dfa6fcd13305c581bb835689ac3be"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201702-29"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180112-0001/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/tns-2017-04"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://php.net/ChangeLog-7.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3783"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95783"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037659"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1296"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=73768"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/php/php-src/commit/b28b8b2fee6dfa6fcd13305c581bb835689ac3be"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201702-29"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180112-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/tns-2017-04"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-193"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-08-02 15:29
Modified
2024-11-21 03:35
Severity ?
Summary
PHP 7.x through 7.1.5 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a long string because of an Integer overflow in mysqli_real_escape_string.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://access.redhat.com/errata/RHSA-2019:2519 | Third Party Advisory | |
| cve@mitre.org | https://bugs.php.net/bug.php?id=74544 | Exploit, Issue Tracking, Patch, Vendor Advisory | |
| cve@mitre.org | https://security.netapp.com/advisory/ntap-20181107-0003/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2019:2519 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.php.net/bug.php?id=74544 | Exploit, Issue Tracking, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20181107-0003/ | Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "99C0E54A-AA13-4E05-A54D-365E1D261EE8",
"versionEndIncluding": "7.1.5",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "28F655C2-4A73-417A-B36B-313F84A6C763",
"versionEndExcluding": "7.4.23",
"versionStartIncluding": "7.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B6C16052-5EDF-4DB6-BE5B-8A6820502834",
"versionEndExcluding": "8.0.10",
"versionStartIncluding": "8.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B7A6697-98CC-4E36-93DB-B7160F8399F9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PHP 7.x through 7.1.5 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a long string because of an Integer overflow in mysqli_real_escape_string."
},
{
"lang": "es",
"value": "PHP en versiones 7.x hasta la 7.1.5, permite que atacantes remotos provoquen una denegaci\u00f3n de servicio (desbordamiento de b\u00fafer y cierre inesperado de la aplicaci\u00f3n) o, probablemente, cualquier otro tipo de problema mediante una cadena larga debido a un desbordamiento de enteros en mysqli_real_escape_string."
}
],
"id": "CVE-2017-9120",
"lastModified": "2024-11-21T03:35:22.103",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-08-02T15:29:00.277",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2519"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=74544"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20181107-0003/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2519"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=74544"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20181107-0003/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-09-04 22:17
Modified
2025-04-09 00:30
Severity ?
Summary
Directory traversal vulnerability in PHP before 5.2.4 allows attackers to bypass open_basedir restrictions via unspecified vectors involving the glob function.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0CDA10FE-C930-4399-A0AE-1C9A6D547FB9",
"versionEndIncluding": "5.2.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in PHP before 5.2.4 allows attackers to bypass open_basedir restrictions via unspecified vectors involving the glob function."
},
{
"lang": "es",
"value": "Vulnerabilidad de salto de directorio en PHP versiones anteriores a 5.2.4 permite a atacantes evitar restricciones open_basedir mediante vectores no especificados involucrando la funci\u00f3n glob."
}
],
"id": "CVE-2007-4663",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-09-04T22:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26642"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/26838"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/27102"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/27377"
},
{
"source": "cve@mitre.org",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.php.net/ChangeLog-5.php#5.2.4"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.php.net/releases/5_2_4.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/3023"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36386"
},
{
"source": "cve@mitre.org",
"url": "https://issues.rpath.com/browse/RPL-1693"
},
{
"source": "cve@mitre.org",
"url": "https://issues.rpath.com/browse/RPL-1702"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26642"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26838"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/27102"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/27377"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.php.net/ChangeLog-5.php#5.2.4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.php.net/releases/5_2_4.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/3023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36386"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://issues.rpath.com/browse/RPL-1693"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://issues.rpath.com/browse/RPL-1702"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Due to the nature of safe_mode and open_basedir restrictions, and in alignment with the PHP group\u2019s stance on these features, Mandriva does not consider this a security issue.",
"lastModified": "2007-09-18T00:00:00",
"organization": "Mandriva"
},
{
"comment": "We do not consider these to be security issues. For more details see http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=169857#c1\nand http://www.php.net/security-note.php\n",
"lastModified": "2007-09-05T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-18 03:29
Modified
2025-04-20 01:37
Severity ?
Summary
ext/standard/var_unserializer.re in PHP 7.0.x through 7.0.22 and 7.1.x through 7.1.8 is prone to a heap use after free while unserializing untrusted data, related to improper use of the hash API for key deletion in a situation with an invalid array size. Exploitation of this issue can have an unspecified impact on the integrity of PHP.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | 7.0.0 | |
| php | php | 7.0.1 | |
| php | php | 7.0.2 | |
| php | php | 7.0.3 | |
| php | php | 7.0.4 | |
| php | php | 7.0.5 | |
| php | php | 7.0.6 | |
| php | php | 7.0.7 | |
| php | php | 7.0.8 | |
| php | php | 7.0.9 | |
| php | php | 7.0.10 | |
| php | php | 7.0.11 | |
| php | php | 7.0.12 | |
| php | php | 7.0.13 | |
| php | php | 7.0.14 | |
| php | php | 7.0.15 | |
| php | php | 7.0.16 | |
| php | php | 7.0.17 | |
| php | php | 7.0.18 | |
| php | php | 7.0.19 | |
| php | php | 7.0.20 | |
| php | php | 7.0.21 | |
| php | php | 7.0.22 | |
| php | php | 7.1.0 | |
| php | php | 7.1.1 | |
| php | php | 7.1.2 | |
| php | php | 7.1.3 | |
| php | php | 7.1.4 | |
| php | php | 7.1.5 | |
| php | php | 7.1.6 | |
| php | php | 7.1.7 | |
| php | php | 7.1.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6890AF-8A0A-46EE-AAD5-CF9AAE14A321",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6B90B947-7B54-47F3-9637-2F4AC44079EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "35848414-BD5D-4164-84DC-61ABBB1C4152",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2B1F8402-8551-4F66-A9A7-81D472AB058E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7A773E8E-48CD-4D35-A0FD-629BD9334486",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FC492340-79AF-4676-A161-079A97EC6F0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F1C2D8FE-C380-4B43-B634-A3DBA4700A71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3EB58393-0C10-413C-8D95-6BAA8BC19A1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "751F51CA-9D88-4971-A6EC-8C0B72E8E22B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "37B74118-8FC2-44CB-9673-A83DF777B2E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "4D56A200-1477-40DA-9444-CFC946157C69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "FD0D1CCC-A857-4C15-899E-08F9255CEE34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "6745CC43-2836-4CD8-848F-EEA08AE9D5AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "7BEB6696-14F9-4D9B-9974-B682FFBB828E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "04146390-021D-4147-9830-9EAA90D120A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "5B124547-DC1D-4A92-B8AB-8A1900063786",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "F45B2127-CF3D-4D59-9042-AE6DF2908319",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "29A450E3-931F-4487-A76D-80A38210297A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "C099A0C4-883D-42ED-8359-FFD3ADD692A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.19:*:*:*:*:*:*:*",
"matchCriteriaId": "ABD07432-5A23-491E-892E-42F0F58307D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.20:*:*:*:*:*:*:*",
"matchCriteriaId": "19627ECC-9342-4917-8FCC-7757339E3242",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.21:*:*:*:*:*:*:*",
"matchCriteriaId": "8FF89D76-3FB3-42FA-80FF-53C2E222F9E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.22:*:*:*:*:*:*:*",
"matchCriteriaId": "AF27AF4F-68BB-465A-8668-44833A87D023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0C68AA43-ED90-4B98-A5F8-4E210C2CC7CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2466D297-9442-40B0-A1A7-F9D166396CF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EADBF7EE-18DC-49F9-BF2F-A09BBAE76F45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1726E9B6-A7FA-402B-A911-0CE81C623087",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C3670FF7-2CA3-41A4-92FE-0123497E4E87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1C22CE03-DFE5-4CD3-B229-10B219A55434",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C258AF27-84DF-4FC3-A651-1349BB567FB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "4E4E7085-5075-4682-BBDD-55BBF828167E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C84BB8CA-DD39-44F6-8C9C-FF1467815B5E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ext/standard/var_unserializer.re in PHP 7.0.x through 7.0.22 and 7.1.x through 7.1.8 is prone to a heap use after free while unserializing untrusted data, related to improper use of the hash API for key deletion in a situation with an invalid array size. Exploitation of this issue can have an unspecified impact on the integrity of PHP."
},
{
"lang": "es",
"value": "Ext/standard/var_unserializer.re en PHP en en sus versiones 7.0.x hasta 7.0.22 y versiones 7.1.x hasta 7.1.8 es propenso a un uso de memoria din\u00e1mica antes de liberaci\u00f3n (heap use after free) al deserializar datos que no son de confianza. Esto est\u00e1 relacionado con el uso incorrecto de la API hash para borrado de claves en una situaci\u00f3n de tama\u00f1o de array no v\u00e1lido. La explotaci\u00f3n de este problema puede tener un impacto sin especificar en la integridad de PHP."
}
],
"id": "CVE-2017-12932",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-18T03:29:00.183",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://php.net/ChangeLog-7.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100427"
},
{
"source": "cve@mitre.org",
"url": "https://access.redhat.com/errata/RHSA-2018:1296"
},
{
"source": "cve@mitre.org",
"url": "https://access.redhat.com/errata/RHSA-2019:2519"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=74103"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/php/php-src/commit/1a23ebc1fff59bf480ca92963b36eba5c1b904c4"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201709-21"
},
{
"source": "cve@mitre.org",
"url": "https://security.netapp.com/advisory/ntap-20180112-0001/"
},
{
"source": "cve@mitre.org",
"url": "https://www.debian.org/security/2018/dsa-4080"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://php.net/ChangeLog-7.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100427"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2018:1296"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2019:2519"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=74103"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/php/php-src/commit/1a23ebc1fff59bf480ca92963b36eba5c1b904c4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201709-21"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20180112-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.debian.org/security/2018/dsa-4080"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-08-23 01:55
Modified
2025-04-12 10:46
Severity ?
Summary
Multiple buffer overflows in the php_parserr function in ext/standard/dns.c in PHP before 5.4.32 and 5.5.x before 5.5.16 allow remote DNS servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted DNS record, related to the dns_get_record function and the dn_expand function. NOTE: this issue exists because of an incomplete fix for CVE-2014-4049.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| php | php | 5.4.0 | |
| php | php | 5.4.0 | |
| php | php | 5.4.0 | |
| php | php | 5.4.0 | |
| php | php | 5.4.1 | |
| php | php | 5.4.2 | |
| php | php | 5.4.3 | |
| php | php | 5.4.4 | |
| php | php | 5.4.5 | |
| php | php | 5.4.6 | |
| php | php | 5.4.7 | |
| php | php | 5.4.8 | |
| php | php | 5.4.9 | |
| php | php | 5.4.10 | |
| php | php | 5.4.11 | |
| php | php | 5.4.12 | |
| php | php | 5.4.12 | |
| php | php | 5.4.12 | |
| php | php | 5.4.13 | |
| php | php | 5.4.13 | |
| php | php | 5.4.14 | |
| php | php | 5.4.14 | |
| php | php | 5.4.15 | |
| php | php | 5.4.15 | |
| php | php | 5.4.16 | |
| php | php | 5.4.17 | |
| php | php | 5.4.18 | |
| php | php | 5.4.19 | |
| php | php | 5.4.20 | |
| php | php | 5.4.21 | |
| php | php | 5.4.22 | |
| php | php | 5.4.23 | |
| php | php | 5.4.24 | |
| php | php | 5.4.25 | |
| php | php | 5.4.26 | |
| php | php | 5.4.27 | |
| php | php | 5.4.28 | |
| php | php | 5.4.29 | |
| php | php | 5.4.30 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.1 | |
| php | php | 5.5.2 | |
| php | php | 5.5.3 | |
| php | php | 5.5.4 | |
| php | php | 5.5.5 | |
| php | php | 5.5.6 | |
| php | php | 5.5.7 | |
| php | php | 5.5.8 | |
| php | php | 5.5.9 | |
| php | php | 5.5.10 | |
| php | php | 5.5.11 | |
| php | php | 5.5.12 | |
| php | php | 5.5.13 | |
| php | php | 5.5.14 | |
| php | php | 5.5.15 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8AAB5BB1-6118-43E2-AE1E-2E824B79D493",
"versionEndIncluding": "5.4.31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E7B9B8D2-78B7-4B17-955B-741C7A6F6634",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "2F332C82-FD1F-44BC-9FEB-69A463CF5B5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.0:beta2:32-bit:*:*:*:*:*",
"matchCriteriaId": "47D6EBD2-7387-4936-B4C9-0D6C83916BCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "6B052DD4-8A4E-44A0-A4ED-CC9E8757EBC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5CA2A940-BD69-4D35-AF12-432CB929248B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "29BD13F9-86C8-44C4-A860-9A87870A518E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1B361FDE-9F6A-4E9A-96F1-619DC56EECB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3DBD9E7B-1237-47A8-8A07-5CC5246A9C5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6F2BB41E-2096-4291-B0ED-06825FDFE8BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "52BA94F7-1AF9-415C-AC21-30BC25C74C5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D0A739A0-698A-422B-886B-430A79F6E945",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "086E0D24-A43E-4CEA-9FB0-FE193B88CC31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "EC8D0963-8CA5-4814-9B6D-4E1C3907737B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "77A4B7E0-C872-4E53-AD72-1BB2755E4FDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "EECCD553-53D5-485E-8C21-E2A5070833B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "95357C79-A754-4E0C-B65B-0FA241962B12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.12:rc1:*:*:*:*:*:*",
"matchCriteriaId": "25EAF9A9-F7A1-4AC7-BCFD-769BE0FDB537",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.12:rc2:*:*:*:*:*:*",
"matchCriteriaId": "74EA8037-7C22-48B3-9FA2-4BFFFFD513D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.13:*:*:*:*:*:*:*",
"matchCriteriaId": "C8D1254E-0C72-4958-BA7F-5B818C3ACB15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.13:rc1:*:*:*:*:*:*",
"matchCriteriaId": "92994FFC-F362-48AC-9CA8-8EBCAC880C91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.14:*:*:*:*:*:*:*",
"matchCriteriaId": "21131DF1-1EE5-4C84-B1E0-FA75BC39B344",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.14:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0B23F85D-465B-4176-9798-E78AADE421EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.15:*:*:*:*:*:*:*",
"matchCriteriaId": "08A0FB69-9BB2-4CCA-87C5-18368109D6E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.15:rc1:*:*:*:*:*:*",
"matchCriteriaId": "ADEE52B4-8392-4321-8C00-FABA6270E728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.16:rc1:*:*:*:*:*:*",
"matchCriteriaId": "57D74F58-DB3A-4A70-93CF-B350DB65EF49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.17:*:*:*:*:*:*:*",
"matchCriteriaId": "AAEE86A0-C3FC-446E-8DF0-4FA32F741E1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.18:*:*:*:*:*:*:*",
"matchCriteriaId": "90B670B6-A211-40C6-A8A0-1B0188EF891F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.19:*:*:*:*:*:*:*",
"matchCriteriaId": "AAAC4776-F3FF-42D8-AC6E-4746987D30BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.20:*:*:*:*:*:*:*",
"matchCriteriaId": "41DC16B7-7A45-4BDE-B340-F17D97CA3BDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.21:*:*:*:*:*:*:*",
"matchCriteriaId": "0FD7C2E6-9B34-4890-A0D1-39BB8ECA47E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.22:*:*:*:*:*:*:*",
"matchCriteriaId": "4F8F72EC-7431-4B36-89EF-E7593ACFBFEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.23:*:*:*:*:*:*:*",
"matchCriteriaId": "86E9AC84-430D-4FDA-8FFE-B77E17803A11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.24:*:*:*:*:*:*:*",
"matchCriteriaId": "5238A7AE-D3FD-4465-95D7-F9C8787F9463",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.25:*:*:*:*:*:*:*",
"matchCriteriaId": "6B877725-43E7-479E-9FA3-6D2FFE89B620",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.26:*:*:*:*:*:*:*",
"matchCriteriaId": "AB33BBC0-9D17-4369-A52D-B4B65150380A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.27:*:*:*:*:*:*:*",
"matchCriteriaId": "95E112B5-12CC-40D5-AA1E-B5FB1ABC831E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.28:*:*:*:*:*:*:*",
"matchCriteriaId": "B078B1E5-14BD-4004-8384-4656E1063EC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.29:*:*:*:*:*:*:*",
"matchCriteriaId": "27BB02F3-99A1-428C-A3C9-614B1277C88D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.30:*:*:*:*:*:*:*",
"matchCriteriaId": "42873F3E-55BA-4CF3-BA13-13E49E59C363",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9F6D9B19-E64D-4BED-9194-17460CE19E6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "3D25E591-448C-4E3B-8557-6E48F7571796",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "6DA18F3F-B4B5-40C3-BF19-67C1F0C1787D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha3:*:*:*:*:*:*",
"matchCriteriaId": "3AF783C9-26E7-4E02-BD41-77B9783667E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha4:*:*:*:*:*:*",
"matchCriteriaId": "EF49701D-ECE4-4CEB-BDAB-24C09C8AD4B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha5:*:*:*:*:*:*",
"matchCriteriaId": "7AEDF6F7-001D-4A35-A26F-417991AD377F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha6:*:*:*:*:*:*",
"matchCriteriaId": "4031DB99-B4B4-41EC-B3C1-543D92C575A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "D5450EA7-A398-49D2-AA8E-7C95B074BAB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "04FE0E4E-BC94-4DC9-BE9B-DC57B952B2FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "BB8E09D8-9CBE-4279-88B7-24A214A5A537",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "2D41ECCE-887D-49A2-9BB3-B559495AC55B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "79B418BC-27F4-4443-A0F7-FF4ADA568C1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "8EEBDF62-BA1B-4438-9AEA-8B56AA5713E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F644EA6C-50C6-4A1C-A4AC-287AA9477B46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4DD47F30-74F5-48E8-8657-C2373FE2BD22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0C09527B-6B47-41F8-BDE6-01C47E452286",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2E454D87-23CB-4D7F-90FE-942EE54D661F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1031E646-F2CF-4A3E-8E6A-5D4BC950BEDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "130E50C1-D209-4CFF-9399-69D561340FBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F29948-9417-460B-8B04-D91AE4E8B423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A37D00C1-4F41-4400-9CE4-8E8BAA3E4142",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "093D08B7-CC3C-4616-8697-F15B253A7D9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E9CD8FEE-DE7B-47CB-9985-4092BFA071D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "A30B2D9E-F289-43C9-BFBC-1CEF284A417E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*",
"matchCriteriaId": "FE41CFDF-8ECD-41C1-94A7-5AFD42C5DDEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*",
"matchCriteriaId": "6AEAC9BA-AF82-4345-839C-D339DCB962A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:*",
"matchCriteriaId": "1EFE682F-52E3-48EC-A993-F522FC29712F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.15:*:*:*:*:*:*:*",
"matchCriteriaId": "840EE3AC-5293-4F33-9E2C-96A0A2534B02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in the php_parserr function in ext/standard/dns.c in PHP before 5.4.32 and 5.5.x before 5.5.16 allow remote DNS servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted DNS record, related to the dns_get_record function and the dn_expand function. NOTE: this issue exists because of an incomplete fix for CVE-2014-4049."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de buffer en la funci\u00f3n php_parserr en ext/standard/dns.c en PHP anterior a 5.4.32 y 5.5.x anterior a 5.5.16 permiten a servidores DNS remotos causar una denegaci\u00f3n de servicio (la ca\u00edda de la aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de un registro DNS manipulado, relacionado con la funci\u00f3n dns_get_record y la funci\u00f3n dn_expand. NOTA: este problema existe debido a una soluci\u00f3n incompleta para CVE-2014-4049."
}
],
"id": "CVE-2014-3597",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-08-23T01:55:02.023",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-updates/2014-09/msg00024.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-updates/2014-09/msg00055.html"
},
{
"source": "secalert@redhat.com",
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1326.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1327.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1765.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1766.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/60609"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/60696"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2014/dsa-3008"
},
{
"source": "secalert@redhat.com",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/69322"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-2344-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=67717"
},
{
"source": "secalert@redhat.com",
"url": "https://github.com/php/php-src/commit/2fefae47716d501aec41c1102f3fd4531f070b05"
},
{
"source": "secalert@redhat.com",
"url": "https://security-tracker.debian.org/tracker/CVE-2014-3597"
},
{
"source": "secalert@redhat.com",
"url": "https://support.apple.com/HT204659"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2014-09/msg00024.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2014-09/msg00055.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1326.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1327.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1765.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1766.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60609"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60696"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2014/dsa-3008"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/69322"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2344-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=67717"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/php/php-src/commit/2fefae47716d501aec41c1102f3fd4531f070b05"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security-tracker.debian.org/tracker/CVE-2014-3597"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.apple.com/HT204659"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-08-25 14:22
Modified
2025-04-11 00:51
Severity ?
Summary
The crypt function in PHP 5.3.7, when the MD5 hash type is used, returns the value of the salt argument instead of the hashed string, which might allow remote attackers to bypass authentication via an arbitrary password, a different vulnerability than CVE-2011-2483.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:5.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "ACDF768D-7F5A-4042-B7DD-398F65F3F094",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The crypt function in PHP 5.3.7, when the MD5 hash type is used, returns the value of the salt argument instead of the hashed string, which might allow remote attackers to bypass authentication via an arbitrary password, a different vulnerability than CVE-2011-2483."
},
{
"lang": "es",
"value": "La funci\u00f3n de cifrado en PHP v5.3.7, cuando el tipo de hash MD5 se utiliza, se devuelve el valor del argumento en vez de la cadena hash, lo que podr\u00eda permitir a atacantes remotos evitar la autenticaci\u00f3n a trav\u00e9s de una contrase\u00f1a arbitraria, una vulnerabilidad diferente a CVE-2011-2483."
}
],
"id": "CVE-2011-3189",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-08-25T14:22:48.023",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html"
},
{
"source": "secalert@redhat.com",
"url": "http://osvdb.org/74726"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/45678"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT5130"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2011/08/23/4"
},
{
"source": "secalert@redhat.com",
"url": "http://www.php.net/ChangeLog-5.php#5.3.8"
},
{
"source": "secalert@redhat.com",
"url": "http://www.php.net/archive/2011.php#id2011-08-23-1"
},
{
"source": "secalert@redhat.com",
"url": "https://bugs.gentoo.org/show_bug.cgi?id=380261"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "https://bugs.php.net/bug.php?id=55439"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69429"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/74726"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/45678"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5130"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2011/08/23/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.php.net/ChangeLog-5.php#5.3.8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.php.net/archive/2011.php#id2011-08-23-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugs.gentoo.org/show_bug.cgi?id=380261"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://bugs.php.net/bug.php?id=55439"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69429"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-310"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-03-03 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Unknown vulnerability in CGI module for PHP 4.3.0 allows attackers to access arbitrary files as the PHP user, and possibly execute PHP code, by bypassing the CGI force redirect settings (cgi.force_redirect or --enable-force-cgi-redirect).
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "63190D9B-7958-4B93-87C6-E7D5A572F6DC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unknown vulnerability in CGI module for PHP 4.3.0 allows attackers to access arbitrary files as the PHP user, and possibly execute PHP code, by bypassing the CGI force redirect settings (cgi.force_redirect or --enable-force-cgi-redirect)."
}
],
"id": "CVE-2003-0097",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-03-03T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=104550977011668\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=104567042700840\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=104567137502557\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/11343.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/6875"
},
{
"source": "cve@mitre.org",
"url": "http://www.slackware.com/changelog/current.php?cpu=i386"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=104550977011668\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=104567042700840\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=104567137502557\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/11343.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/6875"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.slackware.com/changelog/current.php?cpu=i386"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-01-03 02:59
Modified
2025-04-12 10:46
Severity ?
Summary
sapi/cgi/cgi_main.c in the CGI component in PHP through 5.4.36, 5.5.x through 5.5.20, and 5.6.x through 5.6.4, when mmap is used to read a .php file, does not properly consider the mapping's length during processing of an invalid file that begins with a # character and lacks a newline character, which causes an out-of-bounds read and might (1) allow remote attackers to obtain sensitive information from php-cgi process memory by leveraging the ability to upload a .php file or (2) trigger unexpected code execution if a valid PHP script is present in memory locations adjacent to the mapping.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | 1.0 | |
| php | php | 2.0 | |
| php | php | 2.0b10 | |
| php | php | 3.0 | |
| php | php | 3.0.1 | |
| php | php | 3.0.2 | |
| php | php | 3.0.3 | |
| php | php | 3.0.4 | |
| php | php | 3.0.5 | |
| php | php | 3.0.6 | |
| php | php | 3.0.7 | |
| php | php | 3.0.8 | |
| php | php | 3.0.9 | |
| php | php | 3.0.10 | |
| php | php | 3.0.11 | |
| php | php | 3.0.12 | |
| php | php | 3.0.13 | |
| php | php | 3.0.14 | |
| php | php | 3.0.15 | |
| php | php | 3.0.16 | |
| php | php | 3.0.17 | |
| php | php | 3.0.18 | |
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0.0 | |
| php | php | 4.0.1 | |
| php | php | 4.0.2 | |
| php | php | 4.0.3 | |
| php | php | 4.0.4 | |
| php | php | 4.0.5 | |
| php | php | 4.0.6 | |
| php | php | 4.0.7 | |
| php | php | 4.1.0 | |
| php | php | 4.1.1 | |
| php | php | 4.1.2 | |
| php | php | 4.2.0 | |
| php | php | 4.2.1 | |
| php | php | 4.2.2 | |
| php | php | 4.2.3 | |
| php | php | 4.3.0 | |
| php | php | 4.3.1 | |
| php | php | 4.3.2 | |
| php | php | 4.3.3 | |
| php | php | 4.3.4 | |
| php | php | 4.3.5 | |
| php | php | 4.3.6 | |
| php | php | 4.3.7 | |
| php | php | 4.3.8 | |
| php | php | 4.3.9 | |
| php | php | 4.3.10 | |
| php | php | 4.3.11 | |
| php | php | 4.4.0 | |
| php | php | 4.4.1 | |
| php | php | 4.4.2 | |
| php | php | 4.4.3 | |
| php | php | 4.4.4 | |
| php | php | 4.4.5 | |
| php | php | 4.4.6 | |
| php | php | 4.4.7 | |
| php | php | 4.4.8 | |
| php | php | 4.4.9 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.1 | |
| php | php | 5.0.2 | |
| php | php | 5.0.3 | |
| php | php | 5.0.4 | |
| php | php | 5.0.5 | |
| php | php | 5.1.0 | |
| php | php | 5.1.1 | |
| php | php | 5.1.2 | |
| php | php | 5.1.3 | |
| php | php | 5.1.4 | |
| php | php | 5.1.5 | |
| php | php | 5.1.6 | |
| php | php | 5.2.0 | |
| php | php | 5.2.1 | |
| php | php | 5.2.2 | |
| php | php | 5.2.3 | |
| php | php | 5.2.4 | |
| php | php | 5.2.5 | |
| php | php | 5.2.6 | |
| php | php | 5.2.7 | |
| php | php | 5.2.8 | |
| php | php | 5.2.9 | |
| php | php | 5.2.10 | |
| php | php | 5.2.11 | |
| php | php | 5.2.12 | |
| php | php | 5.2.13 | |
| php | php | 5.2.14 | |
| php | php | 5.2.15 | |
| php | php | 5.2.16 | |
| php | php | 5.2.17 | |
| php | php | 5.3.0 | |
| php | php | 5.3.1 | |
| php | php | 5.3.2 | |
| php | php | 5.3.3 | |
| php | php | 5.3.4 | |
| php | php | 5.3.5 | |
| php | php | 5.3.6 | |
| php | php | 5.3.7 | |
| php | php | 5.3.8 | |
| php | php | 5.3.9 | |
| php | php | 5.3.10 | |
| php | php | 5.3.11 | |
| php | php | 5.3.12 | |
| php | php | 5.3.13 | |
| php | php | 5.3.14 | |
| php | php | 5.3.15 | |
| php | php | 5.3.16 | |
| php | php | 5.3.17 | |
| php | php | 5.3.18 | |
| php | php | 5.3.19 | |
| php | php | 5.3.20 | |
| php | php | 5.3.21 | |
| php | php | 5.3.22 | |
| php | php | 5.3.23 | |
| php | php | 5.3.24 | |
| php | php | 5.3.25 | |
| php | php | 5.3.26 | |
| php | php | 5.3.27 | |
| php | php | 5.3.28 | |
| php | php | 5.4.0 | |
| php | php | 5.4.1 | |
| php | php | 5.4.2 | |
| php | php | 5.4.3 | |
| php | php | 5.4.10 | |
| php | php | 5.4.11 | |
| php | php | 5.4.12 | |
| php | php | 5.4.12 | |
| php | php | 5.4.12 | |
| php | php | 5.4.13 | |
| php | php | 5.4.13 | |
| php | php | 5.4.14 | |
| php | php | 5.4.14 | |
| php | php | 5.4.15 | |
| php | php | 5.4.16 | |
| php | php | 5.4.17 | |
| php | php | 5.4.18 | |
| php | php | 5.4.19 | |
| php | php | 5.4.20 | |
| php | php | 5.4.21 | |
| php | php | 5.4.22 | |
| php | php | 5.4.23 | |
| php | php | 5.4.24 | |
| php | php | 5.4.25 | |
| php | php | 5.4.26 | |
| php | php | 5.4.27 | |
| php | php | 5.4.28 | |
| php | php | 5.4.29 | |
| php | php | 5.4.30 | |
| php | php | 5.4.34 | |
| php | php | 5.4.35 | |
| php | php | 5.4.36 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.1 | |
| php | php | 5.5.2 | |
| php | php | 5.5.3 | |
| php | php | 5.5.4 | |
| php | php | 5.5.5 | |
| php | php | 5.5.6 | |
| php | php | 5.5.7 | |
| php | php | 5.5.8 | |
| php | php | 5.5.9 | |
| php | php | 5.5.10 | |
| php | php | 5.5.11 | |
| php | php | 5.5.12 | |
| php | php | 5.5.13 | |
| php | php | 5.5.14 | |
| php | php | 5.5.18 | |
| php | php | 5.5.19 | |
| php | php | 5.5.20 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.2 | |
| php | php | 5.6.3 | |
| php | php | 5.6.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "92647629-083F-4042-8365-4AD2EBC9C1BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FF72E8D5-9F8C-4BD4-9AA4-28E23CB48A47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:2.0b10:*:*:*:*:*:*:*",
"matchCriteriaId": "83BE1120-6370-4470-8586-6581EDF3FD69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "245C601D-0FE7-47E3-8304-6FF45E9567D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "691BB8BB-329A-4640-B758-7590C99B5E42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E2BC4CCE-2774-463E-82EA-36CD442D3A7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C478024C-2FCD-463F-A75E-E04660AA9DF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AC9C32F4-5102-4E9B-9F32-B24B65A5ED2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A5BD99C0-E875-496E-BE5E-A8DCBD414B5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1851ADE5-C70C-46E0-941A-6ADF7DB5C126",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "69DA3BA2-AF53-4C9D-93FA-0317841595B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0CFEE5-2274-4BBC-A24A-3A0D13F607FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "67B59D6A-7EDA-4C34-81D6-C2557C85D164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "AEBA40B6-8FDF-41AA-8166-F491FF7F3118",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E74E2B72-A428-4BB3-B6F8-0AF5E487A807",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "1E2F1D82-8E6A-4FBF-9055-A0F395DC17FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "945FF149-3446-4905-BCA1-C397E3497B58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "8E446DBD-FEFA-4D22-9C9D-51F61C01E414",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "3C8DE728-78E1-4F9F-BC56-CD9B10E61287",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "80E31CC6-9356-4BB7-9F49-320AAF341E1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB8AD3A-9181-459A-9AF2-B3FC6BAF6FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "4B3E7199-8FB7-4930-9C0A-A36A698940B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta_4_patch1:*:*:*:*:*:*",
"matchCriteriaId": "AEEF2298-98E8-409F-9205-84817CEF947B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "6AFC00BA-D64D-4407-AC69-FDD9FF013943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "D80F2A8B-B57F-4970-867A-55E8187C1502",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "EF4E0EFE-4FF6-4E8F-8EC5-68B059FC0C42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "49965B80-DC27-4864-BDF0-CBBFF16BFD80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF57C14-86B6-419A-BAFF-93D01CB1E081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78BAA18C-E5A0-4210-B64B-709BBFF31EEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "13A159B4-B847-47DE-B7F8-89384E6C551B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "57B59616-A309-40B4-94B1-50A7BC00E35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0F39A1B1-416E-4436-8007-733B66904A14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DD5FC218-3DDB-4981-81C9-6C69F8DA6F4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2E5F96-66D2-4F99-A74D-6A2305EE218E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2D724D09-0D45-4701-93C9-348301217C8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6713614A-B14E-4A85-BF89-ED780068FC68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FD95F8EB-B428-4B3C-9254-A5DECE03A989",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "069EB7EE-06B9-454F-9007-8DE5DCA33C53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "18BF5BE6-09EA-45AD-93BF-2BEF1742534E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EC1460DF-1687-4314-BF1A-01290B20302D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "470380B0-3982-48FC-871B-C8B43C81900D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAA7712-10F0-4BB6-BAFB-D0806AFD9DE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "63190D9B-7958-4B93-87C6-E7D5A572F6DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7AB2E2E8-81D6-4973-AC0F-AA644EE99DD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4AAF4586-74FF-47C6-864B-656FDF3F33D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B14EF0C7-61F2-47A4-B7F8-43FF03C62DCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5245F990-B4A7-4ED8-909D-B8137CE79FAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5652D5B0-68E4-4239-B9B7-599AFCF4C53E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "57B71BB7-5239-4860-9100-8CABC3992D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "72BD447A-4EED-482C-8F61-48FAD4FCF8BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B3F9DF9D-15E5-4387-ABE3-A7583331A928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "11579E5C-D7CF-46EE-B015-5F4185C174E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C69CDE21-2FD4-4529-8F02-8709CF5E3D7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "221B9AC4-C63C-4386-B3BD-E4BC102C6124",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "78B7BA75-2A32-4A8E-ADF8-BCB4FC48CB5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2BEA491B-77FD-4760-8F6F-3EBC6BD810D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BB25CFBB-347C-479E-8853-F49DD6CBD7D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4D2937B3-D034-400E-84F5-33833CE3764D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "71AEE8B4-FCF8-483B-8D4C-2E80A02E925E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4C2AF1D9-33B6-4B2C-9269-426B6B720164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "84B70263-37AA-4539-A286-12038A3792C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2E46E4B4-808C-4B47-81D9-EC2B02A5E57B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6FF30D7F-353B-4496-9A89-4EF2BB279E0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "DD97DF34-35AB-4979-96E2-B23DC8556A79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7007E77F-60EF-44D8-9676-15B59DF1325F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "E727CECE-E452-489A-A42F-5A069D6AF80E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "149A1FB8-593E-412B-8E1C-3E560301D500",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "5D6E8982-D7AE-4A52-8F7C-A4D59D2A2CA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "8FC144FA-8F84-44C0-B263-B639FEAD20FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "295907B4-C3DE-4021-BE3B-A8826D4379E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "DBC98F82-6E1D-4A89-8ED4-ECD9BD954EB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "B881352D-954E-4FC0-9E42-93D02A3F3089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "17437AED-816A-4CCF-96DE-8C3D0CC8DB2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "74E7AE59-1CB0-4300-BBE0-109F909789EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9222821E-370F-4616-B787-CC22C2F4E7CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9809449F-9A76-4318-B233-B4C2950A6EA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0AA962D4-A4EC-4DC3-B8A9-D10941B92781",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8CDFEF9-C367-4800-8A2F-375C261FAE55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "16E43B88-1563-4EFD-9267-AE3E8C35D67A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "11E5715F-A8BC-49EF-836B-BB78E1BC0790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5FA68843-158E-463E-B68A-1ACF041C4E10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1874F637-77E2-4C4A-BF92-AEE96A60BFB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9592B32E-55CD-42D0-901E-8319823BC820",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A9BF34B5-F74C-4D56-9841-42452D60CB87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD02D837-FD28-4E0F-93F8-25E8D1C84A99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "88358D1E-BE6F-4CE3-A522-83D1FA4739E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D8B97B03-7DA7-4A5F-89B4-E78CAB20DE17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "86767200-6C9C-4C3E-B111-0E5BE61E197B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B00B416D-FF23-4C76-8751-26D305F0FA0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CCB6CDDD-70D3-4004-BCE0-8C4723076103",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A782CA26-9C38-40A8-92AE-D47B14D2FCE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1C0E7E2A-4770-4B68-B74C-5F5A6E1876DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "0892C89E-9389-4452-B7E0-981A763CD426",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "635F3CB1-B042-43CC-91AB-746098018D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E1F32DDF-17A3-45B5-9227-833EBEBD3923",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "2CDFB7E9-8510-430F-BFBC-FD811D60DC78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "79D5336A-14AA-483E-9CBE-A7B53120B925",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "3AADA875-E0EA-483A-A07E-2914FE969972",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.14:*:*:*:*:*:*:*",
"matchCriteriaId": "95D48A71-B84E-4B6C-9603-B3373052E568",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "CAAB7D55-F155-43F9-A563-F2E35CFFEF26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.16:*:*:*:*:*:*:*",
"matchCriteriaId": "72243A3F-6BFD-472B-9EA4-82BE4253ED27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "E415CC22-09CA-47D2-9F1A-0BCA8960835B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9EF4B938-BB14-4C06-BEE9-10CA755C5DEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "981C922C-7A7D-473E-8C43-03AB62FB5B8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5D0CD11A-09C2-4C60-8F0C-68E55BD6EE63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B0F40E4A-E125-4099-A8B3-D42614AA9312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4933D9DD-A630-4A3D-9D13-9E182F5F6F8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A9E6D530-91FC-42F4-A427-6601238E0187",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9EC938DB-E066-407F-BDF8-61A1C41136F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "ACDF768D-7F5A-4042-B7DD-398F65F3F094",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "2AF35BB6-C6B1-4683-A8BE-AA72CC34F5B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "EC3F1891-032D-409C-904C-A415D2323DFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "4B13826D-06B2-4A46-AB24-092F6935958D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "1B6528FC-51BE-4E30-B282-D9841553BA26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "66CF9452-6225-4726-822B-C7CD620A1D6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.13:*:*:*:*:*:*:*",
"matchCriteriaId": "A953FF53-1106-42D3-BE4A-4F27C7C42F52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "D4D2F015-A38D-43C6-ADC6-A0EFCE150071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.15:*:*:*:*:*:*:*",
"matchCriteriaId": "75A8FF8E-A26A-45AD-BD91-9B4822581CE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.16:*:*:*:*:*:*:*",
"matchCriteriaId": "5F27C2F9-73BE-46EF-B5ED-8D407D22D12E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.17:*:*:*:*:*:*:*",
"matchCriteriaId": "EB212796-B71B-4F6B-9156-9C5178FF0931",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.18:*:*:*:*:*:*:*",
"matchCriteriaId": "DFBCD79D-3821-4538-B6F1-49F51E5983E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.19:*:*:*:*:*:*:*",
"matchCriteriaId": "B66E709F-E34E-4744-8970-0F70F95A8761",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.20:*:*:*:*:*:*:*",
"matchCriteriaId": "D20691D0-3102-4E82-BED9-9E7B67F9F778",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.21:*:*:*:*:*:*:*",
"matchCriteriaId": "6DA7831F-5F53-4A29-9AB1-913EBD095589",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.22:*:*:*:*:*:*:*",
"matchCriteriaId": "F798EC96-FC60-47BA-AE27-8C2261D9E5D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.23:*:*:*:*:*:*:*",
"matchCriteriaId": "633BEAF3-C73C-48FC-B623-375B9F79C93D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.24:*:*:*:*:*:*:*",
"matchCriteriaId": "965BB50E-7675-43A7-B074-98BCB1EBA311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.25:*:*:*:*:*:*:*",
"matchCriteriaId": "B52F6124-1C8E-4568-BACF-A463064DA48E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.26:*:*:*:*:*:*:*",
"matchCriteriaId": "2BA2F96C-A676-4F13-8E41-600461338B1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.27:*:*:*:*:*:*:*",
"matchCriteriaId": "E0FE5746-FA0B-493A-B3A9-DE2A153C5ECA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.28:*:*:*:*:*:*:*",
"matchCriteriaId": "D3E07192-DC26-4B67-A667-2D9C3878BB29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E7B9B8D2-78B7-4B17-955B-741C7A6F6634",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5CA2A940-BD69-4D35-AF12-432CB929248B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "29BD13F9-86C8-44C4-A860-9A87870A518E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1B361FDE-9F6A-4E9A-96F1-619DC56EECB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "77A4B7E0-C872-4E53-AD72-1BB2755E4FDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "EECCD553-53D5-485E-8C21-E2A5070833B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "95357C79-A754-4E0C-B65B-0FA241962B12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.12:rc1:*:*:*:*:*:*",
"matchCriteriaId": "25EAF9A9-F7A1-4AC7-BCFD-769BE0FDB537",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.12:rc2:*:*:*:*:*:*",
"matchCriteriaId": "74EA8037-7C22-48B3-9FA2-4BFFFFD513D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.13:*:*:*:*:*:*:*",
"matchCriteriaId": "C8D1254E-0C72-4958-BA7F-5B818C3ACB15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.13:rc1:*:*:*:*:*:*",
"matchCriteriaId": "92994FFC-F362-48AC-9CA8-8EBCAC880C91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.14:*:*:*:*:*:*:*",
"matchCriteriaId": "21131DF1-1EE5-4C84-B1E0-FA75BC39B344",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.14:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0B23F85D-465B-4176-9798-E78AADE421EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.15:rc1:*:*:*:*:*:*",
"matchCriteriaId": "ADEE52B4-8392-4321-8C00-FABA6270E728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.16:rc1:*:*:*:*:*:*",
"matchCriteriaId": "57D74F58-DB3A-4A70-93CF-B350DB65EF49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.17:*:*:*:*:*:*:*",
"matchCriteriaId": "AAEE86A0-C3FC-446E-8DF0-4FA32F741E1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.18:*:*:*:*:*:*:*",
"matchCriteriaId": "90B670B6-A211-40C6-A8A0-1B0188EF891F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.19:*:*:*:*:*:*:*",
"matchCriteriaId": "AAAC4776-F3FF-42D8-AC6E-4746987D30BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.20:*:*:*:*:*:*:*",
"matchCriteriaId": "41DC16B7-7A45-4BDE-B340-F17D97CA3BDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.21:*:*:*:*:*:*:*",
"matchCriteriaId": "0FD7C2E6-9B34-4890-A0D1-39BB8ECA47E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.22:*:*:*:*:*:*:*",
"matchCriteriaId": "4F8F72EC-7431-4B36-89EF-E7593ACFBFEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.23:*:*:*:*:*:*:*",
"matchCriteriaId": "86E9AC84-430D-4FDA-8FFE-B77E17803A11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.24:*:*:*:*:*:*:*",
"matchCriteriaId": "5238A7AE-D3FD-4465-95D7-F9C8787F9463",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.25:*:*:*:*:*:*:*",
"matchCriteriaId": "6B877725-43E7-479E-9FA3-6D2FFE89B620",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.26:*:*:*:*:*:*:*",
"matchCriteriaId": "AB33BBC0-9D17-4369-A52D-B4B65150380A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.27:*:*:*:*:*:*:*",
"matchCriteriaId": "95E112B5-12CC-40D5-AA1E-B5FB1ABC831E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.28:*:*:*:*:*:*:*",
"matchCriteriaId": "B078B1E5-14BD-4004-8384-4656E1063EC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.29:*:*:*:*:*:*:*",
"matchCriteriaId": "27BB02F3-99A1-428C-A3C9-614B1277C88D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.30:*:*:*:*:*:*:*",
"matchCriteriaId": "42873F3E-55BA-4CF3-BA13-13E49E59C363",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.34:*:*:*:*:*:*:*",
"matchCriteriaId": "0A8F6ABB-9F55-435A-B249-6449970F5DB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.35:*:*:*:*:*:*:*",
"matchCriteriaId": "E840B9E2-0B9E-4BA7-B635-022DB695632F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.36:*:*:*:*:*:*:*",
"matchCriteriaId": "AE53604B-82C6-4DF6-A023-07555C068259",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9F6D9B19-E64D-4BED-9194-17460CE19E6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "3D25E591-448C-4E3B-8557-6E48F7571796",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "6DA18F3F-B4B5-40C3-BF19-67C1F0C1787D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha3:*:*:*:*:*:*",
"matchCriteriaId": "3AF783C9-26E7-4E02-BD41-77B9783667E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha4:*:*:*:*:*:*",
"matchCriteriaId": "EF49701D-ECE4-4CEB-BDAB-24C09C8AD4B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha5:*:*:*:*:*:*",
"matchCriteriaId": "7AEDF6F7-001D-4A35-A26F-417991AD377F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha6:*:*:*:*:*:*",
"matchCriteriaId": "4031DB99-B4B4-41EC-B3C1-543D92C575A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "D5450EA7-A398-49D2-AA8E-7C95B074BAB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "04FE0E4E-BC94-4DC9-BE9B-DC57B952B2FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "BB8E09D8-9CBE-4279-88B7-24A214A5A537",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "2D41ECCE-887D-49A2-9BB3-B559495AC55B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "79B418BC-27F4-4443-A0F7-FF4ADA568C1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "8EEBDF62-BA1B-4438-9AEA-8B56AA5713E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F644EA6C-50C6-4A1C-A4AC-287AA9477B46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4DD47F30-74F5-48E8-8657-C2373FE2BD22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0C09527B-6B47-41F8-BDE6-01C47E452286",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2E454D87-23CB-4D7F-90FE-942EE54D661F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1031E646-F2CF-4A3E-8E6A-5D4BC950BEDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "130E50C1-D209-4CFF-9399-69D561340FBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F29948-9417-460B-8B04-D91AE4E8B423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A37D00C1-4F41-4400-9CE4-8E8BAA3E4142",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "093D08B7-CC3C-4616-8697-F15B253A7D9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E9CD8FEE-DE7B-47CB-9985-4092BFA071D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "A30B2D9E-F289-43C9-BFBC-1CEF284A417E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*",
"matchCriteriaId": "FE41CFDF-8ECD-41C1-94A7-5AFD42C5DDEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*",
"matchCriteriaId": "6AEAC9BA-AF82-4345-839C-D339DCB962A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:*",
"matchCriteriaId": "1EFE682F-52E3-48EC-A993-F522FC29712F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.18:*:*:*:*:*:*:*",
"matchCriteriaId": "AC63A449-5D92-4F5F-8186-B58FFFBA54FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.19:*:*:*:*:*:*:*",
"matchCriteriaId": "F18236F6-2065-4A6A-93E7-FD90E650C689",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.20:*:*:*:*:*:*:*",
"matchCriteriaId": "DEFBA84A-A4E4-438B-B9B5-8549809DCECC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "5BF4E8FF-A3EC-43E8-A0C1-FD38AFCB77B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "54ADECFC-3C07-43BC-B296-6C25AC7F1C95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*",
"matchCriteriaId": "FE192054-2FBB-4388-A52A-422E20DEA2D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*",
"matchCriteriaId": "F0195D48-3B42-4AC0-B9C5-436E01C63879",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*",
"matchCriteriaId": "BF0E5D67-ABC1-41A5-94E1-7DD3CDB51D81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "319E0573-B1AD-40B6-B4BC-8BE67ED3EFDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "1A7C00EB-87B7-4EB7-A4AC-8665D8C78467",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "21BFCF10-786A-4D1E-9C37-50A1EC6056F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "95A6D6C8-5F46-4897-A0B0-778631E8CE6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE18933A-5FE6-41C7-B1B6-DA3E762C3FB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9AE1289F-03A6-4621-B387-5F5ADAC4AE92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "383697F5-D29E-475A-84F3-46B54A928889",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "sapi/cgi/cgi_main.c in the CGI component in PHP through 5.4.36, 5.5.x through 5.5.20, and 5.6.x through 5.6.4, when mmap is used to read a .php file, does not properly consider the mapping\u0027s length during processing of an invalid file that begins with a # character and lacks a newline character, which causes an out-of-bounds read and might (1) allow remote attackers to obtain sensitive information from php-cgi process memory by leveraging the ability to upload a .php file or (2) trigger unexpected code execution if a valid PHP script is present in memory locations adjacent to the mapping."
},
{
"lang": "es",
"value": "sapi/cgi/cgi_main.c en el componente CGI en PHP hasta 5.4.36, 5.5.x hasta 5.5.20, y 5.6.x hasta 5.6.4, cuando mmap est\u00e1 utilizado para leer un fichero .php, no considera correctamente la longitud de las asignaciones durante el procesamiento de un fichero inv\u00e1lido que empieza por un caracter # y le falta un caracter nueva l\u00ednea, lo que causa una lectura fuera de rango y podr\u00eda (1) permitir a atacantes remotos obtener informaci\u00f3n sensible de la memoria de procesos php-cgi mediante el aprovechamiento de la habilidad de subir un fichero .php o (2) provocar la ejecuci\u00f3n de c\u00f3digo no esperado si una secuencia de comandos PHP v\u00e1lida est\u00e1 presente en las localizaciones de memoria ajuntas a las asignaciones."
}
],
"id": "CVE-2014-9427",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-01-03T02:59:00.050",
"references": [
{
"source": "security@debian.org",
"url": "http://advisories.mageia.org/MGASA-2015-0040.html"
},
{
"source": "security@debian.org",
"url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=f9ad3086693fce680fbe246e4a45aa92edd2ac35"
},
{
"source": "security@debian.org",
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html"
},
{
"source": "security@debian.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00029.html"
},
{
"source": "security@debian.org",
"url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00079.html"
},
{
"source": "security@debian.org",
"url": "http://marc.info/?l=bugtraq\u0026m=143748090628601\u0026w=2"
},
{
"source": "security@debian.org",
"url": "http://marc.info/?l=bugtraq\u0026m=144050155601375\u0026w=2"
},
{
"source": "security@debian.org",
"url": "http://openwall.com/lists/oss-security/2014/12/31/6"
},
{
"source": "security@debian.org",
"url": "http://openwall.com/lists/oss-security/2015/01/01/1"
},
{
"source": "security@debian.org",
"url": "http://openwall.com/lists/oss-security/2015/01/03/4"
},
{
"source": "security@debian.org",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1053.html"
},
{
"source": "security@debian.org",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1066.html"
},
{
"source": "security@debian.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:032"
},
{
"source": "security@debian.org",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
},
{
"source": "security@debian.org",
"url": "http://www.securityfocus.com/bid/71833"
},
{
"source": "security@debian.org",
"tags": [
"Exploit"
],
"url": "https://bugs.php.net/bug.php?id=68618"
},
{
"source": "security@debian.org",
"url": "https://security.gentoo.org/glsa/201503-03"
},
{
"source": "security@debian.org",
"url": "https://support.apple.com/HT205267"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://advisories.mageia.org/MGASA-2015-0040.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=f9ad3086693fce680fbe246e4a45aa92edd2ac35"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00029.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00079.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=143748090628601\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=144050155601375\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://openwall.com/lists/oss-security/2014/12/31/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://openwall.com/lists/oss-security/2015/01/01/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://openwall.com/lists/oss-security/2015/01/03/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1053.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1066.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:032"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/71833"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://bugs.php.net/bug.php?id=68618"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201503-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.apple.com/HT205267"
}
],
"sourceIdentifier": "security@debian.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-02-27 21:15
Modified
2024-11-21 05:36
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when using file upload functionality, if upload progress tracking is enabled, but session.upload_progress.cleanup is set to 0 (disabled), and the file upload fails, the upload procedure would try to clean up data that does not exist and encounter null pointer dereference, which would likely lead to a crash.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| php | php | * | |
| php | php | * | |
| opensuse | leap | 15.1 | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 | |
| canonical | ubuntu_linux | 19.10 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C6DEDF33-5700-450F-980D-8CA598A53DED",
"versionEndIncluding": "7.2.27",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1CA6A47B-6146-4361-AED1-4263B7911C6C",
"versionEndIncluding": "7.3.14",
"versionStartIncluding": "7.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D73AA9E0-B622-41A6-9E5B-924051D4CA61",
"versionEndIncluding": "7.4.2",
"versionStartIncluding": "7.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*",
"matchCriteriaId": "CB66DB75-2B16-4EBF-9B93-CE49D8086E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*",
"matchCriteriaId": "A31C8344-3E02-4EB8-8BD8-4C84B7959624",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when using file upload functionality, if upload progress tracking is enabled, but session.upload_progress.cleanup is set to 0 (disabled), and the file upload fails, the upload procedure would try to clean up data that does not exist and encounter null pointer dereference, which would likely lead to a crash."
},
{
"lang": "es",
"value": "En PHP versiones 7.2.x por debajo de 7.2.28, versiones 7.3.x por debajo de 7.3.15 y versiones 7.4.x por debajo de 7.4.3, cuando es usada la funcionalidad de carga de archivos, si el seguimiento de progreso de carga est\u00e1 habilitado, pero session.upload_progress.cleanup est\u00e1 ajustado en 0 (deshabilitado), y la carga del archivo presenta un fallo, el procedimiento de carga intentar\u00eda limpiar los datos que no existan y encontrar\u00eda una desreferencia del puntero null, lo que probablemente conllevar\u00eda a un bloqueo."
}
],
"id": "CVE-2020-7062",
"lastModified": "2024-11-21T05:36:35.703",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "security@php.net",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-02-27T21:15:19.037",
"references": [
{
"source": "security@php.net",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00023.html"
},
{
"source": "security@php.net",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=79221"
},
{
"source": "security@php.net",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00034.html"
},
{
"source": "security@php.net",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202003-57"
},
{
"source": "security@php.net",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4330-1/"
},
{
"source": "security@php.net",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2020/dsa-4717"
},
{
"source": "security@php.net",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2020/dsa-4719"
},
{
"source": "security@php.net",
"tags": [
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/tns-2021-14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00023.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=79221"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00034.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202003-57"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4330-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2020/dsa-4717"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2020/dsa-4719"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/tns-2021-14"
}
],
"sourceIdentifier": "security@php.net",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "security@php.net",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-05-18 16:29
Modified
2025-04-20 01:37
Severity ?
Summary
In MODX Revolution before 2.5.7, when PHP 5.3.3 is used, an attacker is able to include and execute arbitrary files on the web server due to insufficient validation of the action parameter to setup/index.php, aka directory traversal.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://citadelo.com/en/2017/04/modx-revolution-cms/ | Exploit, Third Party Advisory | |
| cve@mitre.org | https://github.com/modxcms/revolution/pull/13422 | Third Party Advisory | |
| cve@mitre.org | https://github.com/modxcms/revolution/pull/13428 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://citadelo.com/en/2017/04/modx-revolution-cms/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/modxcms/revolution/pull/13422 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/modxcms/revolution/pull/13428 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| modx | modx_revolution | 2.5.6 | |
| php | php | 5.3.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:modx:modx_revolution:2.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B6F55854-0593-47D3-B84B-810C2D41A37F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:5.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B0F40E4A-E125-4099-A8B3-D42614AA9312",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In MODX Revolution before 2.5.7, when PHP 5.3.3 is used, an attacker is able to include and execute arbitrary files on the web server due to insufficient validation of the action parameter to setup/index.php, aka directory traversal."
},
{
"lang": "es",
"value": "En MODX Revolution anterior a versi\u00f3n 2.5.7, cuando se utiliza PHP versi\u00f3n 5.3.3, un atacante es capaz de incluir y ejecutar archivos arbitrarios en el servidor web debido a la comprobaci\u00f3n insuficiente del par\u00e1metro action en el archivo setup/index.php, tambi\u00e9n se conoce como salto de directorio."
}
],
"id": "CVE-2017-9067",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-05-18T16:29:00.157",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://citadelo.com/en/2017/04/modx-revolution-cms/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/modxcms/revolution/pull/13422"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/modxcms/revolution/pull/13428"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://citadelo.com/en/2017/04/modx-revolution-cms/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/modxcms/revolution/pull/13422"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/modxcms/revolution/pull/13428"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-08-07 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Multiple integer overflows in php_zip.c in the zip extension in PHP before 7.0.6 allow remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted call to (1) getFromIndex or (2) getFromName in the ZipArchive class.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29444ECA-CE15-42F2-9FA2-829C18E51069",
"versionEndExcluding": "7.0.6",
"versionStartIncluding": "7.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in php_zip.c in the zip extension in PHP before 7.0.6 allow remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted call to (1) getFromIndex or (2) getFromName in the ZipArchive class."
},
{
"lang": "es",
"value": "Multiples desbordamientos de entero en PHP en versiones anteriores a 7.0.8 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (desbordamiento de b\u00fafer basado en memoria din\u00e1mica y ca\u00edda de aplicaci\u00f3n) o posiblemente tener otro impacto no especificado a trav\u00e9s de una llamada manipulada a (1) getFromIndex o (2) getFromName en la clase ZipArchive."
}
],
"id": "CVE-2016-3078",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-08-07T10:59:02.757",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/04/28/1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1035701"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=71923"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/php/php-src/commit/3b8d4de300854b3517c7acb239b84f7726c1353c?w=1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://php.net/ChangeLog-7.php"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2016-3078"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/39742/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/04/28/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1035701"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=71923"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/php/php-src/commit/3b8d4de300854b3517c7acb239b84f7726c1353c?w=1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://php.net/ChangeLog-7.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2016-3078"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/39742/"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-22 01:59
Modified
2025-04-12 10:46
Severity ?
Summary
The phar_make_dirstream function in ext/phar/dirstream.c in PHP before 5.6.18 and 7.x before 7.0.3 mishandles zero-size ././@LongLink files, which allows remote attackers to cause a denial of service (uninitialized pointer dereference) or possibly have unspecified other impact via a crafted TAR archive.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "54741E4C-D627-4F1E-8B89-6597AE07EF85",
"versionEndExcluding": "5.5.36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "04060332-EC2C-4281-A627-8FBDCEB79154",
"versionEndExcluding": "5.6.18",
"versionStartIncluding": "5.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A20A620-CDCF-4496-86E9-1ECA1A3C665E",
"versionEndExcluding": "7.0.3",
"versionStartIncluding": "7.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The phar_make_dirstream function in ext/phar/dirstream.c in PHP before 5.6.18 and 7.x before 7.0.3 mishandles zero-size ././@LongLink files, which allows remote attackers to cause a denial of service (uninitialized pointer dereference) or possibly have unspecified other impact via a crafted TAR archive."
},
{
"lang": "es",
"value": "La funci\u00f3n phar_make_dirstream en ext/phar/dirstream.c en PHP en versiones anteriores a 5.6.18 y 7.x en versiones anteriores a 7.0.3 no maneja correctamente archivos ././@LongLink de tama\u00f1o cero, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (referencia a puntero no inicializado) o posiblemente tener otro impacto no especificado a trav\u00e9s de un archivo TAR manipulado."
}
],
"id": "CVE-2016-4343",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-22T01:59:17.477",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00086.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://php.net/ChangeLog-7.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/04/28/2"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/89179"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=71331"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00086.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://php.net/ChangeLog-7.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/04/28/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/89179"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=71331"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-824"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-02-12 22:15
Modified
2025-07-02 21:35
Severity ?
Summary
In PHP versions 8.0.* before 8.0.27, 8.1.* before 8.1.15, 8.2.* before 8.2.2 when using PDO::quote() function to quote user-supplied data for SQLite, supplying an overly long string may cause the driver to incorrectly quote the data, which may further lead to SQL injection vulnerabilities.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@php.net | https://bugs.php.net/bug.php?id=81740 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20230223-0007/ | Third Party Advisory | |
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | https://bugs.php.net/bug.php?id=81740 | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B25DE957-1D86-408D-AD1E-DBFB14115959",
"versionEndExcluding": "8.0.27",
"versionStartIncluding": "8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF93F09C-C6A3-49AF-9202-0EC78065547D",
"versionEndExcluding": "8.1.15",
"versionStartIncluding": "8.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E87D2720-F21F-4FDE-A262-B8BA0B62AD98",
"versionEndExcluding": "8.2.2",
"versionStartIncluding": "8.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sqlite:sqlite:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46D17F35-DB4A-491C-BB28-4BFA36F3618F",
"versionStartIncluding": "3.39.2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In PHP versions 8.0.* before 8.0.27, 8.1.* before 8.1.15, 8.2.* before 8.2.2 when using PDO::quote() function to quote user-supplied data for SQLite, supplying an overly long string may cause the driver to incorrectly quote the data, which may further lead to SQL injection vulnerabilities."
},
{
"lang": "es",
"value": "En las versiones de PHP 8.0.* anteriores a 8.0.27, 8.1.* anteriores a 8.1.15, 8.2.* anteriores a 8.2.2, cuando se usa la funci\u00f3n PDO::quote() para citar datos proporcionados por el usuario para SQLite, proporcionar una cadena demasiado larga puede provocar que el controlador cite incorrectamente los datos, lo que puede generar vulnerabilidades de inyecci\u00f3n SQL."
}
],
"id": "CVE-2022-31631",
"lastModified": "2025-07-02T21:35:56.150",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "security@php.net",
"type": "Secondary"
}
]
},
"published": "2025-02-12T22:15:29.007",
"references": [
{
"source": "security@php.net",
"tags": [
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=81740"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20230223-0007/"
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=81740"
}
],
"sourceIdentifier": "security@php.net",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-74"
}
],
"source": "security@php.net",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-10-10 04:06
Modified
2025-04-09 00:30
Severity ?
Summary
Race condition in the symlink function in PHP 5.1.6 and earlier allows local users to bypass the open_basedir restriction by using a combination of symlink, mkdir, and unlink functions to change the file path after the open_basedir check and before the file is opened by the underlying system, as demonstrated by symlinking a symlink into a subdirectory, to point to a parent directory via .. (dot dot) sequences, and then unlinking the resulting symlink.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| php | php | 4.0 | |
| php | php | 4.0.1 | |
| php | php | 4.0.1 | |
| php | php | 4.0.1 | |
| php | php | 4.0.2 | |
| php | php | 4.0.3 | |
| php | php | 4.0.4 | |
| php | php | 4.0.5 | |
| php | php | 4.0.6 | |
| php | php | 4.0.7 | |
| php | php | 4.0.7 | |
| php | php | 4.0.7 | |
| php | php | 4.0.7 | |
| php | php | 4.1.0 | |
| php | php | 4.1.1 | |
| php | php | 4.1.2 | |
| php | php | 4.2 | |
| php | php | 4.2.0 | |
| php | php | 4.2.1 | |
| php | php | 4.2.2 | |
| php | php | 4.2.3 | |
| php | php | 4.3.0 | |
| php | php | 4.3.1 | |
| php | php | 4.3.2 | |
| php | php | 4.3.3 | |
| php | php | 4.3.4 | |
| php | php | 4.3.5 | |
| php | php | 4.3.6 | |
| php | php | 4.3.7 | |
| php | php | 4.3.8 | |
| php | php | 4.3.9 | |
| php | php | 4.3.10 | |
| php | php | 4.3.11 | |
| php | php | 4.4.0 | |
| php | php | 4.4.1 | |
| php | php | 4.4.2 | |
| php | php | 4.4.3 | |
| php | php | 4.4.4 | |
| php | php | 5.0 | |
| php | php | 5.0 | |
| php | php | 5.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.1 | |
| php | php | 5.0.2 | |
| php | php | 5.0.3 | |
| php | php | 5.0.4 | |
| php | php | 5.0.5 | |
| php | php | 5.1.0 | |
| php | php | 5.1.1 | |
| php | php | 5.1.2 | |
| php | php | 5.1.3 | |
| php | php | 5.1.4 | |
| php | php | 5.1.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1C85C56B-D27F-433F-A268-34463619B183",
"versionEndIncluding": "5.1.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EDBEC461-D553-41B7-8D85-20B6A933C21C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78BAA18C-E5A0-4210-B64B-709BBFF31EEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.1:patch1:*:*:*:*:*:*",
"matchCriteriaId": "419867C6-37BE-43B4-BFE0-6325FEE3807D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.1:patch2:*:*:*:*:*:*",
"matchCriteriaId": "37896E87-95C2-4039-8362-BC03B1C56706",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "13A159B4-B847-47DE-B7F8-89384E6C551B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.3:patch1:*:*:*:*:*:*",
"matchCriteriaId": "8667FBC6-04B6-40E5-93B3-6C22BEED4B26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0F39A1B1-416E-4436-8007-733B66904A14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DD5FC218-3DDB-4981-81C9-6C69F8DA6F4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2E5F96-66D2-4F99-A74D-6A2305EE218E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2D724D09-0D45-4701-93C9-348301217C8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:rc1:*:*:*:*:*:*",
"matchCriteriaId": "FC6A6F47-5C7C-4F82-B23B-9C959C69B27F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:rc2:*:*:*:*:*:*",
"matchCriteriaId": "AE1A4DA6-6181-43A8-B0D8-5A016C3E75FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:rc3:*:*:*:*:*:*",
"matchCriteriaId": "6E36203C-1392-49BB-AE7E-49626963D673",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6713614A-B14E-4A85-BF89-ED780068FC68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FD95F8EB-B428-4B3C-9254-A5DECE03A989",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "069EB7EE-06B9-454F-9007-8DE5DCA33C53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2:*:dev:*:*:*:*:*",
"matchCriteriaId": "BBA861A2-F0CD-4DBB-B43A-4970EB114DA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "18BF5BE6-09EA-45AD-93BF-2BEF1742534E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EC1460DF-1687-4314-BF1A-01290B20302D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "470380B0-3982-48FC-871B-C8B43C81900D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAA7712-10F0-4BB6-BAFB-D0806AFD9DE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "63190D9B-7958-4B93-87C6-E7D5A572F6DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7AB2E2E8-81D6-4973-AC0F-AA644EE99DD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4AAF4586-74FF-47C6-864B-656FDF3F33D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B14EF0C7-61F2-47A4-B7F8-43FF03C62DCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5245F990-B4A7-4ED8-909D-B8137CE79FAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5652D5B0-68E4-4239-B9B7-599AFCF4C53E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "57B71BB7-5239-4860-9100-8CABC3992D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "72BD447A-4EED-482C-8F61-48FAD4FCF8BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B3F9DF9D-15E5-4387-ABE3-A7583331A928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "11579E5C-D7CF-46EE-B015-5F4185C174E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C69CDE21-2FD4-4529-8F02-8709CF5E3D7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "221B9AC4-C63C-4386-B3BD-E4BC102C6124",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "78B7BA75-2A32-4A8E-ADF8-BCB4FC48CB5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2BEA491B-77FD-4760-8F6F-3EBC6BD810D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BB25CFBB-347C-479E-8853-F49DD6CBD7D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4D2937B3-D034-400E-84F5-33833CE3764D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "71AEE8B4-FCF8-483B-8D4C-2E80A02E925E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0F9D7662-A5B6-41D0-B6A1-E5ABC5ABA47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "E3797AB5-9E49-4251-A212-B6E5D9996764",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "D61D9CE9-F7A3-4F52-9D4E-B2473804ECB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7007E77F-60EF-44D8-9676-15B59DF1325F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "17437AED-816A-4CCF-96DE-8C3D0CC8DB2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "74E7AE59-1CB0-4300-BBE0-109F909789EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9222821E-370F-4616-B787-CC22C2F4E7CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9809449F-9A76-4318-B233-B4C2950A6EA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0AA962D4-A4EC-4DC3-B8A9-D10941B92781",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8CDFEF9-C367-4800-8A2F-375C261FAE55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "16E43B88-1563-4EFD-9267-AE3E8C35D67A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "11E5715F-A8BC-49EF-836B-BB78E1BC0790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5FA68843-158E-463E-B68A-1ACF041C4E10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1874F637-77E2-4C4A-BF92-AEE96A60BFB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9592B32E-55CD-42D0-901E-8319823BC820",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Race condition in the symlink function in PHP 5.1.6 and earlier allows local users to bypass the open_basedir restriction by using a combination of symlink, mkdir, and unlink functions to change the file path after the open_basedir check and before the file is opened by the underlying system, as demonstrated by symlinking a symlink into a subdirectory, to point to a parent directory via .. (dot dot) sequences, and then unlinking the resulting symlink."
},
{
"lang": "es",
"value": "Condici\u00f3n de carrera en la funci\u00f3n symlink en PHP 5.1.6 y anteriores permite a usuarios locales evitar la restricci\u00f3n open_basedir usando una combinaci\u00f3n de las funciones symlink, mkdir, y unlink para cambiar la ruta de archivo tras la comprobaci\u00f3n de open_basedir y antes de que el archivo es abierto por el sistema subyacente, como ha sido demostrado enlazando simb\u00f3licamente un enlace simb\u00f3lico dentro de un subdirectorio, para que apunte a un directorio padre mediante secuencias .. (punto punto), y entonces desenlazar el enlace simb\u00f3lico resultante."
}
],
"id": "CVE-2006-5178",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 1.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-10-10T04:06:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-October/049850.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22235"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/22424"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/1692"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://securitytracker.com/id?1016977"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.hardened-php.net/advisory_082006.132.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:185"
},
{
"source": "cve@mitre.org",
"url": "http://www.neosecurityteam.net/index.php?action=advisories\u0026id=26"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/447649/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/448020/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/448953/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/20326"
},
{
"source": "cve@mitre.org",
"url": "http://www.turbolinux.com/security/2006/TLSA-2006-38.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/3901"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29340"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-October/049850.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22235"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/22424"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/1692"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://securitytracker.com/id?1016977"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.hardened-php.net/advisory_082006.132.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:185"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.neosecurityteam.net/index.php?action=advisories\u0026id=26"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/447649/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/448020/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/448953/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/20326"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.turbolinux.com/security/2006/TLSA-2006-38.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/3901"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29340"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "We do not consider these to be security issues. For more details see http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=169857#c1\nand http://www.php.net/security-note.php",
"lastModified": "2006-12-04T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-362"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-05-07 23:00
Modified
2025-04-11 00:51
Severity ?
Summary
The (1) sqlite_single_query and (2) sqlite_array_query functions in ext/sqlite/sqlite.c in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allow context-dependent attackers to execute arbitrary code by calling these functions with an empty SQL query, which triggers access of uninitialized memory.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD02D837-FD28-4E0F-93F8-25E8D1C84A99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "88358D1E-BE6F-4CE3-A522-83D1FA4739E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D8B97B03-7DA7-4A5F-89B4-E78CAB20DE17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "86767200-6C9C-4C3E-B111-0E5BE61E197B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B00B416D-FF23-4C76-8751-26D305F0FA0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CCB6CDDD-70D3-4004-BCE0-8C4723076103",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A782CA26-9C38-40A8-92AE-D47B14D2FCE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "0892C89E-9389-4452-B7E0-981A763CD426",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "635F3CB1-B042-43CC-91AB-746098018D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E1F32DDF-17A3-45B5-9227-833EBEBD3923",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "2CDFB7E9-8510-430F-BFBC-FD811D60DC78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "79D5336A-14AA-483E-9CBE-A7B53120B925",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "3AADA875-E0EA-483A-A07E-2914FE969972",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:5.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9EF4B938-BB14-4C06-BEE9-10CA755C5DEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "981C922C-7A7D-473E-8C43-03AB62FB5B8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5D0CD11A-09C2-4C60-8F0C-68E55BD6EE63",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The (1) sqlite_single_query and (2) sqlite_array_query functions in ext/sqlite/sqlite.c in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allow context-dependent attackers to execute arbitrary code by calling these functions with an empty SQL query, which triggers access of uninitialized memory."
},
{
"lang": "es",
"value": "Las funciones (1) sqlite_single_query y (2) sqlite_array_query en ext/sqlite/sqlite.c en PHP v5.2 hasta v5.2.13 y 5.3 hasta v5.3.2 permiten a atacantes, dependiendo del contexto, ejecutar c\u00f3digo de su elecci\u00f3n mediante las llamadas es estas funciones con una \u00e8tici\u00f3n SQL vac\u00eda, lo que provoca accesos a memoria no inicializada."
}
],
"id": "CVE-2010-1868",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-05-07T23:00:01.920",
"references": [
{
"source": "cve@mitre.org",
"url": "http://php-security.org/2010/05/07/mops-2010-012-php-sqlite_single_query-uninitialized-memory-usage-vulnerability/index.html"
},
{
"source": "cve@mitre.org",
"url": "http://php-security.org/2010/05/07/mops-2010-013-php-sqlite_array_query-uninitialized-memory-usage-vulnerability/index.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://php-security.org/2010/05/07/mops-submission-03-sqlite_single_query-sqlite_array_query-uninitialized-memory-usage/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://php-security.org/2010/05/07/mops-2010-012-php-sqlite_single_query-uninitialized-memory-usage-vulnerability/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://php-security.org/2010/05/07/mops-2010-013-php-sqlite_array_query-uninitialized-memory-usage-vulnerability/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://php-security.org/2010/05/07/mops-submission-03-sqlite_single_query-sqlite_array_query-uninitialized-memory-usage/index.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-08-11 06:15
Modified
2025-02-13 17:16
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
In PHP versions 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8 various XML functions rely on libxml global state to track configuration variables, like whether external entities are loaded. This state is assumed to be unchanged unless the user explicitly changes it by calling appropriate function. However, since the state is process-global, other modules - such as ImageMagick - may also use this library within the same process, and change that global state for their internal purposes, and leave it in a state where external entities loading is enabled. This can lead to the situation where external XML is parsed with external entities loaded, which can lead to disclosure of any local files accessible to PHP. This vulnerable state may persist in the same process across many requests, until the process is shut down.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| php | php | * | |
| php | php | * | |
| fedoraproject | fedora | 38 | |
| debian | debian_linux | 10.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C516377E-EAA8-4534-B0B8-4BF7A664DDFD",
"versionEndExcluding": "8.0.30",
"versionStartIncluding": "8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3DA6AD3E-CB35-4AF2-86E9-3BC831728058",
"versionEndExcluding": "8.1.22",
"versionStartIncluding": "8.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "75AD1BDB-02D7-4727-8F08-8E1F794DB842",
"versionEndExcluding": "8.2.9",
"versionStartIncluding": "8.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In PHP versions 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8 various XML functions rely on libxml global state to track configuration variables, like whether external entities are loaded. This state is assumed to be unchanged unless the user explicitly changes it by calling appropriate function. However, since the state is process-global, other modules - such as\u00a0ImageMagick - may also use this library within the same process, and change that global state for their internal purposes, and leave it in a state where external entities loading is enabled. This can lead to the situation where external XML is parsed with external entities loaded, which can lead to disclosure of any local files accessible to PHP. This vulnerable state may persist in the same process across many requests, until the process is shut down."
},
{
"lang": "es",
"value": "En las versiones de PHP 8.0.* antes de la 8.0.30, 8.1.* antes de la 8.1.22, y 8.2.* antes de la 8.2.8 varias funciones XML se basan en el estado global de libxml para rastrear variables de configuraci\u00f3n, como si las entidades externas est\u00e1n cargadas. Se asume que este estado no cambia a menos que el usuario lo cambie expl\u00edcitamente llamando a la funci\u00f3n apropiada. Sin embargo, dado que el estado es global del proceso, otros m\u00f3dulos - como ImageMagick - pueden tambi\u00e9n usar esta librer\u00eda dentro del mismo proceso, y cambiar ese estado global para sus prop\u00f3sitos internos, y dejarlo en un estado en el que la carga de entidades externas est\u00e9 habilitada. Esto puede llevar a la situaci\u00f3n donde XML externo es analizado con entidades externas cargadas, lo que puede llevar a la divulgaci\u00f3n de cualquier archivo local accesible a PHP. Este estado vulnerable puede persistir en el mismo proceso a trav\u00e9s de muchas peticiones, hasta que el proceso sea cerrado."
}
],
"id": "CVE-2023-3823",
"lastModified": "2025-02-13T17:16:59.300",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.7,
"source": "security@php.net",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-08-11T06:15:09.283",
"references": [
{
"source": "security@php.net",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/php/php-src/security/advisories/GHSA-3qrf-m4j2-pcrr"
},
{
"source": "security@php.net",
"tags": [
"Mailing List"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00002.html"
},
{
"source": "security@php.net",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7NBF77WN6DTVTY2RE73IGPYD6M4PIAWA/"
},
{
"source": "security@php.net",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20230825-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/php/php-src/security/advisories/GHSA-3qrf-m4j2-pcrr"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7NBF77WN6DTVTY2RE73IGPYD6M4PIAWA/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20230825-0001/"
}
],
"sourceIdentifier": "security@php.net",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-611"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-01-10 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
PHP 4.x to 4.3.9, and PHP 5.x to 5.0.2, when running in safe mode on a multithreaded Unix webserver, allows local users to bypass safe_mode_exec_dir restrictions and execute commands outside of the intended safe_mode_exec_dir via shell metacharacters in the current directory name. NOTE: this issue was originally REJECTed by its CNA before publication, but that decision is in active dispute. This candidate may change significantly in the future as a result of further discussion.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "241DD577-6407-4390-A992-61972240FE0E",
"versionEndIncluding": "4.3.9",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6578037E-94D3-4531-ABDD-E09A9D96D6D2",
"versionEndIncluding": "5.0.2",
"versionStartIncluding": "5.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "778A6957-455B-420A-BAAF-E7F88FF4FB1E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PHP 4.x to 4.3.9, and PHP 5.x to 5.0.2, when running in safe mode on a multithreaded Unix webserver, allows local users to bypass safe_mode_exec_dir restrictions and execute commands outside of the intended safe_mode_exec_dir via shell metacharacters in the current directory name. NOTE: this issue was originally REJECTed by its CNA before publication, but that decision is in active dispute. This candidate may change significantly in the future as a result of further discussion."
},
{
"lang": "es",
"value": "** RECHAZADA ** No usar este n\u00famero de candidata."
}
],
"id": "CVE-2004-1063",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-01-10T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000915"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200412-14.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.hardened-php.net/advisories/012004.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:151"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:072"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.osvdb.org/12412"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://www.php.net/release_4_3_10.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/advisories/9028"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/384545"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/11964"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18511"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.ubuntu.com/usn/usn-99-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000915"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200412-14.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.hardened-php.net/advisories/012004.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:151"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:072"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.osvdb.org/12412"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://www.php.net/release_4_3_10.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/advisories/9028"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/384545"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/11964"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18511"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.ubuntu.com/usn/usn-99-1/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "We do not consider safe_mode / open_basedir restriction bypass issues being security sensitive. For more details see http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=169857#c1 and http://www.php.net/security-note.php",
"lastModified": "2008-10-30T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-06-09 18:59
Modified
2025-04-12 10:46
Severity ?
Summary
Algorithmic complexity vulnerability in the multipart_buffer_headers function in main/rfc1867.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote attackers to cause a denial of service (CPU consumption) via crafted form data that triggers an improper order-of-growth outcome.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7883E465-932D-4C11-AA54-97E44181F906",
"versionEndIncluding": "10.10.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3D712E27-BB9C-4626-BFD2-12E50F9C2FD4",
"versionEndIncluding": "5.4.40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.39:*:*:*:*:*:*:*",
"matchCriteriaId": "14D652D3-59BB-4BCA-95E4-87A8102154CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9F6D9B19-E64D-4BED-9194-17460CE19E6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "3D25E591-448C-4E3B-8557-6E48F7571796",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "6DA18F3F-B4B5-40C3-BF19-67C1F0C1787D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha3:*:*:*:*:*:*",
"matchCriteriaId": "3AF783C9-26E7-4E02-BD41-77B9783667E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha4:*:*:*:*:*:*",
"matchCriteriaId": "EF49701D-ECE4-4CEB-BDAB-24C09C8AD4B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha5:*:*:*:*:*:*",
"matchCriteriaId": "7AEDF6F7-001D-4A35-A26F-417991AD377F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha6:*:*:*:*:*:*",
"matchCriteriaId": "4031DB99-B4B4-41EC-B3C1-543D92C575A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "D5450EA7-A398-49D2-AA8E-7C95B074BAB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "04FE0E4E-BC94-4DC9-BE9B-DC57B952B2FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "BB8E09D8-9CBE-4279-88B7-24A214A5A537",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "2D41ECCE-887D-49A2-9BB3-B559495AC55B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "79B418BC-27F4-4443-A0F7-FF4ADA568C1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "8EEBDF62-BA1B-4438-9AEA-8B56AA5713E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F644EA6C-50C6-4A1C-A4AC-287AA9477B46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4DD47F30-74F5-48E8-8657-C2373FE2BD22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0C09527B-6B47-41F8-BDE6-01C47E452286",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2E454D87-23CB-4D7F-90FE-942EE54D661F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1031E646-F2CF-4A3E-8E6A-5D4BC950BEDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "130E50C1-D209-4CFF-9399-69D561340FBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F29948-9417-460B-8B04-D91AE4E8B423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A37D00C1-4F41-4400-9CE4-8E8BAA3E4142",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "093D08B7-CC3C-4616-8697-F15B253A7D9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E9CD8FEE-DE7B-47CB-9985-4092BFA071D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "A30B2D9E-F289-43C9-BFBC-1CEF284A417E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*",
"matchCriteriaId": "FE41CFDF-8ECD-41C1-94A7-5AFD42C5DDEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*",
"matchCriteriaId": "6AEAC9BA-AF82-4345-839C-D339DCB962A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:*",
"matchCriteriaId": "1EFE682F-52E3-48EC-A993-F522FC29712F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.18:*:*:*:*:*:*:*",
"matchCriteriaId": "AC63A449-5D92-4F5F-8186-B58FFFBA54FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.19:*:*:*:*:*:*:*",
"matchCriteriaId": "F18236F6-2065-4A6A-93E7-FD90E650C689",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.20:*:*:*:*:*:*:*",
"matchCriteriaId": "DEFBA84A-A4E4-438B-B9B5-8549809DCECC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.21:*:*:*:*:*:*:*",
"matchCriteriaId": "146D3DC9-50F4-430B-B321-68ECE78879A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.22:*:*:*:*:*:*:*",
"matchCriteriaId": "1D5A7CA6-7653-46C5-8DF7-95584BF7A879",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.23:*:*:*:*:*:*:*",
"matchCriteriaId": "C5BA8300-2F4D-4C1E-8CCE-F45E8F3547A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.24:*:*:*:*:*:*:*",
"matchCriteriaId": "59A42F02-F363-4C13-BE83-19F757B84455",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "5BF4E8FF-A3EC-43E8-A0C1-FD38AFCB77B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "54ADECFC-3C07-43BC-B296-6C25AC7F1C95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*",
"matchCriteriaId": "FE192054-2FBB-4388-A52A-422E20DEA2D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*",
"matchCriteriaId": "F0195D48-3B42-4AC0-B9C5-436E01C63879",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*",
"matchCriteriaId": "BF0E5D67-ABC1-41A5-94E1-7DD3CDB51D81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "319E0573-B1AD-40B6-B4BC-8BE67ED3EFDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "1A7C00EB-87B7-4EB7-A4AC-8665D8C78467",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "21BFCF10-786A-4D1E-9C37-50A1EC6056F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "95A6D6C8-5F46-4897-A0B0-778631E8CE6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE18933A-5FE6-41C7-B1B6-DA3E762C3FB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9AE1289F-03A6-4621-B387-5F5ADAC4AE92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "383697F5-D29E-475A-84F3-46B54A928889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "786ED182-5D71-4197-9196-12AB5CF05F85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF90980D-74AD-44AA-A7C5-A0B294CCE4F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "48D6B69C-8F27-4F4C-B953-67A7F9C2FBA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B53DC0C3-EA19-4465-B65A-BC7CDB10D8BF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D06BF4CE-299F-42E4-BA0A-5D68788C92DF",
"versionEndIncluding": "7.5.3.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*",
"matchCriteriaId": "CC7A498A-A669-4C42-8134-86103C799D13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*",
"matchCriteriaId": "104DA87B-DEE4-4262-AE50-8E6BC43B228B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0B1C288F-326B-497B-B26C-D26E01262DDB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84489B-B08C-4854-8A12-D01B6E45CF79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8CD4EF-DC90-40BB-A721-6EC087507906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Algorithmic complexity vulnerability in the multipart_buffer_headers function in main/rfc1867.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote attackers to cause a denial of service (CPU consumption) via crafted form data that triggers an improper order-of-growth outcome."
},
{
"lang": "es",
"value": "Vulnerabilidad de complejidad algor\u00edtmica en la funci\u00f3n multipart_buffer_headers en main/rfc1867.c en PHP anterior a 5.4.41, 5.5.x anterior a 5.5.25, y 5.6.x anterior a 5.6.9 permiten a atacantes remotos causar una denegaci\u00f3n de servicio (consumo de CPU) a trav\u00e9s de datos de formularios manipulados que provocan un resultado de orden de crecimiento incorrecto."
}
],
"id": "CVE-2015-4024",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-06-09T18:59:06.770",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158616.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158915.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159031.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00002.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1135.html"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1186.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1187.html"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1218.html"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1219.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2015/dsa-3280"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/74903"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1032432"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
],
"url": "https://bugs.php.net/bug.php?id=69364"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763"
},
{
"source": "cve@mitre.org",
"url": "https://support.apple.com/kb/HT205031"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158616.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158915.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159031.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1135.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1186.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1187.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1218.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1219.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3280"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/74903"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032432"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "https://bugs.php.net/bug.php?id=69364"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.apple.com/kb/HT205031"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-24 21:59
Modified
2025-04-20 01:37
Severity ?
Summary
The php_wddx_pop_element function in ext/wddx/wddx.c in PHP 7.0.x before 7.0.15 and 7.1.x before 7.1.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an inapplicable class name in a wddxPacket XML document, leading to mishandling in a wddx_deserialize call.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6890AF-8A0A-46EE-AAD5-CF9AAE14A321",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6B90B947-7B54-47F3-9637-2F4AC44079EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "35848414-BD5D-4164-84DC-61ABBB1C4152",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2B1F8402-8551-4F66-A9A7-81D472AB058E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7A773E8E-48CD-4D35-A0FD-629BD9334486",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FC492340-79AF-4676-A161-079A97EC6F0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F1C2D8FE-C380-4B43-B634-A3DBA4700A71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3EB58393-0C10-413C-8D95-6BAA8BC19A1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "751F51CA-9D88-4971-A6EC-8C0B72E8E22B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "37B74118-8FC2-44CB-9673-A83DF777B2E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "4D56A200-1477-40DA-9444-CFC946157C69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "FD0D1CCC-A857-4C15-899E-08F9255CEE34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "6745CC43-2836-4CD8-848F-EEA08AE9D5AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "7BEB6696-14F9-4D9B-9974-B682FFBB828E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "04146390-021D-4147-9830-9EAA90D120A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0C68AA43-ED90-4B98-A5F8-4E210C2CC7CD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The php_wddx_pop_element function in ext/wddx/wddx.c in PHP 7.0.x before 7.0.15 and 7.1.x before 7.1.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an inapplicable class name in a wddxPacket XML document, leading to mishandling in a wddx_deserialize call."
},
{
"lang": "es",
"value": "La funci\u00f3n php_wddx_pop_element en ext/wddx/wddx.c en PHP 7.0.x en versiones anteriores a 7.0.15 y 7.1.x en versiones anteriores a 7.1.1 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (referencia a puntero NULL y ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de un nombre de clase inaplicable en un documento XML wddxPacket, esto lleva a un mal manejo en una llamada la wddx_deserialize."
}
],
"id": "CVE-2016-10162",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-24T21:59:00.307",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://php.net/ChangeLog-7.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/95668"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1037659"
},
{
"source": "cve@mitre.org",
"url": "https://access.redhat.com/errata/RHSA-2018:1296"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://bugs.php.net/bug.php?id=73831"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/php/php-src/commit/8d2539fa0faf3f63e1d1e7635347c5b9e777d47b"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://php.net/ChangeLog-7.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/95668"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037659"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2018:1296"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://bugs.php.net/bug.php?id=73831"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/php/php-src/commit/8d2539fa0faf3f63e1d1e7635347c5b9e777d47b"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-03-28 00:19
Modified
2025-04-09 00:30
Severity ?
Summary
The mail function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 truncates e-mail messages at the first ASCIIZ ('\0') byte, which might allow context-dependent attackers to prevent intended information from being delivered in e-mail messages. NOTE: this issue might be security-relevant in cases when the trailing contents of e-mail messages are important, such as logging information or if the message is expected to be well-formed.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0.0 | |
| php | php | 4.0.1 | |
| php | php | 4.0.1 | |
| php | php | 4.0.1 | |
| php | php | 4.0.2 | |
| php | php | 4.0.3 | |
| php | php | 4.0.3 | |
| php | php | 4.0.4 | |
| php | php | 4.0.4 | |
| php | php | 4.0.5 | |
| php | php | 4.0.6 | |
| php | php | 4.0.7 | |
| php | php | 4.0.7 | |
| php | php | 4.0.7 | |
| php | php | 4.0.7 | |
| php | php | 4.1.0 | |
| php | php | 4.1.1 | |
| php | php | 4.1.2 | |
| php | php | 4.2 | |
| php | php | 4.2.0 | |
| php | php | 4.2.1 | |
| php | php | 4.2.2 | |
| php | php | 4.2.3 | |
| php | php | 4.3.0 | |
| php | php | 4.3.1 | |
| php | php | 4.3.2 | |
| php | php | 4.3.3 | |
| php | php | 4.3.4 | |
| php | php | 4.3.5 | |
| php | php | 4.3.6 | |
| php | php | 4.3.7 | |
| php | php | 4.3.8 | |
| php | php | 4.3.9 | |
| php | php | 4.3.10 | |
| php | php | 4.3.11 | |
| php | php | 4.4.0 | |
| php | php | 4.4.1 | |
| php | php | 4.4.2 | |
| php | php | 4.4.3 | |
| php | php | 4.4.4 | |
| php | php | 4.4.5 | |
| php | php | 4.4.6 | |
| php | php | 5.0 | |
| php | php | 5.0 | |
| php | php | 5.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.1 | |
| php | php | 5.0.2 | |
| php | php | 5.0.3 | |
| php | php | 5.0.4 | |
| php | php | 5.0.5 | |
| php | php | 5.1.0 | |
| php | php | 5.1.1 | |
| php | php | 5.1.2 | |
| php | php | 5.1.3 | |
| php | php | 5.1.4 | |
| php | php | 5.1.5 | |
| php | php | 5.1.6 | |
| php | php | 5.2.0 | |
| php | php | 5.2.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EDBEC461-D553-41B7-8D85-20B6A933C21C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta_4_patch1:*:*:*:*:*:*",
"matchCriteriaId": "AEEF2298-98E8-409F-9205-84817CEF947B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "6AFC00BA-D64D-4407-AC69-FDD9FF013943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "D80F2A8B-B57F-4970-867A-55E8187C1502",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "EF4E0EFE-4FF6-4E8F-8EC5-68B059FC0C42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "49965B80-DC27-4864-BDF0-CBBFF16BFD80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8212495A-0F2A-4787-93F2-F6618F9A777B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "C6F0F8FC-C57A-4AEA-A59F-41140347318A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF57C14-86B6-419A-BAFF-93D01CB1E081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78BAA18C-E5A0-4210-B64B-709BBFF31EEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.1:patch1:*:*:*:*:*:*",
"matchCriteriaId": "419867C6-37BE-43B4-BFE0-6325FEE3807D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.1:patch2:*:*:*:*:*:*",
"matchCriteriaId": "37896E87-95C2-4039-8362-BC03B1C56706",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "13A159B4-B847-47DE-B7F8-89384E6C551B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "57B59616-A309-40B4-94B1-50A7BC00E35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.3:patch1:*:*:*:*:*:*",
"matchCriteriaId": "8667FBC6-04B6-40E5-93B3-6C22BEED4B26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0F39A1B1-416E-4436-8007-733B66904A14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.4:patch1:*:*:*:*:*:*",
"matchCriteriaId": "9B8B3138-3DCC-4682-B9A8-920E1110700D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DD5FC218-3DDB-4981-81C9-6C69F8DA6F4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2E5F96-66D2-4F99-A74D-6A2305EE218E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2D724D09-0D45-4701-93C9-348301217C8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:rc1:*:*:*:*:*:*",
"matchCriteriaId": "FC6A6F47-5C7C-4F82-B23B-9C959C69B27F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:rc2:*:*:*:*:*:*",
"matchCriteriaId": "AE1A4DA6-6181-43A8-B0D8-5A016C3E75FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:rc3:*:*:*:*:*:*",
"matchCriteriaId": "6E36203C-1392-49BB-AE7E-49626963D673",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6713614A-B14E-4A85-BF89-ED780068FC68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FD95F8EB-B428-4B3C-9254-A5DECE03A989",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "069EB7EE-06B9-454F-9007-8DE5DCA33C53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2:*:dev:*:*:*:*:*",
"matchCriteriaId": "BBA861A2-F0CD-4DBB-B43A-4970EB114DA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "18BF5BE6-09EA-45AD-93BF-2BEF1742534E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EC1460DF-1687-4314-BF1A-01290B20302D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "470380B0-3982-48FC-871B-C8B43C81900D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAA7712-10F0-4BB6-BAFB-D0806AFD9DE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "63190D9B-7958-4B93-87C6-E7D5A572F6DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7AB2E2E8-81D6-4973-AC0F-AA644EE99DD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4AAF4586-74FF-47C6-864B-656FDF3F33D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B14EF0C7-61F2-47A4-B7F8-43FF03C62DCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5245F990-B4A7-4ED8-909D-B8137CE79FAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5652D5B0-68E4-4239-B9B7-599AFCF4C53E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "57B71BB7-5239-4860-9100-8CABC3992D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "72BD447A-4EED-482C-8F61-48FAD4FCF8BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B3F9DF9D-15E5-4387-ABE3-A7583331A928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "11579E5C-D7CF-46EE-B015-5F4185C174E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C69CDE21-2FD4-4529-8F02-8709CF5E3D7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "221B9AC4-C63C-4386-B3BD-E4BC102C6124",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "78B7BA75-2A32-4A8E-ADF8-BCB4FC48CB5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2BEA491B-77FD-4760-8F6F-3EBC6BD810D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BB25CFBB-347C-479E-8853-F49DD6CBD7D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4D2937B3-D034-400E-84F5-33833CE3764D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "71AEE8B4-FCF8-483B-8D4C-2E80A02E925E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4C2AF1D9-33B6-4B2C-9269-426B6B720164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "84B70263-37AA-4539-A286-12038A3792C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0F9D7662-A5B6-41D0-B6A1-E5ABC5ABA47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "E3797AB5-9E49-4251-A212-B6E5D9996764",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "D61D9CE9-F7A3-4F52-9D4E-B2473804ECB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7007E77F-60EF-44D8-9676-15B59DF1325F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "E727CECE-E452-489A-A42F-5A069D6AF80E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "149A1FB8-593E-412B-8E1C-3E560301D500",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "5D6E8982-D7AE-4A52-8F7C-A4D59D2A2CA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "8FC144FA-8F84-44C0-B263-B639FEAD20FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "295907B4-C3DE-4021-BE3B-A8826D4379E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "DBC98F82-6E1D-4A89-8ED4-ECD9BD954EB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "B881352D-954E-4FC0-9E42-93D02A3F3089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "17437AED-816A-4CCF-96DE-8C3D0CC8DB2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "74E7AE59-1CB0-4300-BBE0-109F909789EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9222821E-370F-4616-B787-CC22C2F4E7CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9809449F-9A76-4318-B233-B4C2950A6EA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0AA962D4-A4EC-4DC3-B8A9-D10941B92781",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8CDFEF9-C367-4800-8A2F-375C261FAE55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "16E43B88-1563-4EFD-9267-AE3E8C35D67A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "11E5715F-A8BC-49EF-836B-BB78E1BC0790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5FA68843-158E-463E-B68A-1ACF041C4E10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1874F637-77E2-4C4A-BF92-AEE96A60BFB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9592B32E-55CD-42D0-901E-8319823BC820",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A9BF34B5-F74C-4D56-9841-42452D60CB87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD02D837-FD28-4E0F-93F8-25E8D1C84A99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "88358D1E-BE6F-4CE3-A522-83D1FA4739E3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The mail function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 truncates e-mail messages at the first ASCIIZ (\u0027\\0\u0027) byte, which might allow context-dependent attackers to prevent intended information from being delivered in e-mail messages. NOTE: this issue might be security-relevant in cases when the trailing contents of e-mail messages are important, such as logging information or if the message is expected to be well-formed."
},
{
"lang": "es",
"value": "La funci\u00f3n mail en PHP 4.0.0 hasta 4.4.6 y 5.0.0 hasta 5.2.1 trunca los mensajes de correo electr\u00f3nico en el primer byte ASCIIZ (\u0027\\0\u0027), lo cual podr\u00eda permitir a atacantes dependientes de contexto evitar que cierta informaci\u00f3n del correo electr\u00f3nico sea entregada. NOTA: este asunto podr\u00eda ser relevante a la seguridad en casos donde el rastro de los contenidos de mensajes de correo electr\u00f3nico es importante, como informaci\u00f3n de inicio de sesi\u00f3n o si del mensaje se espera que est\u00e9 bien formado."
}
],
"id": "CVE-2007-1717",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-03-28T00:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://docs.info.apple.com/article.html?artnum=306172"
},
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/25056"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/25445"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/26235"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200705-19.xml"
},
{
"source": "cve@mitre.org",
"url": "http://us2.php.net/releases/4_4_7.php"
},
{
"source": "cve@mitre.org",
"url": "http://us2.php.net/releases/5_2_2.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2007_32_php.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.php-security.org/MOPB/MOPB-33-2007.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/23146"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/25159"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/2732"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33518"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://docs.info.apple.com/article.html?artnum=306172"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25056"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25445"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26235"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200705-19.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://us2.php.net/releases/4_4_7.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://us2.php.net/releases/5_2_2.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2007_32_php.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.php-security.org/MOPB/MOPB-33-2007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/23146"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/25159"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/2732"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33518"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "This issue has no security impact.",
"lastModified": "2007-05-04T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-03-18 15:55
Modified
2025-04-11 00:51
Severity ?
Summary
Use-after-free vulnerability in the substr_replace function in PHP 5.3.6 and earlier allows context-dependent attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact by using the same variable for multiple arguments.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| php | php | 1.0 | |
| php | php | 2.0 | |
| php | php | 2.0b10 | |
| php | php | 3.0 | |
| php | php | 3.0.1 | |
| php | php | 3.0.2 | |
| php | php | 3.0.3 | |
| php | php | 3.0.4 | |
| php | php | 3.0.5 | |
| php | php | 3.0.6 | |
| php | php | 3.0.7 | |
| php | php | 3.0.8 | |
| php | php | 3.0.9 | |
| php | php | 3.0.10 | |
| php | php | 3.0.11 | |
| php | php | 3.0.12 | |
| php | php | 3.0.13 | |
| php | php | 3.0.14 | |
| php | php | 3.0.15 | |
| php | php | 3.0.16 | |
| php | php | 3.0.17 | |
| php | php | 3.0.18 | |
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0.0 | |
| php | php | 4.0.1 | |
| php | php | 4.0.2 | |
| php | php | 4.0.3 | |
| php | php | 4.0.4 | |
| php | php | 4.0.5 | |
| php | php | 4.0.6 | |
| php | php | 4.0.7 | |
| php | php | 4.1.0 | |
| php | php | 4.1.1 | |
| php | php | 4.1.2 | |
| php | php | 4.2.0 | |
| php | php | 4.2.1 | |
| php | php | 4.2.2 | |
| php | php | 4.2.3 | |
| php | php | 4.3.0 | |
| php | php | 4.3.1 | |
| php | php | 4.3.2 | |
| php | php | 4.3.3 | |
| php | php | 4.3.4 | |
| php | php | 4.3.5 | |
| php | php | 4.3.6 | |
| php | php | 4.3.7 | |
| php | php | 4.3.8 | |
| php | php | 4.3.9 | |
| php | php | 4.3.10 | |
| php | php | 4.3.11 | |
| php | php | 4.4.0 | |
| php | php | 4.4.1 | |
| php | php | 4.4.2 | |
| php | php | 4.4.3 | |
| php | php | 4.4.4 | |
| php | php | 4.4.5 | |
| php | php | 4.4.6 | |
| php | php | 4.4.7 | |
| php | php | 4.4.8 | |
| php | php | 4.4.9 | |
| php | php | 5.3.0 | |
| php | php | 5.3.1 | |
| php | php | 5.3.2 | |
| php | php | 5.3.3 | |
| php | php | 5.3.4 | |
| php | php | 5.3.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01ECE592-FB2E-4614-A1B7-24C5B729BF6A",
"versionEndIncluding": "5.3.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "92647629-083F-4042-8365-4AD2EBC9C1BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FF72E8D5-9F8C-4BD4-9AA4-28E23CB48A47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:2.0b10:*:*:*:*:*:*:*",
"matchCriteriaId": "83BE1120-6370-4470-8586-6581EDF3FD69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "245C601D-0FE7-47E3-8304-6FF45E9567D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "691BB8BB-329A-4640-B758-7590C99B5E42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E2BC4CCE-2774-463E-82EA-36CD442D3A7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C478024C-2FCD-463F-A75E-E04660AA9DF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AC9C32F4-5102-4E9B-9F32-B24B65A5ED2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A5BD99C0-E875-496E-BE5E-A8DCBD414B5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1851ADE5-C70C-46E0-941A-6ADF7DB5C126",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "69DA3BA2-AF53-4C9D-93FA-0317841595B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0CFEE5-2274-4BBC-A24A-3A0D13F607FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "67B59D6A-7EDA-4C34-81D6-C2557C85D164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "AEBA40B6-8FDF-41AA-8166-F491FF7F3118",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E74E2B72-A428-4BB3-B6F8-0AF5E487A807",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "1E2F1D82-8E6A-4FBF-9055-A0F395DC17FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "945FF149-3446-4905-BCA1-C397E3497B58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "8E446DBD-FEFA-4D22-9C9D-51F61C01E414",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "3C8DE728-78E1-4F9F-BC56-CD9B10E61287",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "80E31CC6-9356-4BB7-9F49-320AAF341E1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB8AD3A-9181-459A-9AF2-B3FC6BAF6FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "4B3E7199-8FB7-4930-9C0A-A36A698940B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EDBEC461-D553-41B7-8D85-20B6A933C21C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta_4_patch1:*:*:*:*:*:*",
"matchCriteriaId": "AEEF2298-98E8-409F-9205-84817CEF947B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "6AFC00BA-D64D-4407-AC69-FDD9FF013943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "D80F2A8B-B57F-4970-867A-55E8187C1502",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "EF4E0EFE-4FF6-4E8F-8EC5-68B059FC0C42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "49965B80-DC27-4864-BDF0-CBBFF16BFD80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF57C14-86B6-419A-BAFF-93D01CB1E081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78BAA18C-E5A0-4210-B64B-709BBFF31EEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "13A159B4-B847-47DE-B7F8-89384E6C551B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "57B59616-A309-40B4-94B1-50A7BC00E35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0F39A1B1-416E-4436-8007-733B66904A14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DD5FC218-3DDB-4981-81C9-6C69F8DA6F4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2E5F96-66D2-4F99-A74D-6A2305EE218E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2D724D09-0D45-4701-93C9-348301217C8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6713614A-B14E-4A85-BF89-ED780068FC68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FD95F8EB-B428-4B3C-9254-A5DECE03A989",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "069EB7EE-06B9-454F-9007-8DE5DCA33C53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "18BF5BE6-09EA-45AD-93BF-2BEF1742534E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EC1460DF-1687-4314-BF1A-01290B20302D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "470380B0-3982-48FC-871B-C8B43C81900D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAA7712-10F0-4BB6-BAFB-D0806AFD9DE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "63190D9B-7958-4B93-87C6-E7D5A572F6DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7AB2E2E8-81D6-4973-AC0F-AA644EE99DD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4AAF4586-74FF-47C6-864B-656FDF3F33D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B14EF0C7-61F2-47A4-B7F8-43FF03C62DCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5245F990-B4A7-4ED8-909D-B8137CE79FAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5652D5B0-68E4-4239-B9B7-599AFCF4C53E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "57B71BB7-5239-4860-9100-8CABC3992D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "72BD447A-4EED-482C-8F61-48FAD4FCF8BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B3F9DF9D-15E5-4387-ABE3-A7583331A928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "11579E5C-D7CF-46EE-B015-5F4185C174E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C69CDE21-2FD4-4529-8F02-8709CF5E3D7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "221B9AC4-C63C-4386-B3BD-E4BC102C6124",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "78B7BA75-2A32-4A8E-ADF8-BCB4FC48CB5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2BEA491B-77FD-4760-8F6F-3EBC6BD810D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BB25CFBB-347C-479E-8853-F49DD6CBD7D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4D2937B3-D034-400E-84F5-33833CE3764D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "71AEE8B4-FCF8-483B-8D4C-2E80A02E925E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4C2AF1D9-33B6-4B2C-9269-426B6B720164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "84B70263-37AA-4539-A286-12038A3792C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2E46E4B4-808C-4B47-81D9-EC2B02A5E57B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6FF30D7F-353B-4496-9A89-4EF2BB279E0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "DD97DF34-35AB-4979-96E2-B23DC8556A79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9EF4B938-BB14-4C06-BEE9-10CA755C5DEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "981C922C-7A7D-473E-8C43-03AB62FB5B8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5D0CD11A-09C2-4C60-8F0C-68E55BD6EE63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B0F40E4A-E125-4099-A8B3-D42614AA9312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4933D9DD-A630-4A3D-9D13-9E182F5F6F8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A9E6D530-91FC-42F4-A427-6601238E0187",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in the substr_replace function in PHP 5.3.6 and earlier allows context-dependent attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact by using the same variable for multiple arguments."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despu\u00e9s de la liberaci\u00f3n en la funci\u00f3n substr_replace en PHP v5.3.6 y anteriores, permite a atacantes remotos producir una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) o posiblemente tener otro impacto utilizando la misma variable para m\u00faltiples argumentos."
}
],
"id": "CVE-2011-1148",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-03-18T15:55:01.227",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://bugs.php.net/bug.php?id=54238"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html"
},
{
"source": "secalert@redhat.com",
"url": "http://marc.info/?l=bugtraq\u0026m=133469208622507\u0026w=2"
},
{
"source": "secalert@redhat.com",
"url": "http://marc.info/?l=bugtraq\u0026m=133469208622507\u0026w=2"
},
{
"source": "secalert@redhat.com",
"url": "http://openwall.com/lists/oss-security/2011/03/13/2"
},
{
"source": "secalert@redhat.com",
"url": "http://openwall.com/lists/oss-security/2011/03/13/3"
},
{
"source": "secalert@redhat.com",
"url": "http://openwall.com/lists/oss-security/2011/03/13/9"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT5130"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:165"
},
{
"source": "secalert@redhat.com",
"url": "http://www.php.net/ChangeLog-5.php#5.3.7"
},
{
"source": "secalert@redhat.com",
"url": "http://www.php.net/archive/2011.php#id2011-08-18-1"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1423.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/46843"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/49241"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66080"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.php.net/bug.php?id=54238"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=133469208622507\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=133469208622507\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://openwall.com/lists/oss-security/2011/03/13/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://openwall.com/lists/oss-security/2011/03/13/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://openwall.com/lists/oss-security/2011/03/13/9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5130"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:165"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.php.net/ChangeLog-5.php#5.3.7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.php.net/archive/2011.php#id2011-08-18-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1423.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/46843"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/49241"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66080"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-04-01 04:15
Modified
2024-11-21 05:36
Severity ?
7.4 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
In PHP versions 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using mb_strtolower() function with UTF-32LE encoding, certain invalid strings could cause PHP to overwrite stack-allocated buffer. This could lead to memory corruption, crashes and potentially code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| php | php | * | |
| debian | debian_linux | 10.0 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 | |
| canonical | ubuntu_linux | 19.10 | |
| canonical | ubuntu_linux | 20.04 | |
| tenable | tenable.sc | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ECF918F4-EEAF-4F96-A49A-D367D549C52B",
"versionEndExcluding": "7.3.16",
"versionStartIncluding": "7.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F809DF30-2CCC-4E3D-819B-75E5E0827E45",
"versionEndExcluding": "7.4.4",
"versionStartIncluding": "7.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*",
"matchCriteriaId": "A31C8344-3E02-4EB8-8BD8-4C84B7959624",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "902B8056-9E37-443B-8905-8AA93E2447FB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "41DBA7C7-8084-45F6-B59D-13A9022C34DF",
"versionEndExcluding": "5.19.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In PHP versions 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using mb_strtolower() function with UTF-32LE encoding, certain invalid strings could cause PHP to overwrite stack-allocated buffer. This could lead to memory corruption, crashes and potentially code execution."
},
{
"lang": "es",
"value": "En PHP versiones 7.3.x por debajo de 7.3.16 y versiones 7.4.x por debajo de 7.4.4, mientras se usa la funci\u00f3n mb_strtolower() con codificaci\u00f3n UTF-32LE, determinadas cadenas no comprobadas pueden causar que PHP sobrescriba el b\u00fafer asignado de la pila. Esto podr\u00eda conllevar a una corrupci\u00f3n de la memoria, bloqueos y potencialmente a una ejecuci\u00f3n de c\u00f3digo."
}
],
"id": "CVE-2020-7065",
"lastModified": "2024-11-21T05:36:36.200",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.2,
"source": "security@php.net",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-01T04:15:13.943",
"references": [
{
"source": "security@php.net",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=79371"
},
{
"source": "security@php.net",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20200403-0001/"
},
{
"source": "security@php.net",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4330-1/"
},
{
"source": "security@php.net",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4330-2/"
},
{
"source": "security@php.net",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2020/dsa-4719"
},
{
"source": "security@php.net",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"source": "security@php.net",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.php.net/ChangeLog-7.php#7.4.4"
},
{
"source": "security@php.net",
"tags": [
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/tns-2021-14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=79371"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20200403-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4330-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4330-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2020/dsa-4719"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.php.net/ChangeLog-7.php#7.4.4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/tns-2021-14"
}
],
"sourceIdentifier": "security@php.net",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "security@php.net",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-16 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
The phar_convert_to_other function in ext/phar/phar_object.c in PHP before 5.4.43, 5.5.x before 5.5.27, and 5.6.x before 5.6.11 does not validate a file pointer before a close operation, which allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted TAR archive that is mishandled in a Phar::convertToData call.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.1 | |
| php | php | 5.6.2 | |
| php | php | 5.6.3 | |
| php | php | 5.6.4 | |
| php | php | 5.6.5 | |
| php | php | 5.6.6 | |
| php | php | 5.6.7 | |
| php | php | 5.6.8 | |
| php | php | 5.6.9 | |
| php | php | 5.6.10 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.1 | |
| php | php | 5.5.2 | |
| php | php | 5.5.3 | |
| php | php | 5.5.4 | |
| php | php | 5.5.5 | |
| php | php | 5.5.6 | |
| php | php | 5.5.7 | |
| php | php | 5.5.8 | |
| php | php | 5.5.9 | |
| php | php | 5.5.10 | |
| php | php | 5.5.11 | |
| php | php | 5.5.12 | |
| php | php | 5.5.13 | |
| php | php | 5.5.14 | |
| php | php | 5.5.15 | |
| php | php | 5.5.16 | |
| php | php | 5.5.17 | |
| php | php | 5.5.18 | |
| php | php | 5.5.19 | |
| php | php | 5.5.20 | |
| php | php | 5.5.21 | |
| php | php | 5.5.22 | |
| php | php | 5.5.23 | |
| php | php | 5.5.24 | |
| php | php | 5.5.25 | |
| php | php | 5.5.26 | |
| php | php | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "5BF4E8FF-A3EC-43E8-A0C1-FD38AFCB77B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "54ADECFC-3C07-43BC-B296-6C25AC7F1C95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*",
"matchCriteriaId": "FE192054-2FBB-4388-A52A-422E20DEA2D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*",
"matchCriteriaId": "F0195D48-3B42-4AC0-B9C5-436E01C63879",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*",
"matchCriteriaId": "BF0E5D67-ABC1-41A5-94E1-7DD3CDB51D81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "319E0573-B1AD-40B6-B4BC-8BE67ED3EFDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "1A7C00EB-87B7-4EB7-A4AC-8665D8C78467",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "21BFCF10-786A-4D1E-9C37-50A1EC6056F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "95A6D6C8-5F46-4897-A0B0-778631E8CE6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F1F13E2D-A8F7-4B74-8D03-7905C81672C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE18933A-5FE6-41C7-B1B6-DA3E762C3FB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9AE1289F-03A6-4621-B387-5F5ADAC4AE92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "383697F5-D29E-475A-84F3-46B54A928889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "786ED182-5D71-4197-9196-12AB5CF05F85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF90980D-74AD-44AA-A7C5-A0B294CCE4F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "48D6B69C-8F27-4F4C-B953-67A7F9C2FBA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B53DC0C3-EA19-4465-B65A-BC7CDB10D8BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "BEA4DFC1-6C0C-42FB-9F47-E3E1AA9E47E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "D904E21A-4B3B-4D96-850C-0C0315F14E6D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9F6D9B19-E64D-4BED-9194-17460CE19E6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "3D25E591-448C-4E3B-8557-6E48F7571796",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "6DA18F3F-B4B5-40C3-BF19-67C1F0C1787D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha3:*:*:*:*:*:*",
"matchCriteriaId": "3AF783C9-26E7-4E02-BD41-77B9783667E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha4:*:*:*:*:*:*",
"matchCriteriaId": "EF49701D-ECE4-4CEB-BDAB-24C09C8AD4B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha5:*:*:*:*:*:*",
"matchCriteriaId": "7AEDF6F7-001D-4A35-A26F-417991AD377F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha6:*:*:*:*:*:*",
"matchCriteriaId": "4031DB99-B4B4-41EC-B3C1-543D92C575A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "D5450EA7-A398-49D2-AA8E-7C95B074BAB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "04FE0E4E-BC94-4DC9-BE9B-DC57B952B2FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "BB8E09D8-9CBE-4279-88B7-24A214A5A537",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "2D41ECCE-887D-49A2-9BB3-B559495AC55B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "79B418BC-27F4-4443-A0F7-FF4ADA568C1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "8EEBDF62-BA1B-4438-9AEA-8B56AA5713E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F644EA6C-50C6-4A1C-A4AC-287AA9477B46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4DD47F30-74F5-48E8-8657-C2373FE2BD22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0C09527B-6B47-41F8-BDE6-01C47E452286",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2E454D87-23CB-4D7F-90FE-942EE54D661F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1031E646-F2CF-4A3E-8E6A-5D4BC950BEDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "130E50C1-D209-4CFF-9399-69D561340FBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F29948-9417-460B-8B04-D91AE4E8B423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A37D00C1-4F41-4400-9CE4-8E8BAA3E4142",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "093D08B7-CC3C-4616-8697-F15B253A7D9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E9CD8FEE-DE7B-47CB-9985-4092BFA071D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "A30B2D9E-F289-43C9-BFBC-1CEF284A417E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*",
"matchCriteriaId": "FE41CFDF-8ECD-41C1-94A7-5AFD42C5DDEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*",
"matchCriteriaId": "6AEAC9BA-AF82-4345-839C-D339DCB962A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:*",
"matchCriteriaId": "1EFE682F-52E3-48EC-A993-F522FC29712F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.15:*:*:*:*:*:*:*",
"matchCriteriaId": "840EE3AC-5293-4F33-9E2C-96A0A2534B02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.16:*:*:*:*:*:*:*",
"matchCriteriaId": "1C0FC407-96DB-425E-BB57-7A5BA839C37F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.17:*:*:*:*:*:*:*",
"matchCriteriaId": "D3839C81-3DAB-4E1D-9D95-BEFFD491F43D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.18:*:*:*:*:*:*:*",
"matchCriteriaId": "AC63A449-5D92-4F5F-8186-B58FFFBA54FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.19:*:*:*:*:*:*:*",
"matchCriteriaId": "F18236F6-2065-4A6A-93E7-FD90E650C689",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.20:*:*:*:*:*:*:*",
"matchCriteriaId": "DEFBA84A-A4E4-438B-B9B5-8549809DCECC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.21:*:*:*:*:*:*:*",
"matchCriteriaId": "146D3DC9-50F4-430B-B321-68ECE78879A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.22:*:*:*:*:*:*:*",
"matchCriteriaId": "1D5A7CA6-7653-46C5-8DF7-95584BF7A879",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.23:*:*:*:*:*:*:*",
"matchCriteriaId": "C5BA8300-2F4D-4C1E-8CCE-F45E8F3547A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.24:*:*:*:*:*:*:*",
"matchCriteriaId": "59A42F02-F363-4C13-BE83-19F757B84455",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.25:*:*:*:*:*:*:*",
"matchCriteriaId": "423ECD5F-5611-4D9A-8BE8-E4DC1527AF58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.26:*:*:*:*:*:*:*",
"matchCriteriaId": "44FE4648-22C5-44A6-A6DF-8B235EB7DEF5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A3E9AE25-4513-4EDA-863B-EBC4B955539D",
"versionEndIncluding": "5.4.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The phar_convert_to_other function in ext/phar/phar_object.c in PHP before 5.4.43, 5.5.x before 5.5.27, and 5.6.x before 5.6.11 does not validate a file pointer before a close operation, which allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted TAR archive that is mishandled in a Phar::convertToData call."
},
{
"lang": "es",
"value": "La funci\u00f3n phar_convert_to_other en ext/phar_objetc.c en PHP en versiones anteriores a 5.4.43, 5.5.x en versiones anteriores a 5.5.27 y 5.6.x en versiones anteriores a 5.6.11 no valida un apuntador de archivo antes de una operaci\u00f3n de cierre, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (fallo de segmentaci\u00f3n) o tener un posible impacto no especificado a trav\u00e9s de un archivo TAR manipulado que no es correctamente manejado en una llamada Phar::convertToData."
}
],
"id": "CVE-2015-5589",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-16T10:59:17.473",
"references": [
{
"source": "cve@mitre.org",
"url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=bf58162ddf970f63502837f366930e44d6a992cf"
},
{
"source": "cve@mitre.org",
"url": "http://openwall.com/lists/oss-security/2015/07/18/1"
},
{
"source": "cve@mitre.org",
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2015/dsa-3344"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/75974"
},
{
"source": "cve@mitre.org",
"url": "https://bugs.php.net/bug.php?id=69958"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=bf58162ddf970f63502837f366930e44d6a992cf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://openwall.com/lists/oss-security/2015/07/18/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3344"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/75974"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugs.php.net/bug.php?id=69958"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-09-16 15:29
Modified
2024-11-21 03:53
Severity ?
Summary
The Apache2 component in PHP before 5.6.38, 7.0.x before 7.0.32, 7.1.x before 7.1.22, and 7.2.x before 7.2.10 allows XSS via the body of a "Transfer-Encoding: chunked" request, because the bucket brigade is mishandled in the php_handler function in sapi/apache2handler/sapi_apache2.c.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| php | php | * | |
| php | php | * | |
| php | php | * | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| netapp | storage_automation_store | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9248490-9A20-4460-B86A-24C93003E4F8",
"versionEndExcluding": "5.6.38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "10CEAD5B-EBF6-4F97-8FF5-9A6F7EE4ED63",
"versionEndExcluding": "7.0.32",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5EC8503-F23F-41D8-9C11-E19A5326C23B",
"versionEndExcluding": "7.1.22",
"versionStartIncluding": "7.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "328F266C-29A2-458B-8B2F-B83C65EB22BB",
"versionEndExcluding": "7.2.10",
"versionStartIncluding": "7.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B7A6697-98CC-4E36-93DB-B7160F8399F9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Apache2 component in PHP before 5.6.38, 7.0.x before 7.0.32, 7.1.x before 7.1.22, and 7.2.x before 7.2.10 allows XSS via the body of a \"Transfer-Encoding: chunked\" request, because the bucket brigade is mishandled in the php_handler function in sapi/apache2handler/sapi_apache2.c."
},
{
"lang": "es",
"value": "El componente Apache2 en PHP en versiones anteriores a la 5.6.38, versiones 7.0.x anteriores a la 7.0.32, versiones 7.1.x anteriores a la 7.1.22 y versiones 7.2.x anteriores a la 7.2.10 permite Cross-Site Scripting (XSS) mediante el cuerpo de una petici\u00f3n \"Transfer-Encoding: chunked\". Esto se debe a que bucket brigade se gestiona de manera incorrecta en la funci\u00f3n php_handler en sapi apache2handler sapi_apache2.c."
}
],
"id": "CVE-2018-17082",
"lastModified": "2024-11-21T03:53:50.937",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-09-16T15:29:00.253",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Release Notes"
],
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes"
],
"url": "http://php.net/ChangeLog-7.php"
},
{
"source": "cve@mitre.org",
"url": "https://access.redhat.com/errata/RHSA-2019:2519"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=76582"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://github.com/php/php-src/commit/23b057742e3cf199612fa8050ae86cae675e214e"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00020.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201812-01"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180924-0001/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4353"
},
{
"source": "cve@mitre.org",
"url": "https://www.tenable.com/security/tns-2019-07"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "http://php.net/ChangeLog-7.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2019:2519"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=76582"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://github.com/php/php-src/commit/23b057742e3cf199612fa8050ae86cae675e214e"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201812-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180924-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4353"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.tenable.com/security/tns-2019-07"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-08-13 15:04
Modified
2025-04-11 00:51
Severity ?
Summary
Session fixation vulnerability in the Sessions subsystem in PHP before 5.5.2 allows remote attackers to hijack web sessions by specifying a session ID.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.1 | |
| php | php | 5.0.2 | |
| php | php | 5.0.3 | |
| php | php | 5.0.4 | |
| php | php | 5.0.5 | |
| php | php | 5.1.0 | |
| php | php | 5.1.1 | |
| php | php | 5.1.2 | |
| php | php | 5.1.3 | |
| php | php | 5.1.4 | |
| php | php | 5.1.5 | |
| php | php | 5.1.6 | |
| php | php | 5.2.0 | |
| php | php | 5.2.1 | |
| php | php | 5.2.2 | |
| php | php | 5.2.3 | |
| php | php | 5.2.4 | |
| php | php | 5.2.5 | |
| php | php | 5.2.6 | |
| php | php | 5.2.7 | |
| php | php | 5.2.8 | |
| php | php | 5.2.9 | |
| php | php | 5.2.10 | |
| php | php | 5.2.11 | |
| php | php | 5.2.12 | |
| php | php | 5.2.13 | |
| php | php | 5.2.14 | |
| php | php | 5.2.15 | |
| php | php | 5.2.16 | |
| php | php | 5.2.17 | |
| php | php | 5.3.0 | |
| php | php | 5.3.1 | |
| php | php | 5.3.2 | |
| php | php | 5.3.3 | |
| php | php | 5.3.4 | |
| php | php | 5.3.5 | |
| php | php | 5.3.6 | |
| php | php | 5.3.7 | |
| php | php | 5.3.8 | |
| php | php | 5.3.9 | |
| php | php | 5.3.10 | |
| php | php | 5.3.11 | |
| php | php | 5.3.12 | |
| php | php | 5.3.13 | |
| php | php | 5.3.14 | |
| php | php | 5.3.15 | |
| php | php | 5.3.16 | |
| php | php | 5.3.17 | |
| php | php | 5.3.18 | |
| php | php | 5.3.19 | |
| php | php | 5.3.20 | |
| php | php | 5.3.21 | |
| php | php | 5.3.22 | |
| php | php | 5.3.23 | |
| php | php | 5.3.24 | |
| php | php | 5.3.25 | |
| php | php | 5.3.26 | |
| php | php | 5.3.27 | |
| php | php | 5.4.0 | |
| php | php | 5.4.1 | |
| php | php | 5.4.2 | |
| php | php | 5.4.3 | |
| php | php | 5.4.4 | |
| php | php | 5.4.5 | |
| php | php | 5.4.6 | |
| php | php | 5.4.7 | |
| php | php | 5.4.8 | |
| php | php | 5.4.9 | |
| php | php | 5.4.10 | |
| php | php | 5.4.11 | |
| php | php | 5.4.12 | |
| php | php | 5.4.12 | |
| php | php | 5.4.12 | |
| php | php | 5.4.13 | |
| php | php | 5.4.13 | |
| php | php | 5.4.14 | |
| php | php | 5.4.14 | |
| php | php | 5.4.15 | |
| php | php | 5.4.16 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "606D51F5-EF88-4016-A3FA-660224117DB8",
"versionEndIncluding": "5.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7007E77F-60EF-44D8-9676-15B59DF1325F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "E727CECE-E452-489A-A42F-5A069D6AF80E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "149A1FB8-593E-412B-8E1C-3E560301D500",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "5D6E8982-D7AE-4A52-8F7C-A4D59D2A2CA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "8FC144FA-8F84-44C0-B263-B639FEAD20FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "295907B4-C3DE-4021-BE3B-A8826D4379E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "DBC98F82-6E1D-4A89-8ED4-ECD9BD954EB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "B881352D-954E-4FC0-9E42-93D02A3F3089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "17437AED-816A-4CCF-96DE-8C3D0CC8DB2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "74E7AE59-1CB0-4300-BBE0-109F909789EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9222821E-370F-4616-B787-CC22C2F4E7CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9809449F-9A76-4318-B233-B4C2950A6EA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0AA962D4-A4EC-4DC3-B8A9-D10941B92781",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8CDFEF9-C367-4800-8A2F-375C261FAE55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "16E43B88-1563-4EFD-9267-AE3E8C35D67A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "11E5715F-A8BC-49EF-836B-BB78E1BC0790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5FA68843-158E-463E-B68A-1ACF041C4E10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1874F637-77E2-4C4A-BF92-AEE96A60BFB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9592B32E-55CD-42D0-901E-8319823BC820",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A9BF34B5-F74C-4D56-9841-42452D60CB87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD02D837-FD28-4E0F-93F8-25E8D1C84A99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "88358D1E-BE6F-4CE3-A522-83D1FA4739E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D8B97B03-7DA7-4A5F-89B4-E78CAB20DE17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "86767200-6C9C-4C3E-B111-0E5BE61E197B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B00B416D-FF23-4C76-8751-26D305F0FA0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CCB6CDDD-70D3-4004-BCE0-8C4723076103",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A782CA26-9C38-40A8-92AE-D47B14D2FCE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1C0E7E2A-4770-4B68-B74C-5F5A6E1876DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "0892C89E-9389-4452-B7E0-981A763CD426",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "635F3CB1-B042-43CC-91AB-746098018D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E1F32DDF-17A3-45B5-9227-833EBEBD3923",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "2CDFB7E9-8510-430F-BFBC-FD811D60DC78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "79D5336A-14AA-483E-9CBE-A7B53120B925",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "3AADA875-E0EA-483A-A07E-2914FE969972",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.14:*:*:*:*:*:*:*",
"matchCriteriaId": "95D48A71-B84E-4B6C-9603-B3373052E568",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "CAAB7D55-F155-43F9-A563-F2E35CFFEF26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.16:*:*:*:*:*:*:*",
"matchCriteriaId": "72243A3F-6BFD-472B-9EA4-82BE4253ED27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "E415CC22-09CA-47D2-9F1A-0BCA8960835B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9EF4B938-BB14-4C06-BEE9-10CA755C5DEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "981C922C-7A7D-473E-8C43-03AB62FB5B8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5D0CD11A-09C2-4C60-8F0C-68E55BD6EE63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B0F40E4A-E125-4099-A8B3-D42614AA9312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4933D9DD-A630-4A3D-9D13-9E182F5F6F8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A9E6D530-91FC-42F4-A427-6601238E0187",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9EC938DB-E066-407F-BDF8-61A1C41136F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "ACDF768D-7F5A-4042-B7DD-398F65F3F094",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "2AF35BB6-C6B1-4683-A8BE-AA72CC34F5B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "EC3F1891-032D-409C-904C-A415D2323DFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "4B13826D-06B2-4A46-AB24-092F6935958D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "1B6528FC-51BE-4E30-B282-D9841553BA26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "66CF9452-6225-4726-822B-C7CD620A1D6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.13:*:*:*:*:*:*:*",
"matchCriteriaId": "A953FF53-1106-42D3-BE4A-4F27C7C42F52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "D4D2F015-A38D-43C6-ADC6-A0EFCE150071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.15:*:*:*:*:*:*:*",
"matchCriteriaId": "75A8FF8E-A26A-45AD-BD91-9B4822581CE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.16:*:*:*:*:*:*:*",
"matchCriteriaId": "5F27C2F9-73BE-46EF-B5ED-8D407D22D12E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.17:*:*:*:*:*:*:*",
"matchCriteriaId": "EB212796-B71B-4F6B-9156-9C5178FF0931",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.18:*:*:*:*:*:*:*",
"matchCriteriaId": "DFBCD79D-3821-4538-B6F1-49F51E5983E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.19:*:*:*:*:*:*:*",
"matchCriteriaId": "B66E709F-E34E-4744-8970-0F70F95A8761",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.20:*:*:*:*:*:*:*",
"matchCriteriaId": "D20691D0-3102-4E82-BED9-9E7B67F9F778",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.21:*:*:*:*:*:*:*",
"matchCriteriaId": "6DA7831F-5F53-4A29-9AB1-913EBD095589",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.22:*:*:*:*:*:*:*",
"matchCriteriaId": "F798EC96-FC60-47BA-AE27-8C2261D9E5D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.23:*:*:*:*:*:*:*",
"matchCriteriaId": "633BEAF3-C73C-48FC-B623-375B9F79C93D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.24:*:*:*:*:*:*:*",
"matchCriteriaId": "965BB50E-7675-43A7-B074-98BCB1EBA311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.25:*:*:*:*:*:*:*",
"matchCriteriaId": "B52F6124-1C8E-4568-BACF-A463064DA48E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.26:*:*:*:*:*:*:*",
"matchCriteriaId": "2BA2F96C-A676-4F13-8E41-600461338B1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.27:*:*:*:*:*:*:*",
"matchCriteriaId": "E0FE5746-FA0B-493A-B3A9-DE2A153C5ECA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E7B9B8D2-78B7-4B17-955B-741C7A6F6634",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5CA2A940-BD69-4D35-AF12-432CB929248B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "29BD13F9-86C8-44C4-A860-9A87870A518E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1B361FDE-9F6A-4E9A-96F1-619DC56EECB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3DBD9E7B-1237-47A8-8A07-5CC5246A9C5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6F2BB41E-2096-4291-B0ED-06825FDFE8BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "52BA94F7-1AF9-415C-AC21-30BC25C74C5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D0A739A0-698A-422B-886B-430A79F6E945",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "086E0D24-A43E-4CEA-9FB0-FE193B88CC31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "EC8D0963-8CA5-4814-9B6D-4E1C3907737B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "77A4B7E0-C872-4E53-AD72-1BB2755E4FDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "EECCD553-53D5-485E-8C21-E2A5070833B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "95357C79-A754-4E0C-B65B-0FA241962B12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.12:rc1:*:*:*:*:*:*",
"matchCriteriaId": "25EAF9A9-F7A1-4AC7-BCFD-769BE0FDB537",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.12:rc2:*:*:*:*:*:*",
"matchCriteriaId": "74EA8037-7C22-48B3-9FA2-4BFFFFD513D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.13:*:*:*:*:*:*:*",
"matchCriteriaId": "C8D1254E-0C72-4958-BA7F-5B818C3ACB15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.13:rc1:*:*:*:*:*:*",
"matchCriteriaId": "92994FFC-F362-48AC-9CA8-8EBCAC880C91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.14:*:*:*:*:*:*:*",
"matchCriteriaId": "21131DF1-1EE5-4C84-B1E0-FA75BC39B344",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.14:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0B23F85D-465B-4176-9798-E78AADE421EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.15:rc1:*:*:*:*:*:*",
"matchCriteriaId": "ADEE52B4-8392-4321-8C00-FABA6270E728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.16:rc1:*:*:*:*:*:*",
"matchCriteriaId": "57D74F58-DB3A-4A70-93CF-B350DB65EF49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "3D25E591-448C-4E3B-8557-6E48F7571796",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "6DA18F3F-B4B5-40C3-BF19-67C1F0C1787D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha3:*:*:*:*:*:*",
"matchCriteriaId": "3AF783C9-26E7-4E02-BD41-77B9783667E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha4:*:*:*:*:*:*",
"matchCriteriaId": "EF49701D-ECE4-4CEB-BDAB-24C09C8AD4B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha5:*:*:*:*:*:*",
"matchCriteriaId": "7AEDF6F7-001D-4A35-A26F-417991AD377F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha6:*:*:*:*:*:*",
"matchCriteriaId": "4031DB99-B4B4-41EC-B3C1-543D92C575A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "D5450EA7-A398-49D2-AA8E-7C95B074BAB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "04FE0E4E-BC94-4DC9-BE9B-DC57B952B2FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "BB8E09D8-9CBE-4279-88B7-24A214A5A537",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "2D41ECCE-887D-49A2-9BB3-B559495AC55B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "79B418BC-27F4-4443-A0F7-FF4ADA568C1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "8EEBDF62-BA1B-4438-9AEA-8B56AA5713E8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Session fixation vulnerability in the Sessions subsystem in PHP before 5.5.2 allows remote attackers to hijack web sessions by specifying a session ID."
},
{
"lang": "es",
"value": "Vulnerabilidad de fijaci\u00f3n de sesi\u00f3n en el subsistema Sessions en PHP anterior a v5.5.2 permite a atacantes remotos secuestrar sesiones web especificando un ID de sesi\u00f3n."
}
],
"id": "CVE-2011-4718",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2013-08-13T15:04:18.497",
"references": [
{
"source": "cve@mitre.org",
"url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=169b78eb79b0e080b67f9798708eb3771c6d0b2f"
},
{
"source": "cve@mitre.org",
"url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=25e8fcc88fa20dc9d4c47184471003f436927cde"
},
{
"source": "cve@mitre.org",
"url": "https://bugs.php.net/bug.php?id=60491"
},
{
"source": "cve@mitre.org",
"url": "https://wiki.php.net/rfc/strict_sessions"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=169b78eb79b0e080b67f9798708eb3771c6d0b2f"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=25e8fcc88fa20dc9d4c47184471003f436927cde"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugs.php.net/bug.php?id=60491"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://wiki.php.net/rfc/strict_sessions"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-07-28 06:15
Modified
2024-11-21 07:04
Severity ?
7.7 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
In PHP versions 8.1.x below 8.1.8, when fileinfo functions, such as finfo_buffer, due to incorrect patch applied to the third party code from libmagic, incorrect function may be used to free allocated memory, which may lead to heap corruption.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@php.net | https://bugs.php.net/bug.php?id=81723 | Exploit, Issue Tracking, Patch, Third Party Advisory | |
| security@php.net | https://security.gentoo.org/glsa/202209-20 | Third Party Advisory | |
| security@php.net | https://security.netapp.com/advisory/ntap-20220826-0008/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.php.net/bug.php?id=81723 | Exploit, Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202209-20 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20220826-0008/ | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8CCF7DA6-AFFF-4CF6-B30C-6A44979254A9",
"versionEndExcluding": "8.1.8",
"versionStartIncluding": "8.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In PHP versions 8.1.x below 8.1.8, when fileinfo functions, such as finfo_buffer, due to incorrect patch applied to the third party code from libmagic, incorrect function may be used to free allocated memory, which may lead to heap corruption."
},
{
"lang": "es",
"value": "En PHP versiones 8.1.x anteriores a 8.1.8, cuando las funciones fileinfo, como finfo_buffer, debido a un parche incorrecto aplicado al c\u00f3digo de terceros de libmagic, puede usarse una funci\u00f3n incorrecta para liberar la memoria asignada, lo que puede conllevar a una corrupci\u00f3n de la pila"
}
],
"id": "CVE-2022-31627",
"lastModified": "2024-11-21T07:04:53.160",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.5,
"source": "security@php.net",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-07-28T06:15:07.547",
"references": [
{
"source": "security@php.net",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugs.php.net/bug.php?id=81723"
},
{
"source": "security@php.net",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202209-20"
},
{
"source": "security@php.net",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20220826-0008/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugs.php.net/bug.php?id=81723"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202209-20"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20220826-0008/"
}
],
"sourceIdentifier": "security@php.net",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-590"
}
],
"source": "security@php.net",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-05-02 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Integer overflow in the exif_process_IFD_TAG function in exif.c in PHP before 4.3.11 may allow remote attackers to execute arbitrary code via an IFD tag that leads to a negative byte count.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "63190D9B-7958-4B93-87C6-E7D5A572F6DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7AB2E2E8-81D6-4973-AC0F-AA644EE99DD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4AAF4586-74FF-47C6-864B-656FDF3F33D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B14EF0C7-61F2-47A4-B7F8-43FF03C62DCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5245F990-B4A7-4ED8-909D-B8137CE79FAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5652D5B0-68E4-4239-B9B7-599AFCF4C53E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "57B71BB7-5239-4860-9100-8CABC3992D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "72BD447A-4EED-482C-8F61-48FAD4FCF8BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B3F9DF9D-15E5-4387-ABE3-A7583331A928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "11579E5C-D7CF-46EE-B015-5F4185C174E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C69CDE21-2FD4-4529-8F02-8709CF5E3D7E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the exif_process_IFD_TAG function in exif.c in PHP before 4.3.11 may allow remote attackers to execute arbitrary code via an IFD tag that leads to a negative byte count."
}
],
"id": "CVE-2005-1042",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-05-02T04:00:00.000",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://cvs.php.net/diff.php/php-src/ext/exif/exif.c?r1=1.118.2.33\u0026r2=1.118.2.34\u0026ty=u"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2005/Jun/msg00000.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200504-15.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:072"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2005-405.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2005-406.html"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=154021"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10822"
},
{
"source": "secalert@redhat.com",
"url": "https://usn.ubuntu.com/112-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://cvs.php.net/diff.php/php-src/ext/exif/exif.c?r1=1.118.2.33\u0026r2=1.118.2.34\u0026ty=u"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2005/Jun/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200504-15.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:072"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-405.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-406.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=154021"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10822"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/112-1/"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-11-25 20:29
Modified
2024-11-21 03:58
Severity ?
Summary
An issue was discovered in SDCMS 1.6 with PHP 5.x. app/admin/controller/themecontroller.php uses a check_bad function in an attempt to block certain PHP functions such as eval, but does not prevent use of preg_replace 'e' calls, allowing users to execute arbitrary code by leveraging access to admin template management.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://blog.whiterabbitxyj.com/cve/SDCMS_1.6_code_execution.doc | Exploit, Third Party Advisory | |
| cve@mitre.org | https://github.com/WhiteRabbitc/WhiteRabbitc.github.io/blob/master/cve/SDCMS_1.6_code_execution.doc | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.whiterabbitxyj.com/cve/SDCMS_1.6_code_execution.doc | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/WhiteRabbitc/WhiteRabbitc.github.io/blob/master/cve/SDCMS_1.6_code_execution.doc | Exploit, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sdcms:sdcms:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "6FE54E68-0245-45D8-81B4-93B570EB54CB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B72E639E-7258-4078-9B7B-1BD0F8A65531",
"versionEndIncluding": "5.6.38",
"versionStartIncluding": "5.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in SDCMS 1.6 with PHP 5.x. app/admin/controller/themecontroller.php uses a check_bad function in an attempt to block certain PHP functions such as eval, but does not prevent use of preg_replace \u0027e\u0027 calls, allowing users to execute arbitrary code by leveraging access to admin template management."
},
{
"lang": "es",
"value": "Se ha descubierto un problema en la versi\u00f3n 1.6 de SDCMS con PHP 5.x. app/admin/controller/themecontroller.php utiliza una funci\u00f3n check_bad para intentar bloquear determinadas funciones PHP, como puede ser eval, pero no previene la utilizaci\u00f3n de llamadas preg_replace \u0027e\u0027, lo que permite que los usuarios ejecuten c\u00f3digo arbitrario, aprovechando el acceso a la gesti\u00f3n de plantillas de administraci\u00f3n."
}
],
"id": "CVE-2018-19520",
"lastModified": "2024-11-21T03:58:05.383",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-11-25T20:29:00.337",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://blog.whiterabbitxyj.com/cve/SDCMS_1.6_code_execution.doc"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/WhiteRabbitc/WhiteRabbitc.github.io/blob/master/cve/SDCMS_1.6_code_execution.doc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://blog.whiterabbitxyj.com/cve/SDCMS_1.6_code_execution.doc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/WhiteRabbitc/WhiteRabbitc.github.io/blob/master/cve/SDCMS_1.6_code_execution.doc"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-10-14 18:17
Modified
2025-04-09 00:30
Severity ?
Summary
ioncube_loader_win_5.2.dll in the ionCube Loader 6.5 extension for PHP 5.2.4 does not follow safe_mode and disable_functions restrictions, which allows context-dependent attackers to bypass intended limitations, as demonstrated by reading arbitrary files via the ioncube_read_file function.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ioncube | php_encoder | 6.5 | |
| php | php | 5.2.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ioncube:php_encoder:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3A9702E5-6D90-4F8C-8594-EF07315B1103",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B00B416D-FF23-4C76-8751-26D305F0FA0F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ioncube_loader_win_5.2.dll in the ionCube Loader 6.5 extension for PHP 5.2.4 does not follow safe_mode and disable_functions restrictions, which allows context-dependent attackers to bypass intended limitations, as demonstrated by reading arbitrary files via the ioncube_read_file function."
},
{
"lang": "es",
"value": "ioncube_loader_win_5.2.dll en la extensi\u00f3n ionCube Loader 6.5 para PHP 5.2.4 no sigue las restricciones safe_mode y disable_functions, lo cual permite a atacantes locales o remotos (dependiendo del contexto) evitar las limitaciones pretendidas, como se ha demostrado leyendo archivos de su elecci\u00f3n mediante la funci\u00f3n ioncube_read_file."
}
],
"id": "CVE-2007-5447",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-10-14T18:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/41708"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27178"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/26024"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37227"
},
{
"source": "cve@mitre.org",
"url": "https://www.exploit-db.com/exploits/4517"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/41708"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27178"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/26024"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37227"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/4517"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-11-22 06:15
Modified
2025-07-02 20:08
Severity ?
Summary
In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, uncontrolled long string inputs to ldap_escape() function on 32-bit systems can cause an integer overflow, resulting in an out-of-bounds write.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@php.net | https://github.com/php/php-src/security/advisories/GHSA-g665-fm4p-vhff | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20250110-0009/ | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE6E1B68-3EB9-4C67-97A6-226EA02CC2EA",
"versionEndExcluding": "8.1.31",
"versionStartIncluding": "8.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C160D91A-CF97-4DD1-A34F-8B8C852B3CEC",
"versionEndExcluding": "8.2.26",
"versionStartIncluding": "8.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "35B1BA7F-0EAE-4F40-ACA4-EBC5D63F609A",
"versionEndExcluding": "8.3.14",
"versionStartIncluding": "8.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:ontap:9:*:*:*:*:*:*:*",
"matchCriteriaId": "A20333EE-4C13-426E-8B54-D78679D5DDB8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, uncontrolled long string inputs to ldap_escape()\u00a0function on 32-bit systems can cause an integer overflow, resulting in an out-of-bounds write."
},
{
"lang": "es",
"value": "En las versiones de PHP 8.1.* anteriores a 8.1.31, 8.2.* anteriores a 8.2.26, 8.3.* anteriores a 8.3.14, las entradas de cadenas largas no controladas a la funci\u00f3n ldap_escape() en sistemas de 32 bits pueden causar un desbordamiento de enteros, lo que resulta en una escritura fuera de los l\u00edmites."
}
],
"id": "CVE-2024-8932",
"lastModified": "2025-07-02T20:08:35.010",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "security@php.net",
"type": "Secondary"
}
]
},
"published": "2024-11-22T06:15:20.197",
"references": [
{
"source": "security@php.net",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/php/php-src/security/advisories/GHSA-g665-fm4p-vhff"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20250110-0009/"
}
],
"sourceIdentifier": "security@php.net",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "security@php.net",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-01-19 05:59
Modified
2025-04-12 10:46
Severity ?
Summary
Use-after-free vulnerability in the Collator::sortWithSortKeys function in ext/intl/collator/collator_sort.c in PHP 7.x before 7.0.1 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact by leveraging the relationships between a key buffer and a destroyed array.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6890AF-8A0A-46EE-AAD5-CF9AAE14A321",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in the Collator::sortWithSortKeys function in ext/intl/collator/collator_sort.c in PHP 7.x before 7.0.1 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact by leveraging the relationships between a key buffer and a destroyed array."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en la funci\u00f3n Collator::sortWithSortKeys en ext/intl/collator/collator_sort.c en PHP 7.x en versiones anteriores a 7.0.1 permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) o posiblemente tener otro impacto no especificado mediante el aprovechamiento de la relaci\u00f3n entre un buffer de claves y un array destruido."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/416.html\"\u003eCWE-416: Use After Free\u003c/a\u003e",
"id": "CVE-2015-8616",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-01-19T05:59:06.623",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://php.net/ChangeLog-7.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "https://bugs.php.net/bug.php?id=71020"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://php.net/ChangeLog-7.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://bugs.php.net/bug.php?id=71020"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-20 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
The file_check_mem function in funcs.c in file before 5.23, as used in the Fileinfo component in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5, mishandles continuation-level jumps, which allows context-dependent attackers to cause a denial of service (buffer overflow and application crash) or possibly execute arbitrary code via a crafted magic file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.1 | |
| php | php | 5.6.2 | |
| php | php | 5.6.3 | |
| php | php | 5.6.4 | |
| php | php | 5.6.5 | |
| php | php | 5.6.6 | |
| php | php | 5.6.7 | |
| php | php | 5.6.8 | |
| php | php | 5.6.9 | |
| php | php | 5.6.10 | |
| php | php | 5.6.11 | |
| php | php | 5.6.12 | |
| php | php | 5.6.13 | |
| php | php | 5.6.14 | |
| php | php | 5.6.15 | |
| php | php | 5.6.16 | |
| php | php | 5.6.17 | |
| php | php | 5.6.18 | |
| php | php | 5.6.19 | |
| php | php | 7.0.0 | |
| php | php | 7.0.1 | |
| php | php | 7.0.2 | |
| php | php | 7.0.3 | |
| php | php | 7.0.4 | |
| apple | mac_os_x | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24CEC772-B44E-4CDC-94C5-0793FC90E173",
"versionEndIncluding": "5.5.33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "5BF4E8FF-A3EC-43E8-A0C1-FD38AFCB77B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "54ADECFC-3C07-43BC-B296-6C25AC7F1C95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*",
"matchCriteriaId": "FE192054-2FBB-4388-A52A-422E20DEA2D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*",
"matchCriteriaId": "F0195D48-3B42-4AC0-B9C5-436E01C63879",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*",
"matchCriteriaId": "BF0E5D67-ABC1-41A5-94E1-7DD3CDB51D81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "319E0573-B1AD-40B6-B4BC-8BE67ED3EFDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "1A7C00EB-87B7-4EB7-A4AC-8665D8C78467",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "21BFCF10-786A-4D1E-9C37-50A1EC6056F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "95A6D6C8-5F46-4897-A0B0-778631E8CE6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F1F13E2D-A8F7-4B74-8D03-7905C81672C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE18933A-5FE6-41C7-B1B6-DA3E762C3FB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9AE1289F-03A6-4621-B387-5F5ADAC4AE92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "383697F5-D29E-475A-84F3-46B54A928889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "786ED182-5D71-4197-9196-12AB5CF05F85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF90980D-74AD-44AA-A7C5-A0B294CCE4F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "48D6B69C-8F27-4F4C-B953-67A7F9C2FBA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B53DC0C3-EA19-4465-B65A-BC7CDB10D8BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "BEA4DFC1-6C0C-42FB-9F47-E3E1AA9E47E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "D904E21A-4B3B-4D96-850C-0C0315F14E6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.11:*:*:*:*:*:*:*",
"matchCriteriaId": "C7CEF6D7-8966-45E7-BEBB-12055F5898C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.12:*:*:*:*:*:*:*",
"matchCriteriaId": "171C1035-414C-4F3A-90F4-1A8ED26E3346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.13:*:*:*:*:*:*:*",
"matchCriteriaId": "725BBA4E-B3BA-4AFA-A284-E0CDE3EC8FB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.14:*:*:*:*:*:*:*",
"matchCriteriaId": "F7793408-66A2-4DE7-B5AA-E49E8A2EE043",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.15:*:*:*:*:*:*:*",
"matchCriteriaId": "95840EC0-512D-468D-99B0-17E8CFDD6BE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.16:*:*:*:*:*:*:*",
"matchCriteriaId": "E1078D15-8073-4C04-82C2-3C8111E18B6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.17:*:*:*:*:*:*:*",
"matchCriteriaId": "1B2E5E0C-8DD7-4CF8-A7E7-28ED0FD8B0C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.18:*:*:*:*:*:*:*",
"matchCriteriaId": "3E6EE9E4-9D6E-4CCC-B116-6020DA6884BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.19:*:*:*:*:*:*:*",
"matchCriteriaId": "F9A23E37-8B94-440A-8014-389AC5389A19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6890AF-8A0A-46EE-AAD5-CF9AAE14A321",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6B90B947-7B54-47F3-9637-2F4AC44079EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "35848414-BD5D-4164-84DC-61ABBB1C4152",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2B1F8402-8551-4F66-A9A7-81D472AB058E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7A773E8E-48CD-4D35-A0FD-629BD9334486",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "40347FFA-6649-4B77-A252-728945507D43",
"versionEndIncluding": "10.11.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The file_check_mem function in funcs.c in file before 5.23, as used in the Fileinfo component in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5, mishandles continuation-level jumps, which allows context-dependent attackers to cause a denial of service (buffer overflow and application crash) or possibly execute arbitrary code via a crafted magic file."
},
{
"lang": "es",
"value": "La funci\u00f3n file_check_mem en funcs.c en file en versiones anteriores a 5.23, c\u00f3mo se utiliza en el componente Fileinfo en PHP en versiones anteriores a 5.5.34, 5.6.x en versiones anteriores a 5.6.20, y 7.x en versiones anteriores a 7.0.5, no maneja correctamente saltos de continuaci\u00f3n de nivel, lo que permite a atacantes dependientes del contexto causar una denegaci\u00f3n de servicio (desbordamiento de buffer y ca\u00edda de aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de un archivo m\u00e1gico manipulado."
}
],
"id": "CVE-2015-8865",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-20T10:59:00.137",
"references": [
{
"source": "cve@mitre.org",
"url": "http://bugs.gw.com/view.php?id=522"
},
{
"source": "cve@mitre.org",
"url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=fe13566c93f118a15a96320a546c7878fd0cfc5e"
},
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00057.html"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2016/dsa-3560"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2016/04/24/1"
},
{
"source": "cve@mitre.org",
"url": "http://www.php.net/ChangeLog-5.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.php.net/ChangeLog-7.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/85802"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-2952-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-2952-2"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "https://bugs.php.net/bug.php?id=71527"
},
{
"source": "cve@mitre.org",
"url": "https://github.com/file/file/commit/6713ca45e7757297381f4b4cdb9cf5e624a9ad36"
},
{
"source": "cve@mitre.org",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201611-22"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201701-42"
},
{
"source": "cve@mitre.org",
"url": "https://support.apple.com/HT206567"
},
{
"source": "cve@mitre.org",
"url": "https://usn.ubuntu.com/3686-1/"
},
{
"source": "cve@mitre.org",
"url": "https://usn.ubuntu.com/3686-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.gw.com/view.php?id=522"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=fe13566c93f118a15a96320a546c7878fd0cfc5e"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00057.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3560"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2016/04/24/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.php.net/ChangeLog-5.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.php.net/ChangeLog-7.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/85802"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2952-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2952-2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://bugs.php.net/bug.php?id=71527"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/file/file/commit/6713ca45e7757297381f4b4cdb9cf5e624a9ad36"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201611-22"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201701-42"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.apple.com/HT206567"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/3686-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/3686-2/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-11-01 12:47
Modified
2025-04-03 01:03
Severity ?
Summary
Unspecified vulnerability in PHP before 4.4.1, when using the virtual function on Apache 2, allows remote attackers to bypass safe_mode and open_basedir directives.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | 3.0 | |
| php | php | 3.0.1 | |
| php | php | 3.0.2 | |
| php | php | 3.0.3 | |
| php | php | 3.0.4 | |
| php | php | 3.0.5 | |
| php | php | 3.0.6 | |
| php | php | 3.0.7 | |
| php | php | 3.0.8 | |
| php | php | 3.0.9 | |
| php | php | 3.0.10 | |
| php | php | 3.0.11 | |
| php | php | 3.0.12 | |
| php | php | 3.0.13 | |
| php | php | 3.0.14 | |
| php | php | 3.0.15 | |
| php | php | 3.0.16 | |
| php | php | 3.0.17 | |
| php | php | 3.0.18 | |
| php | php | 4.0.0 | |
| php | php | 4.0.1 | |
| php | php | 4.0.1 | |
| php | php | 4.0.1 | |
| php | php | 4.0.2 | |
| php | php | 4.0.3 | |
| php | php | 4.0.3 | |
| php | php | 4.0.4 | |
| php | php | 4.0.5 | |
| php | php | 4.0.6 | |
| php | php | 4.0.7 | |
| php | php | 4.0.7 | |
| php | php | 4.0.7 | |
| php | php | 4.0.7 | |
| php | php | 4.1.0 | |
| php | php | 4.1.1 | |
| php | php | 4.1.2 | |
| php | php | 4.2 | |
| php | php | 4.2.0 | |
| php | php | 4.2.1 | |
| php | php | 4.2.2 | |
| php | php | 4.2.3 | |
| php | php | 4.3.0 | |
| php | php | 4.3.1 | |
| php | php | 4.3.2 | |
| php | php | 4.3.3 | |
| php | php | 4.3.4 | |
| php | php | 4.3.5 | |
| php | php | 4.3.6 | |
| php | php | 4.3.7 | |
| php | php | 4.3.8 | |
| php | php | 4.3.9 | |
| php | php | 4.3.10 | |
| php | php | 4.3.11 | |
| php | php | 4.4.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "245C601D-0FE7-47E3-8304-6FF45E9567D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "691BB8BB-329A-4640-B758-7590C99B5E42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E2BC4CCE-2774-463E-82EA-36CD442D3A7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C478024C-2FCD-463F-A75E-E04660AA9DF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AC9C32F4-5102-4E9B-9F32-B24B65A5ED2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A5BD99C0-E875-496E-BE5E-A8DCBD414B5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1851ADE5-C70C-46E0-941A-6ADF7DB5C126",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "69DA3BA2-AF53-4C9D-93FA-0317841595B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0CFEE5-2274-4BBC-A24A-3A0D13F607FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "67B59D6A-7EDA-4C34-81D6-C2557C85D164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "AEBA40B6-8FDF-41AA-8166-F491FF7F3118",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E74E2B72-A428-4BB3-B6F8-0AF5E487A807",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "1E2F1D82-8E6A-4FBF-9055-A0F395DC17FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "945FF149-3446-4905-BCA1-C397E3497B58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "8E446DBD-FEFA-4D22-9C9D-51F61C01E414",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "3C8DE728-78E1-4F9F-BC56-CD9B10E61287",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "80E31CC6-9356-4BB7-9F49-320AAF341E1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB8AD3A-9181-459A-9AF2-B3FC6BAF6FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "4B3E7199-8FB7-4930-9C0A-A36A698940B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF57C14-86B6-419A-BAFF-93D01CB1E081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78BAA18C-E5A0-4210-B64B-709BBFF31EEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.1:patch1:*:*:*:*:*:*",
"matchCriteriaId": "419867C6-37BE-43B4-BFE0-6325FEE3807D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.1:patch2:*:*:*:*:*:*",
"matchCriteriaId": "37896E87-95C2-4039-8362-BC03B1C56706",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "13A159B4-B847-47DE-B7F8-89384E6C551B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "57B59616-A309-40B4-94B1-50A7BC00E35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.3:patch1:*:*:*:*:*:*",
"matchCriteriaId": "8667FBC6-04B6-40E5-93B3-6C22BEED4B26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0F39A1B1-416E-4436-8007-733B66904A14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DD5FC218-3DDB-4981-81C9-6C69F8DA6F4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2E5F96-66D2-4F99-A74D-6A2305EE218E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2D724D09-0D45-4701-93C9-348301217C8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:rc1:*:*:*:*:*:*",
"matchCriteriaId": "FC6A6F47-5C7C-4F82-B23B-9C959C69B27F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:rc2:*:*:*:*:*:*",
"matchCriteriaId": "AE1A4DA6-6181-43A8-B0D8-5A016C3E75FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:rc3:*:*:*:*:*:*",
"matchCriteriaId": "6E36203C-1392-49BB-AE7E-49626963D673",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6713614A-B14E-4A85-BF89-ED780068FC68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FD95F8EB-B428-4B3C-9254-A5DECE03A989",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "069EB7EE-06B9-454F-9007-8DE5DCA33C53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2:*:dev:*:*:*:*:*",
"matchCriteriaId": "BBA861A2-F0CD-4DBB-B43A-4970EB114DA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "18BF5BE6-09EA-45AD-93BF-2BEF1742534E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EC1460DF-1687-4314-BF1A-01290B20302D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "470380B0-3982-48FC-871B-C8B43C81900D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAA7712-10F0-4BB6-BAFB-D0806AFD9DE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "63190D9B-7958-4B93-87C6-E7D5A572F6DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7AB2E2E8-81D6-4973-AC0F-AA644EE99DD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4AAF4586-74FF-47C6-864B-656FDF3F33D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B14EF0C7-61F2-47A4-B7F8-43FF03C62DCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5245F990-B4A7-4ED8-909D-B8137CE79FAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5652D5B0-68E4-4239-B9B7-599AFCF4C53E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "57B71BB7-5239-4860-9100-8CABC3992D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "72BD447A-4EED-482C-8F61-48FAD4FCF8BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B3F9DF9D-15E5-4387-ABE3-A7583331A928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "11579E5C-D7CF-46EE-B015-5F4185C174E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C69CDE21-2FD4-4529-8F02-8709CF5E3D7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "221B9AC4-C63C-4386-B3BD-E4BC102C6124",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "78B7BA75-2A32-4A8E-ADF8-BCB4FC48CB5C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in PHP before 4.4.1, when using the virtual function on Apache 2, allows remote attackers to bypass safe_mode and open_basedir directives."
}
],
"id": "CVE-2005-3392",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-11-01T12:47:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://docs.info.apple.com/article.html?artnum=303382"
},
{
"source": "cve@mitre.org",
"url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00786522"
},
{
"source": "cve@mitre.org",
"url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00786522"
},
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce/2006/Mar/msg00000.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17371"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/17510"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/18054"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/18198"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/19064"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/22691"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/525"
},
{
"source": "cve@mitre.org",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200511-08.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/20897"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.php.net/release_4_4_1.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/419504/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/15413"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/16907"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA06-062A.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2005/2254"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/0791"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/4320"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22924"
},
{
"source": "cve@mitre.org",
"url": "https://www.ubuntu.com/usn/usn-232-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://docs.info.apple.com/article.html?artnum=303382"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00786522"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00786522"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2006/Mar/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17371"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/17510"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18054"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18198"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/19064"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/22691"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/525"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200511-08.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/20897"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.php.net/release_4_4_1.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/419504/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/15413"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/16907"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA06-062A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2005/2254"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/0791"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/4320"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22924"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.ubuntu.com/usn/usn-232-1/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "We do not consider these to be security issues:\nhttp://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=169857#c1\n",
"lastModified": "2006-08-30T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-03-31 16:59
Modified
2025-04-12 10:46
Severity ?
Summary
Use-after-free vulnerability in wddx.c in the WDDX extension in PHP before 5.5.33 and 5.6.x before 5.6.19 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact by triggering a wddx_deserialize call on XML data containing a crafted var element.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| php | php | * | |
| php | php | 5.6.0 | |
| php | php | 5.6.1 | |
| php | php | 5.6.2 | |
| php | php | 5.6.3 | |
| php | php | 5.6.4 | |
| php | php | 5.6.5 | |
| php | php | 5.6.6 | |
| php | php | 5.6.7 | |
| php | php | 5.6.8 | |
| php | php | 5.6.9 | |
| php | php | 5.6.10 | |
| php | php | 5.6.11 | |
| php | php | 5.6.12 | |
| php | php | 5.6.13 | |
| php | php | 5.6.14 | |
| php | php | 5.6.15 | |
| php | php | 5.6.16 | |
| php | php | 5.6.17 | |
| php | php | 5.6.18 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "40347FFA-6649-4B77-A252-728945507D43",
"versionEndIncluding": "10.11.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BA2CD05C-85C1-41EA-87B3-5DF382481EDB",
"versionEndIncluding": "5.5.32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CE65D0D4-CB56-4946-AB44-2EF554602A96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F1F13E2D-A8F7-4B74-8D03-7905C81672C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE18933A-5FE6-41C7-B1B6-DA3E762C3FB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9AE1289F-03A6-4621-B387-5F5ADAC4AE92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "383697F5-D29E-475A-84F3-46B54A928889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "786ED182-5D71-4197-9196-12AB5CF05F85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF90980D-74AD-44AA-A7C5-A0B294CCE4F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "48D6B69C-8F27-4F4C-B953-67A7F9C2FBA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B53DC0C3-EA19-4465-B65A-BC7CDB10D8BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "BEA4DFC1-6C0C-42FB-9F47-E3E1AA9E47E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "D904E21A-4B3B-4D96-850C-0C0315F14E6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.11:*:*:*:*:*:*:*",
"matchCriteriaId": "C7CEF6D7-8966-45E7-BEBB-12055F5898C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.12:*:*:*:*:*:*:*",
"matchCriteriaId": "171C1035-414C-4F3A-90F4-1A8ED26E3346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.13:*:*:*:*:*:*:*",
"matchCriteriaId": "725BBA4E-B3BA-4AFA-A284-E0CDE3EC8FB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.14:*:*:*:*:*:*:*",
"matchCriteriaId": "F7793408-66A2-4DE7-B5AA-E49E8A2EE043",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.15:*:*:*:*:*:*:*",
"matchCriteriaId": "95840EC0-512D-468D-99B0-17E8CFDD6BE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.16:*:*:*:*:*:*:*",
"matchCriteriaId": "E1078D15-8073-4C04-82C2-3C8111E18B6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.17:*:*:*:*:*:*:*",
"matchCriteriaId": "1B2E5E0C-8DD7-4CF8-A7E7-28ED0FD8B0C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.18:*:*:*:*:*:*:*",
"matchCriteriaId": "3E6EE9E4-9D6E-4CCC-B116-6020DA6884BE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in wddx.c in the WDDX extension in PHP before 5.5.33 and 5.6.x before 5.6.19 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact by triggering a wddx_deserialize call on XML data containing a crafted var element."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en wddx.c en la extensi\u00f3n WDDX en PHP en versiones anteriores a 5.5.33 y 5.6.x en versiones anteriores a 5.6.19 permite a atacantes remotos causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria y ca\u00edda de aplicaci\u00f3n) o posiblemente tener otro impacto no especificado desencadenando una llamada wddx_deserialize sobre datos XML que contienen un elemento var manipulado."
}
],
"id": "CVE-2016-3141",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-03-31T16:59:00.117",
"references": [
{
"source": "security@opentext.com",
"url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=b1bd4119bcafab6f9a8f84d92cd65eec3afeface"
},
{
"source": "security@opentext.com",
"url": "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html"
},
{
"source": "security@opentext.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00052.html"
},
{
"source": "security@opentext.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00056.html"
},
{
"source": "security@opentext.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00057.html"
},
{
"source": "security@opentext.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00058.html"
},
{
"source": "security@opentext.com",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html"
},
{
"source": "security@opentext.com",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html"
},
{
"source": "security@opentext.com",
"url": "http://www.securityfocus.com/bid/84271"
},
{
"source": "security@opentext.com",
"url": "http://www.securitytracker.com/id/1035255"
},
{
"source": "security@opentext.com",
"url": "http://www.ubuntu.com/usn/USN-2952-1"
},
{
"source": "security@opentext.com",
"url": "http://www.ubuntu.com/usn/USN-2952-2"
},
{
"source": "security@opentext.com",
"url": "https://bugs.php.net/bug.php?id=71587"
},
{
"source": "security@opentext.com",
"url": "https://php.net/ChangeLog-5.php"
},
{
"source": "security@opentext.com",
"url": "https://support.apple.com/HT206567"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=b1bd4119bcafab6f9a8f84d92cd65eec3afeface"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00052.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00056.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00057.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00058.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/84271"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035255"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2952-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2952-2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugs.php.net/bug.php?id=71587"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://php.net/ChangeLog-5.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.apple.com/HT206567"
}
],
"sourceIdentifier": "security@opentext.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-05-27 22:30
Modified
2025-04-11 00:51
Severity ?
Summary
The (1) strip_tags, (2) setcookie, (3) strtok, (4) wordwrap, (5) str_word_count, and (6) str_pad functions in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allow context-dependent attackers to obtain sensitive information (memory contents) by causing a userspace interruption of an internal function, related to the call time pass by reference feature.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD02D837-FD28-4E0F-93F8-25E8D1C84A99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "88358D1E-BE6F-4CE3-A522-83D1FA4739E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D8B97B03-7DA7-4A5F-89B4-E78CAB20DE17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "86767200-6C9C-4C3E-B111-0E5BE61E197B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B00B416D-FF23-4C76-8751-26D305F0FA0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CCB6CDDD-70D3-4004-BCE0-8C4723076103",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A782CA26-9C38-40A8-92AE-D47B14D2FCE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1C0E7E2A-4770-4B68-B74C-5F5A6E1876DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "0892C89E-9389-4452-B7E0-981A763CD426",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "635F3CB1-B042-43CC-91AB-746098018D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E1F32DDF-17A3-45B5-9227-833EBEBD3923",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "2CDFB7E9-8510-430F-BFBC-FD811D60DC78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "79D5336A-14AA-483E-9CBE-A7B53120B925",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "3AADA875-E0EA-483A-A07E-2914FE969972",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9EF4B938-BB14-4C06-BEE9-10CA755C5DEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "981C922C-7A7D-473E-8C43-03AB62FB5B8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5D0CD11A-09C2-4C60-8F0C-68E55BD6EE63",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The (1) strip_tags, (2) setcookie, (3) strtok, (4) wordwrap, (5) str_word_count, and (6) str_pad functions in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allow context-dependent attackers to obtain sensitive information (memory contents) by causing a userspace interruption of an internal function, related to the call time pass by reference feature."
},
{
"lang": "es",
"value": "Las funciones (1) strip_tags, (2) setcookie, (3) strtok, (4) wordwrap, (5) str_word_count, y (6) str_pad functions en PHP v5.2 a la v5.2.13 y v5.3 a la v5.3.2, permiten a atacantes dependientes del contexto obtener informaci\u00f3n sensible (contenido de la memoria) provocando una interrupci\u00f3n de una funci\u00f3n externa. Relacionado con la llamada por referencia de la funcionalidad \"time pass\"."
}
],
"id": "CVE-2010-2101",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-05-27T22:30:02.170",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=133469208622507\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=133469208622507\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://php-security.org/2010/05/26/mops-2010-041-php-strip_tags-interruption-information-leak-vulnerability/index.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://php-security.org/2010/05/26/mops-2010-042-php-setcookie-interruption-information-leak-vulnerability/index.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://php-security.org/2010/05/26/mops-2010-043-php-strtok-interruption-information-leak-vulnerability/index.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://php-security.org/2010/05/26/mops-2010-044-php-wordwrap-interruption-information-leak-vulnerability/index.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://php-security.org/2010/05/26/mops-2010-045-php-str_word_count-interruption-information-leak-vulnerability/index.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://php-security.org/2010/05/26/mops-2010-046-php-str_pad-interruption-information-leak-vulnerability/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=133469208622507\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=133469208622507\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://php-security.org/2010/05/26/mops-2010-041-php-strip_tags-interruption-information-leak-vulnerability/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://php-security.org/2010/05/26/mops-2010-042-php-setcookie-interruption-information-leak-vulnerability/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://php-security.org/2010/05/26/mops-2010-043-php-strtok-interruption-information-leak-vulnerability/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://php-security.org/2010/05/26/mops-2010-044-php-wordwrap-interruption-information-leak-vulnerability/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://php-security.org/2010/05/26/mops-2010-045-php-str_word_count-interruption-information-leak-vulnerability/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://php-security.org/2010/05/26/mops-2010-046-php-str_pad-interruption-information-leak-vulnerability/index.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1997-08-01 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
php.cgi allows attackers to read any file on the system.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "92647629-083F-4042-8365-4AD2EBC9C1BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FF72E8D5-9F8C-4BD4-9AA4-28E23CB48A47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:2.0b10:*:*:*:*:*:*:*",
"matchCriteriaId": "83BE1120-6370-4470-8586-6581EDF3FD69",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "php.cgi allows attackers to read any file on the system."
}
],
"id": "CVE-1999-0238",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1997-08-01T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0238"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0238"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-03-30 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
The default soap.wsdl_cache_dir setting in (1) php.ini-production and (2) php.ini-development in PHP through 5.6.7 specifies the /tmp directory, which makes it easier for local users to conduct WSDL injection attacks by creating a file under /tmp with a predictable filename that is used by the get_sdl function in ext/soap/php_sdl.c.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| suse | linux_enterprise_server | 11.0 | |
| suse | linux_enterprise_server | 11.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC39D70D-FA26-4EC1-9C4E-BD92043D8460",
"versionEndIncluding": "5.6.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "01E21741-9D7D-42DD-B70D-5FD3053DE780",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11.0:sp3:*:*:vmware:*:*:*",
"matchCriteriaId": "46F48448-E2DE-419B-A05E-BEE60B07E12C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The default soap.wsdl_cache_dir setting in (1) php.ini-production and (2) php.ini-development in PHP through 5.6.7 specifies the /tmp directory, which makes it easier for local users to conduct WSDL injection attacks by creating a file under /tmp with a predictable filename that is used by the get_sdl function in ext/soap/php_sdl.c."
},
{
"lang": "es",
"value": "La configuraci\u00f3n por defecto soap.wsdl_cache_dir en (1) php.ini-production y (2) php.ini-development en PHP hasta 5.6.7 especifica el directorio /tmp, lo que facilita a usuarios locales realizar ataques de inyecci\u00f3n WSDL mediante la creaci\u00f3n de un fichero bajo /tmp con un nombre de fichero previsible que la funci\u00f3n get_sdl utiliza en ext/soap/php_sdl.c."
}
],
"id": "CVE-2013-6501",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-03-30T10:59:00.067",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/72530"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1009103"
},
{
"source": "secalert@redhat.com",
"url": "https://security.gentoo.org/glsa/201606-10"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/72530"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1009103"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201606-10"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-74"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-03-14 18:19
Modified
2025-04-09 00:30
Severity ?
Summary
The FDF support (ext/fdf) in PHP 5.2.0 and earlier does not implement the input filtering hooks for ext/filter, which allows remote attackers to bypass web site filters via an application/vnd.fdf formatted POST.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:5.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0F9D7662-A5B6-41D0-B6A1-E5ABC5ABA47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "E3797AB5-9E49-4251-A212-B6E5D9996764",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "D61D9CE9-F7A3-4F52-9D4E-B2473804ECB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7007E77F-60EF-44D8-9676-15B59DF1325F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "17437AED-816A-4CCF-96DE-8C3D0CC8DB2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "74E7AE59-1CB0-4300-BBE0-109F909789EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9222821E-370F-4616-B787-CC22C2F4E7CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9809449F-9A76-4318-B233-B4C2950A6EA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0AA962D4-A4EC-4DC3-B8A9-D10941B92781",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8CDFEF9-C367-4800-8A2F-375C261FAE55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "16E43B88-1563-4EFD-9267-AE3E8C35D67A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "11E5715F-A8BC-49EF-836B-BB78E1BC0790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5FA68843-158E-463E-B68A-1ACF041C4E10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1874F637-77E2-4C4A-BF92-AEE96A60BFB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9592B32E-55CD-42D0-901E-8319823BC820",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A9BF34B5-F74C-4D56-9841-42452D60CB87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD02D837-FD28-4E0F-93F8-25E8D1C84A99",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The FDF support (ext/fdf) in PHP 5.2.0 and earlier does not implement the input filtering hooks for ext/filter, which allows remote attackers to bypass web site filters via an application/vnd.fdf formatted POST."
},
{
"lang": "es",
"value": "El soporte FDF (ext/fdf) del PHP 5.2.0 y versiones anteriores no implementa enlaces para el filtrado de la entrada para el ext/filter, lo que permite a atacantes remotos evitar los filtros del sitio web mediante un POST application/vnd.fdf formateado."
}
],
"id": "CVE-2007-1452",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-03-14T18:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.php-security.org/MOPB/MOPB-17-2007.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/22906"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.php-security.org/MOPB/MOPB-17-2007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/22906"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Not vulnerable. The filter extension was not shipped in versions of PHP \nprovided for Red Hat Enterprise Linux 2.1, 3, 4, 5, Stronghold 4.0, or\nRed Hat Application Stack 1.",
"lastModified": "2007-04-16T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-01-19 05:59
Modified
2025-04-12 10:46
Severity ?
Summary
Format string vulnerability in the zend_throw_or_error function in Zend/zend_execute_API.c in PHP 7.x before 7.0.1 allows remote attackers to execute arbitrary code via format string specifiers in a string that is misused as a class name, leading to incorrect error handling.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6B90B947-7B54-47F3-9637-2F4AC44079EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in the zend_throw_or_error function in Zend/zend_execute_API.c in PHP 7.x before 7.0.1 allows remote attackers to execute arbitrary code via format string specifiers in a string that is misused as a class name, leading to incorrect error handling."
},
{
"lang": "es",
"value": "Vulnerabilidad de formato de cadena en la funci\u00f3n zend_throw_or_error en Zend/zend_execute_API.c en PHP 7.x en versiones anteriores a 7.0.1 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de especificadores de formato de cadena en una cadena que se utiliza de forma incorrecta como nombre de una clase, conduciendo al manejo de errores incorrecto."
}
],
"id": "CVE-2015-8617",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-01-19T05:59:07.560",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://php.net/ChangeLog-7.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1034543"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "https://bugs.php.net/bug.php?id=71105"
},
{
"source": "cve@mitre.org",
"url": "https://github.com/php/php-src/commit/b101a6bbd4f2181c360bd38e7683df4a03cba83e"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://php.net/ChangeLog-7.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1034543"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://bugs.php.net/bug.php?id=71105"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/php/php-src/commit/b101a6bbd4f2181c360bd38e7683df4a03cba83e"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-134"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-11-20 18:46
Modified
2025-04-09 00:30
Severity ?
Summary
The (1) htmlentities and (2) htmlspecialchars functions in PHP before 5.2.5 accept partial multibyte sequences, which has unknown impact and attack vectors, a different issue than CVE-2006-5465.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5B6B1C7-B7B8-495E-9FE5-FF39718DC64E",
"versionEndIncluding": "5.2.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The (1) htmlentities and (2) htmlspecialchars functions in PHP before 5.2.5 accept partial multibyte sequences, which has unknown impact and attack vectors, a different issue than CVE-2006-5465."
},
{
"lang": "es",
"value": "Las funciones (1) htmlentities y (2) htmlspecialchars en PHP anterior a 5.2.5 acepta secuencias multibyte parciales, lo cual tiene un impacto desconocido y vectores de ataque, un asunto diferente que CVE-2006-5465."
}
],
"id": "CVE-2007-5898",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-11-20T18:46:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27648"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/27659"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/27864"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/28249"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/28658"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/30040"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/30828"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/31119"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/31124"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/31200"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1018934"
},
{
"source": "cve@mitre.org",
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0242"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2008/dsa-1444"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:125"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:126"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:127"
},
{
"source": "cve@mitre.org",
"url": "http://www.php.net/ChangeLog-5.php#5.2.5"
},
{
"source": "cve@mitre.org",
"url": "http://www.php.net/releases/5_2_5.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0505.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0544.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0545.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0546.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0582.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/491693/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/491693/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/usn-549-2"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/usn-628-1"
},
{
"source": "cve@mitre.org",
"url": "https://issues.rpath.com/browse/RPL-1943"
},
{
"source": "cve@mitre.org",
"url": "https://launchpad.net/bugs/173043"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10080"
},
{
"source": "cve@mitre.org",
"url": "https://usn.ubuntu.com/549-1/"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00773.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27648"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/27659"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/27864"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/28249"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/28658"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/30040"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/30828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/31119"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/31124"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/31200"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1018934"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0242"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2008/dsa-1444"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:125"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:126"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:127"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.php.net/ChangeLog-5.php#5.2.5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.php.net/releases/5_2_5.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0505.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0544.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0545.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0546.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0582.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/491693/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/491693/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-549-2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-628-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://issues.rpath.com/browse/RPL-1943"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://launchpad.net/bugs/173043"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10080"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/549-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00773.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "This issue was fixed in all affected PHP versions shipped in Red Hat products. For list of security advisories, visit: https://rhn.redhat.com/errata/CVE-2007-5898.html",
"lastModified": "2008-08-07T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-10-11 10:51
Modified
2025-04-11 00:51
Severity ?
Summary
Untrusted search path vulnerability in the installation functionality in PHP 5.3.17, when installed in the top-level C:\ directory, might allow local users to gain privileges via a Trojan horse DLL in the C:\PHP directory, which may be added to the PATH system environment variable by an administrator, as demonstrated by a Trojan horse wlbsctrl.dll file used by the "IKE and AuthIP IPsec Keying Modules" system service in Windows Vista SP1, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 Release Preview. NOTE: CVE disputes this issue because the unsafe PATH is established only by a separate administrative action that is not a default part of the PHP installation
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:5.3.17:*:*:*:*:*:*:*",
"matchCriteriaId": "EB212796-B71B-4F6B-9156-9C5178FF0931",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in the installation functionality in PHP 5.3.17, when installed in the top-level C:\\ directory, might allow local users to gain privileges via a Trojan horse DLL in the C:\\PHP directory, which may be added to the PATH system environment variable by an administrator, as demonstrated by a Trojan horse wlbsctrl.dll file used by the \"IKE and AuthIP IPsec Keying Modules\" system service in Windows Vista SP1, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 Release Preview. NOTE: CVE disputes this issue because the unsafe PATH is established only by a separate administrative action that is not a default part of the PHP installation"
},
{
"lang": "es",
"value": "** DISPUTADA** Vulnerabilidad de path de b\u00fasqueda no confiable en la funcionalidad de instalaci\u00f3n de PHP v5.3.17, cuando est\u00e1 instalada en el directorio C:\\, podr\u00eda permitir a usuarios locales obtener privilegios a trav\u00e9s de un fichero DLL troyanizado en el directorio \"C:\\PHP\", el cual puede ser a\u00f1adido a la variable de entorno PATH por un adminisitrador, como se demostr\u00f3 con el fichero wlbsctrl.dll troyanizado usado en el servicio de sistema \"IKE and AuthIP IPsec Keying Modules\" en Windows Vista SP1, Windows Server 2008 SP2, Windows 7 SP1, y Windows 8 Release Preview. NOTA: CVE disputa esta vulnerabilidad debida a un problema con PATH, que es un problema administrativo, y no es una parte por defecto de la instalaci\u00f3n de PHP."
}
],
"evaluatorComment": "Per: http://cwe.mitre.org/data/definitions/426.html \u0027CWE-426 Untrusted Search Path\u0027\r\n\r\n",
"id": "CVE-2012-5381",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:H/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 1.5,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-10-11T10:51:57.547",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/86172"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "https://www.htbridge.com/advisory/HTB23108"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/86172"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://www.htbridge.com/advisory/HTB23108"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-04-24 17:59
Modified
2025-04-12 10:46
Severity ?
Summary
The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle precision and width values during floating-point conversions, which allows context-dependent attackers to cause a denial of service (integer overflow and stack-based buffer overflow) or possibly have unspecified other impact via large integers in a crafted printf function call in a SELECT statement.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 15.04 | |
| sqlite | sqlite | * | |
| debian | debian_linux | 8.0 | |
| apple | mac_os_x | * | |
| apple | watchos | * | |
| php | php | * | |
| php | php | * | |
| php | php | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*",
"matchCriteriaId": "F38D3B7E-8429-473F-BB31-FC3583EE5A5B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sqlite:sqlite:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E85F71C2-BD0B-4836-9592-FFAF0ED69A1A",
"versionEndIncluding": "3.8.8.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D1A0EBC0-73C1-4640-90AD-4371D1C0D09F",
"versionEndIncluding": "10.6.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CCBD0D8B-CD44-4B09-834F-F640546DFED4",
"versionEndIncluding": "1.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9B69A0C2-6E29-4FBF-9EB7-D85A68E5E4A3",
"versionEndExcluding": "5.4.42",
"versionStartIncluding": "5.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3573200F-9588-413E-90CB-E35C5A510D2C",
"versionEndExcluding": "5.5.26",
"versionStartIncluding": "5.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "30282F13-6883-45C9-9202-045514951E80",
"versionEndExcluding": "5.6.10",
"versionStartIncluding": "5.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle precision and width values during floating-point conversions, which allows context-dependent attackers to cause a denial of service (integer overflow and stack-based buffer overflow) or possibly have unspecified other impact via large integers in a crafted printf function call in a SELECT statement."
},
{
"lang": "es",
"value": "La funci\u00f3n sqlite3VXPrintf en printf.c en SQLite anterior a 3.8.9 no maneja correctamente los valores de precisi\u00f3n y anchura durante las conversaciones de puntos flotantes (floating-point), lo que permite a atacantes dependientes de contexto causar una denegaci\u00f3n de servicio (desbordamiento de enteros y desbordamiento de buffer basado en pila) o posiblemente tener otro impacto no especificado a trav\u00e9s de enteros grandes en una llamada a la funci\u00f3n printf manipulada en una declaraci\u00f3n SELECT."
}
],
"id": "CVE-2015-3416",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-04-24T17:59:02.363",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00005.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1634.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1635.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://seclists.org/fulldisclosure/2015/Apr/31"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3252"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:217"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/74228"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1033703"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.sqlite.org/src/info/c494171f77dc2e5e04cb6d865e688448f04e5920"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2698-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201507-05"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/HT205213"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/HT205267"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1634.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1635.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://seclists.org/fulldisclosure/2015/Apr/31"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3252"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:217"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/74228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1033703"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.sqlite.org/src/info/c494171f77dc2e5e04cb6d865e688448f04e5920"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2698-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201507-05"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/HT205213"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/HT205267"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-08-07 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Integer overflow in the SplFileObject::fread function in spl_directory.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large integer argument, a related issue to CVE-2016-5096.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "10C889AC-EEC6-4BD3-9302-628FB7DEF0CF",
"versionEndExcluding": "5.5.37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "610F5BCE-2990-470F-8B54-FD3AC222B70B",
"versionEndExcluding": "5.6.23",
"versionStartIncluding": "5.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3325587F-EF6F-46ED-B3D6-A7DE522AF10F",
"versionEndExcluding": "7.0.8",
"versionStartIncluding": "7.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4863BE36-D16A-4D75-90D9-FD76DB5B48B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the SplFileObject::fread function in spl_directory.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large integer argument, a related issue to CVE-2016-5096."
},
{
"lang": "es",
"value": "Desbordamiento de entero en la funci\u00f3n SplFileObject::fread en spl_directory.c en la extensi\u00f3n SPL en PHP en versiones anteriores a 5.5.37 y 5.6.x en versiones anteriores 5.6.23 permite a atacantes remotos provocar una denegaci\u00f3n de servicio o posiblemente tener otro impacto no especificado a trav\u00e9s de un argumento de entero grande, un problema relacionado con CVE-2016-5096."
}
],
"id": "CVE-2016-5770",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-08-07T10:59:18.150",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://github.com/php/php-src/commit/7245bff300d3fa8bacbef7897ff080a6f1c23eba?w=1"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Mailing List"
],
"url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00004.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00003.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Release Notes",
"Vendor Advisory"
],
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2016/dsa-3618"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/06/23/4"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/91403"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=72262"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/HT207170"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://github.com/php/php-src/commit/7245bff300d3fa8bacbef7897ff080a6f1c23eba?w=1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Mailing List"
],
"url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Release Notes",
"Vendor Advisory"
],
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2016/dsa-3618"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/06/23/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/91403"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=72262"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/HT207170"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-09-01 13:29
Modified
2025-04-20 01:37
Severity ?
Summary
The secureCompare method in lib/SimpleSAML/Utils/Crypto.php in SimpleSAMLphp 1.14.13 and earlier, when used with PHP before 5.6, allows attackers to conduct session fixation attacks or possibly bypass authentication by leveraging missing character conversions before an XOR operation.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| simplesamlphp | simplesamlphp | * | |
| php | php | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:simplesamlphp:simplesamlphp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AA1268D7-6B0D-4BE5-9916-BE2860E66710",
"versionEndIncluding": "1.14.13",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "44B09073-783B-4ADE-A5B8-DA6F93DBA46F",
"versionEndIncluding": "5.5.38",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The secureCompare method in lib/SimpleSAML/Utils/Crypto.php in SimpleSAMLphp 1.14.13 and earlier, when used with PHP before 5.6, allows attackers to conduct session fixation attacks or possibly bypass authentication by leveraging missing character conversions before an XOR operation."
},
{
"lang": "es",
"value": "El m\u00e9todo secureCompare en lib/SimpleSAML/Utils/Crypto.php en SimpleSAMLphp 1.14.13 y anteriores, al usarse con PHP en versiones anteriores a la 5.6, permite que los atacantes lleven a cabo ataques de fijaci\u00f3n de sesi\u00f3n o que, posiblemente, omitan la autenticaci\u00f3n aprovechando las conversiones de caracteres que faltan antes de una operaci\u00f3n XOR."
}
],
"id": "CVE-2017-12868",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-09-01T13:29:00.240",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/simplesamlphp/simplesamlphp/commit/4bc629658e7b7d17c9ac3fe0da7dc5df71f1b85e"
},
{
"source": "cve@mitre.org",
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00007.html"
},
{
"source": "cve@mitre.org",
"url": "https://lists.debian.org/debian-lts-announce/2018/06/msg00017.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://simplesamlphp.org/security/201705-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/simplesamlphp/simplesamlphp/commit/4bc629658e7b7d17c9ac3fe0da7dc5df71f1b85e"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2018/06/msg00017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://simplesamlphp.org/security/201705-01"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-384"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-03-06 20:19
Modified
2025-04-09 00:30
Severity ?
Summary
Integer overflow in PHP 4.4.4 and earlier allows remote context-dependent attackers to execute arbitrary code via a long string to the unserialize function, which triggers the overflow in the ZVAL reference counter.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C84850F4-17C8-4525-8C7A-1C1E8454753B",
"versionEndIncluding": "4.4.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in PHP 4.4.4 and earlier allows remote context-dependent attackers to execute arbitrary code via a long string to the unserialize function, which triggers the overflow in the ZVAL reference counter."
},
{
"lang": "es",
"value": "Desbordamiento de entero en PHP 4.4.4 y anteriores permiten a atacantes dependientes de contexto ejecutar c\u00f3digo de su elecci\u00f3n mediante el paso de una cadena larga a la funci\u00f3n unserialize, lo cual provoca el desbordamiento en el contador de referencias ZVAL."
}
],
"id": "CVE-2007-1286",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-03-06T20:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01056506"
},
{
"source": "cve@mitre.org",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01056506"
},
{
"source": "cve@mitre.org",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01086137"
},
{
"source": "cve@mitre.org",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01086137"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2007-0154.html"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2007-0155.html"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2007-0163.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/24419"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/24606"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/24910"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/24924"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/24941"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/24945"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/25025"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/25062"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/25423"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/25445"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/25850"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200703-21.xml"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200705-19.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2007/dsa-1282"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2007/dsa-1283"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:087"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:088"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/32771"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.php-security.org/MOPB/MOPB-04-2007.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/466166/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/22765"
},
{
"source": "cve@mitre.org",
"url": "http://www.trustix.org/errata/2007/0009/"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/1991"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/2374"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32796"
},
{
"source": "cve@mitre.org",
"url": "https://issues.rpath.com/browse/RPL-1268"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11575"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01056506"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01056506"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01086137"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01086137"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2007-0154.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2007-0155.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2007-0163.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24419"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24606"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24910"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24924"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24941"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24945"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25025"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25062"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25423"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25445"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25850"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200703-21.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200705-19.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2007/dsa-1282"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2007/dsa-1283"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:087"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:088"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/32771"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.php-security.org/MOPB/MOPB-04-2007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/466166/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/22765"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.trustix.org/errata/2007/0009/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1991"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/2374"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32796"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://issues.rpath.com/browse/RPL-1268"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11575"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-06-09 19:15
Modified
2024-11-21 09:47
Severity ?
7.7 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, the fix for CVE-2024-1874 does not work if the command name includes trailing spaces. Original issue: when using proc_open() command with array syntax, due to insufficient escaping, if the arguments of the executed command are controlled by a malicious user, the user can supply arguments that would execute arbitrary commands in Windows shell.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7DC2EEF8-834B-42A1-8DA3-0C2CF22A7070",
"versionEndExcluding": "8.1.29",
"versionStartIncluding": "8.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A39988FF-D854-4277-9D66-6911AF371DD3",
"versionEndExcluding": "8.2.20",
"versionStartIncluding": "8.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F579FFC1-4F81-4755-B14B-3AA73AC9FF7A",
"versionEndExcluding": "8.3.8",
"versionStartIncluding": "8.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*",
"matchCriteriaId": "CA277A6C-83EC-4536-9125-97B84C4FAF59",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In PHP versions\u00a08.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, the fix for\u00a0CVE-2024-1874 does not work if the command name includes trailing spaces. Original issue:\u00a0when using proc_open() command with array syntax, due to insufficient escaping, if the arguments of the executed command are controlled by a malicious user, the user can supply arguments that would execute arbitrary commands in Windows shell."
},
{
"lang": "es",
"value": "En las versiones de PHP 8.1.* anteriores a 8.1.29, 8.2.* anteriores a 8.2.20, 8.3.* anteriores a 8.3.8, la soluci\u00f3n para CVE-2024-1874 no funciona si el nombre del comando incluye espacios finales. Problema original: cuando se utiliza el comando proc_open() con sintaxis de matriz, debido a un escape insuficiente, si los argumentos del comando ejecutado est\u00e1n controlados por un usuario malintencionado, el usuario puede proporcionar argumentos que ejecutar\u00edan comandos arbitrarios en el shell de Windows."
}
],
"id": "CVE-2024-5585",
"lastModified": "2024-11-21T09:47:58.357",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.5,
"source": "security@php.net",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-06-09T19:15:52.597",
"references": [
{
"source": "security@php.net",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2024/06/07/1"
},
{
"source": "security@php.net",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/php/php-src/security/advisories/GHSA-9fcc-425m-g385"
},
{
"source": "security@php.net",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/"
},
{
"source": "security@php.net",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/"
},
{
"source": "security@php.net",
"url": "https://security.netapp.com/advisory/ntap-20240726-0002/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2024/06/07/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/php/php-src/security/advisories/GHSA-9fcc-425m-g385"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20240726-0002/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.vicarius.io/vsociety/posts/command-injection-vulnerability-in-php-on-windows-systems-cve-2024-1874-and-cve-2024-5585"
}
],
"sourceIdentifier": "security@php.net",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
},
{
"lang": "en",
"value": "CWE-116"
}
],
"source": "security@php.net",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-116"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-05-09 00:19
Modified
2025-04-09 00:30
Severity ?
Summary
Buffer overflow in the bundled libxmlrpc library in PHP before 4.4.7, and 5.x before 5.2.2, has unknown impact and remote attack vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| php | php | * | |
| php | php | * | |
| debian | debian_linux | 3.1 | |
| debian | debian_linux | 4.0 | |
| canonical | ubuntu_linux | 6.06 | |
| canonical | ubuntu_linux | 6.10 | |
| canonical | ubuntu_linux | 7.04 | |
| redhat | enterprise_linux_server | 5.0 | |
| redhat | enterprise_linux_workstation | 5.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D380D959-83D6-4F89-B018-F2950BEFE4E9",
"versionEndExcluding": "4.4.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0B9F97-7F6C-4165-83B4-80FDBBF88D0C",
"versionEndIncluding": "5.1.6",
"versionStartIncluding": "5.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A9A50D6-69E3-45D0-9FE3-E3969A962D99",
"versionEndExcluding": "5.2.2",
"versionStartIncluding": "5.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0F92AB32-E7DE-43F4-B877-1F41FA162EC7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*",
"matchCriteriaId": "5C18C3CD-969B-4AA3-AE3A-BA4A188F8BFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "23E304C9-F780-4358-A58D-1E4C93977704",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*",
"matchCriteriaId": "6EBDAFF8-DE44-4E80-B6BD-E341F767F501",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the bundled libxmlrpc library in PHP before 4.4.7, and 5.x before 5.2.2, has unknown impact and remote attack vectors."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en la librer\u00eda libxmlrpc incluida en PHP anterior a 4.4.7, y 5.x anterior a 5.2.2, tiene impacto y vectores de ataque remotos desconocidos."
}
],
"id": "CVE-2007-1864",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-05-09T00:19:00.000",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2007-07/msg00006.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://osvdb.org/34674"
},
{
"source": "secalert@redhat.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/25187"
},
{
"source": "secalert@redhat.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/25191"
},
{
"source": "secalert@redhat.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/25255"
},
{
"source": "secalert@redhat.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/25445"
},
{
"source": "secalert@redhat.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/25660"
},
{
"source": "secalert@redhat.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/25938"
},
{
"source": "secalert@redhat.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/25945"
},
{
"source": "secalert@redhat.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26048"
},
{
"source": "secalert@redhat.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26102"
},
{
"source": "secalert@redhat.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/27377"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200705-19.xml"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-231.htm"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://us2.php.net/releases/4_4_7.php"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://us2.php.net/releases/5_2_2.php"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2007/dsa-1330"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2007/dsa-1331"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:102"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:103"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0349.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0355.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/23813"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1018024"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://www.trustix.org/errata/2007/0017/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/usn-485-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/2187"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "https://issues.rpath.com/browse/RPL-1693"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11257"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://rhn.redhat.com/errata/RHSA-2007-0348.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2007-07/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://osvdb.org/34674"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/25187"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/25191"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/25255"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/25445"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/25660"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/25938"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/25945"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26048"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26102"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/27377"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200705-19.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-231.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://us2.php.net/releases/4_4_7.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://us2.php.net/releases/5_2_2.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2007/dsa-1330"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2007/dsa-1331"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:102"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:103"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0349.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0355.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/23813"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1018024"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.trustix.org/errata/2007/0017/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/usn-485-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/2187"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://issues.rpath.com/browse/RPL-1693"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11257"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://rhn.redhat.com/errata/RHSA-2007-0348.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-05-12 11:46
Modified
2025-04-11 00:51
Severity ?
Summary
Stack consumption vulnerability in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to cause a denial of service (PHP crash) via a crafted first argument to the fnmatch function, as demonstrated using a long string.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD02D837-FD28-4E0F-93F8-25E8D1C84A99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "88358D1E-BE6F-4CE3-A522-83D1FA4739E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D8B97B03-7DA7-4A5F-89B4-E78CAB20DE17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "86767200-6C9C-4C3E-B111-0E5BE61E197B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B00B416D-FF23-4C76-8751-26D305F0FA0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CCB6CDDD-70D3-4004-BCE0-8C4723076103",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A782CA26-9C38-40A8-92AE-D47B14D2FCE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "0892C89E-9389-4452-B7E0-981A763CD426",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "635F3CB1-B042-43CC-91AB-746098018D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E1F32DDF-17A3-45B5-9227-833EBEBD3923",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "2CDFB7E9-8510-430F-BFBC-FD811D60DC78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "79D5336A-14AA-483E-9CBE-A7B53120B925",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "3AADA875-E0EA-483A-A07E-2914FE969972",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:5.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9EF4B938-BB14-4C06-BEE9-10CA755C5DEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "981C922C-7A7D-473E-8C43-03AB62FB5B8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5D0CD11A-09C2-4C60-8F0C-68E55BD6EE63",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack consumption vulnerability in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to cause a denial of service (PHP crash) via a crafted first argument to the fnmatch function, as demonstrated using a long string."
},
{
"lang": "es",
"value": "Una vulnerabilidad de consumo de pila en PHP v5.2 a v5.2.13 y v5.3 a trav\u00e9s de v5.3.2 permite provocar, a determinados atacantes, seg\u00fan el contexto, una denegaci\u00f3n de servicio (fallo de PHP) a trav\u00e9s de un argumento modificado a la funci\u00f3n fnmatch, como se demuestra mediante una cadena larga en ese argumento."
}
],
"id": "CVE-2010-1917",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-05-12T11:46:40.347",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=130331363227777\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=130331363227777\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/40860"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/42410"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2010/dsa-2089"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.php-security.org/2010/05/11/mops-2010-021-php-fnmatch-stack-exhaustion-vulnerability/index.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0919.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2010/3081"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58585"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=130331363227777\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=130331363227777\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/40860"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/42410"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2010/dsa-2089"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.php-security.org/2010/05/11/mops-2010-021-php-fnmatch-stack-exhaustion-vulnerability/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0919.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2010/3081"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58585"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-11-28 04:37
Modified
2025-04-11 00:51
Severity ?
Summary
The scan function in ext/date/lib/parse_iso_intervals.c in PHP through 5.5.6 does not properly restrict creation of DateInterval objects, which might allow remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted interval specification.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| php | php | * | |
| php | php | * | |
| apple | mac_os_x | * | |
| opensuse | opensuse | 11.4 | |
| opensuse | opensuse | 12.2 | |
| opensuse | opensuse | 12.3 | |
| opensuse | opensuse | 13.1 | |
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 12.10 | |
| canonical | ubuntu_linux | 13.04 | |
| canonical | ubuntu_linux | 13.10 | |
| debian | debian_linux | 6.0 | |
| debian | debian_linux | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "388E0CDF-737F-437E-B4D9-1001E0651387",
"versionEndExcluding": "5.3.29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2A12AD15-F9C9-449C-8CD5-92AFAAA128C8",
"versionEndExcluding": "5.4.24",
"versionStartIncluding": "5.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FA49E4BC-380E-4E10-8BB2-C55263AF3929",
"versionEndExcluding": "5.5.8",
"versionStartIncluding": "5.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "045D7827-3EB8-43A1-AC80-9C94C395D364",
"versionEndIncluding": "10.10.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DE554781-1EB9-446E-911F-6C11970C47F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D806A17E-B8F9-466D-807D-3F1E77603DC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DFBF430B-0832-44B0-AA0E-BA9E467F7668",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
"matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*",
"matchCriteriaId": "CB66DB75-2B16-4EBF-9B93-CE49D8086E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E2076871-2E80-4605-A470-A41C1A8EC7EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAA48D9-BEB4-4E49-AD50-325C262D46D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*",
"matchCriteriaId": "7F61F047-129C-41A6-8A27-FFCBB8563E91",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "036E8A89-7A16-411F-9D31-676313BB7244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The scan function in ext/date/lib/parse_iso_intervals.c in PHP through 5.5.6 does not properly restrict creation of DateInterval objects, which might allow remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted interval specification."
},
{
"lang": "es",
"value": "La funci\u00f3n de an\u00e1lisis en ext/date/lib/parse_iso_intervals.c de PHP hasta la versi\u00f3n 5.5.6 no restringe adecuadamente la creaci\u00f3n de objetos DateInterval, lo que podr\u00eda permitir a atacantes remotos provocar una denegaci\u00f3n de servicio (desbordamiento de b\u00fafer basado en memoria din\u00e1mica) a trav\u00e9s de una especificaci\u00f3n de intervalo manipulada."
}
],
"id": "CVE-2013-6712",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-11-28T04:37:39.840",
"references": [
{
"source": "cve@mitre.org",
"url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=12fe4e90be7bfa2a763197079f68f5568a14e071"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00125.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00126.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1765.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2013/dsa-2816"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2055-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=66060"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04463322"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04463322"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/HT204659"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=12fe4e90be7bfa2a763197079f68f5568a14e071"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00125.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00126.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1765.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2013/dsa-2816"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2055-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=66060"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04463322"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04463322"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/HT204659"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-05-24 15:29
Modified
2025-04-20 01:37
Severity ?
Summary
An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write or read occurs in next_state_val() during regular expression compilation. Octal numbers larger than 0xff are not handled correctly in fetch_token() and fetch_token_in_cc(). A malformed regular expression containing an octal number in the form of '\700' would produce an invalid code point value larger than 0xff in next_state_val(), resulting in an out-of-bounds write memory corruption.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oniguruma_project:oniguruma:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "71A9EC32-B30C-40DF-9937-654BC977DCC4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86CB20B2-9B73-47BA-B1B9-767961453F73",
"versionEndExcluding": "5.6.31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ABE3BCB8-C2C7-4E44-A4D2-AA1DAE9555DB",
"versionEndExcluding": "7.0.21",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5799FA9F-8C0B-4B86-9D2C-558DFF64AA6C",
"versionEndExcluding": "7.1.7",
"versionStartIncluding": "7.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write or read occurs in next_state_val() during regular expression compilation. Octal numbers larger than 0xff are not handled correctly in fetch_token() and fetch_token_in_cc(). A malformed regular expression containing an octal number in the form of \u0027\\700\u0027 would produce an invalid code point value larger than 0xff in next_state_val(), resulting in an out-of-bounds write memory corruption."
},
{
"lang": "es",
"value": "Un problema fue encontrado en Oniguruma versi\u00f3n 6.2.0, tal y como es usado en Oniguruma-mod en Ruby hasta la versi\u00f3n 2.4.1 y mbstring en PHP hasta la versi\u00f3n 7.1.5. Un vulnerabilidad de lectura o escritura fuera de l\u00edmites de la pila ocurre en la funci\u00f3n next_state_val() durante la compilaci\u00f3n de expresi\u00f3n regular. Los n\u00fameros octales mayores que 0xff no se manejan apropiadamente en fetch_token() y fetch_token_in_cc(). Una expresi\u00f3n regular malformada que contenga un n\u00famero octal en forma de \u201c\\700\u201d producir\u00eda un valor de punto de c\u00f3digo no v\u00e1lido mayor que 0xff en next_state_val(), lo que dar\u00eda como resultado una corrupci\u00f3n de memoria de escritura fuera de l\u00edmites."
}
],
"id": "CVE-2017-9226",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-05-24T15:29:00.277",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101244"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1296"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/kkos/oniguruma/commit/b4bf968ad52afe14e60a2dc8a95d3555c543353a"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/kkos/oniguruma/commit/f015fbdd95f76438cd86366467bb2b39870dd7c6"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/kkos/oniguruma/issues/55"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101244"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1296"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/kkos/oniguruma/commit/b4bf968ad52afe14e60a2dc8a95d3555c543353a"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/kkos/oniguruma/commit/f015fbdd95f76438cd86366467bb2b39870dd7c6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/kkos/oniguruma/issues/55"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-08-31 21:04
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in the LWZReadByte_ function in ext/gd/libgd/gd_gif_in.c in the GD extension in PHP before 5.1.5 allows remote attackers to have an unknown impact via a GIF file with input_code_size greater than MAX_LWZ_BITS, which triggers an overflow when initializing the table array.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:5.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8CDFEF9-C367-4800-8A2F-375C261FAE55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "16E43B88-1563-4EFD-9267-AE3E8C35D67A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "11E5715F-A8BC-49EF-836B-BB78E1BC0790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1874F637-77E2-4C4A-BF92-AEE96A60BFB0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the LWZReadByte_ function in ext/gd/libgd/gd_gif_in.c in the GD extension in PHP before 5.1.5 allows remote attackers to have an unknown impact via a GIF file with input_code_size greater than MAX_LWZ_BITS, which triggers an overflow when initializing the table array."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en la funci\u00f3n LWZReadByte_ en ext/gd/libgd/gd_gif_in.c en la extensi\u00f3n GD en PHP anterior a 5.1.5 permite a atacantes remotos tener un impacto desconocido mediante un fichero GIF con input_code_size mayor que MAX_LWZ_BITS, lo cual dispara un desbordamiento al inicializar el array tabla."
}
],
"id": "CVE-2006-4484",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.6,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2006-08-31T21:04:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://bugs.php.net/bug.php?id=38112"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://cvs.php.net/viewvc.cgi/php-src/ext/gd/libgd/gd_gif_in.c?r1=1.10\u0026r2=1.11"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://cvs.php.net/viewvc.cgi/php-src/ext/gd/libgd/gd_gif_in.c?view=log"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2006-0688.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21546"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21768"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21842"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/22039"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/22069"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/22225"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/22440"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/22487"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/22538"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/28768"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/28838"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/28845"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/28866"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/28959"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/29157"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/29242"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/29546"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/30717"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1016984"
},
{
"source": "cve@mitre.org",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-222.htm"
},
{
"source": "cve@mitre.org",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-223.htm"
},
{
"source": "cve@mitre.org",
"url": "http://wiki.rpath.com/Advisories:rPSA-2008-0046"
},
{
"source": "cve@mitre.org",
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0046"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:162"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:038"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:077"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2006_52_php.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2008_13_sr.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.php.net/ChangeLog-5.php#5.1.5"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.php.net/release_5_1_5.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0146.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/447866/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/487683/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/488008/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/19582"
},
{
"source": "cve@mitre.org",
"url": "http://www.turbolinux.com/security/2006/TLSA-2006-38.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/usn-342-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/3318"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=431568"
},
{
"source": "cve@mitre.org",
"url": "https://issues.rpath.com/browse/RPL-2218"
},
{
"source": "cve@mitre.org",
"url": "https://issues.rpath.com/browse/RPL-683"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9004"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00502.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://bugs.php.net/bug.php?id=38112"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://cvs.php.net/viewvc.cgi/php-src/ext/gd/libgd/gd_gif_in.c?r1=1.10\u0026r2=1.11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://cvs.php.net/viewvc.cgi/php-src/ext/gd/libgd/gd_gif_in.c?view=log"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2006-0688.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21546"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21768"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21842"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/22039"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/22069"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/22225"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/22440"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/22487"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/22538"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/28768"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/28838"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/28845"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/28866"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/28959"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/29157"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/29242"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/29546"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/30717"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016984"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-222.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-223.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://wiki.rpath.com/Advisories:rPSA-2008-0046"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0046"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:162"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:038"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:077"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2006_52_php.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2008_13_sr.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.php.net/ChangeLog-5.php#5.1.5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.php.net/release_5_1_5.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0146.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/447866/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/487683/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/488008/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/19582"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.turbolinux.com/security/2006/TLSA-2006-38.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-342-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/3318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=431568"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://issues.rpath.com/browse/RPL-2218"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://issues.rpath.com/browse/RPL-683"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9004"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00502.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-03-09 00:29
Modified
2024-11-21 04:52
Severity ?
Summary
An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an Invalid Read in exif_process_SOFn.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| php | php | * | |
| php | php | * | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 | |
| canonical | ubuntu_linux | 18.10 | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| opensuse | leap | 15.0 | |
| opensuse | leap | 15.1 | |
| opensuse | leap | 42.3 | |
| netapp | storage_automation_store | - | |
| redhat | software_collections | 1.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "52A956E6-4AA6-486B-A616-35821A907ACB",
"versionEndExcluding": "7.1.27",
"versionStartIncluding": "7.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EFA39564-43E1-44BF-9832-61AC7273043F",
"versionEndExcluding": "7.2.16",
"versionStartIncluding": "7.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8DF2995F-AC70-4D4A-ACAA-1C13E654F195",
"versionEndExcluding": "7.3.3",
"versionStartIncluding": "7.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*",
"matchCriteriaId": "07C312A0-CD2C-4B9C-B064-6409B25C278F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F1E78106-58E6-4D59-990F-75DA575BFAD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B7A6697-98CC-4E36-93DB-B7160F8399F9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9D7EE4B6-A6EC-4B9B-91DF-79615796673F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an Invalid Read in exif_process_SOFn."
},
{
"lang": "es",
"value": "Se ha detectado un fallo en el componente EXIF en PHP, en versiones anteriores a la 7.1.27, en las 7.2.x anteriores a la 7.2.16 y en las 7.3.x anteriores a la 7.3.3. Hay una lectura inv\u00e1lida en exif_process_SOFn."
}
],
"id": "CVE-2019-9640",
"lastModified": "2024-11-21T04:52:01.970",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-03-09T00:29:00.647",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2519"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3299"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=77540"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20190502-0007/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3922-1/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3922-2/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3922-3/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2019/dsa-4403"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2519"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3299"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=77540"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20190502-0007/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3922-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3922-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3922-3/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2019/dsa-4403"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-03-02 06:59
Modified
2025-04-20 01:37
Severity ?
Summary
An issue was discovered in PHP 5.x and 7.x, when the configuration uses apache2handler/mod_php or php-fpm with OpCache enabled. With 5.x after 5.6.28 or 7.x after 7.0.13, the issue is resolved in a non-default configuration with the opcache.validate_permission=1 setting. The vulnerability details are as follows. In PHP SAPIs where PHP interpreters share a common parent process, Zend OpCache creates a shared memory object owned by the common parent during initialization. Child PHP processes inherit the SHM descriptor, using it to cache and retrieve compiled script bytecode ("opcode" in PHP jargon). Cache keys vary depending on configuration, but filename is a central key component, and compiled opcode can generally be run if a script's filename is known or can be guessed. Many common shared-hosting configurations change EUID in child processes to enforce privilege separation among hosted users (for example using mod_ruid2 for the Apache HTTP Server, or php-fpm user settings). In these scenarios, the default Zend OpCache behavior defeats script file permissions by sharing a single SHM cache among all child PHP processes. PHP scripts often contain sensitive information: Think of CMS configurations where reading or running another user's script usually means gaining privileges to the CMS database.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0B8F76E6-7BD5-4532-B99E-25CE01A739B7",
"versionEndIncluding": "5.6.29",
"versionStartIncluding": "5.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1CEBCBE0-832F-4164-BAA8-63ACC07AF862",
"versionEndExcluding": "7.0.14",
"versionStartIncluding": "7.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in PHP 5.x and 7.x, when the configuration uses apache2handler/mod_php or php-fpm with OpCache enabled. With 5.x after 5.6.28 or 7.x after 7.0.13, the issue is resolved in a non-default configuration with the opcache.validate_permission=1 setting. The vulnerability details are as follows. In PHP SAPIs where PHP interpreters share a common parent process, Zend OpCache creates a shared memory object owned by the common parent during initialization. Child PHP processes inherit the SHM descriptor, using it to cache and retrieve compiled script bytecode (\"opcode\" in PHP jargon). Cache keys vary depending on configuration, but filename is a central key component, and compiled opcode can generally be run if a script\u0027s filename is known or can be guessed. Many common shared-hosting configurations change EUID in child processes to enforce privilege separation among hosted users (for example using mod_ruid2 for the Apache HTTP Server, or php-fpm user settings). In these scenarios, the default Zend OpCache behavior defeats script file permissions by sharing a single SHM cache among all child PHP processes. PHP scripts often contain sensitive information: Think of CMS configurations where reading or running another user\u0027s script usually means gaining privileges to the CMS database."
},
{
"lang": "es",
"value": "Se ha descubierto un problema en PHP 5.x y 7.x, cuando la configuraci\u00f3n utiliza apache2handler/mod_php o php-fpm con OpCache habilitado. Con 5.x despu\u00e9s de la versi\u00f3n 5.6.28 o 7.x despu\u00e9s de la versi\u00f3n 7.0.13, el problema se resuelve en una configuraci\u00f3n no predeterminada con el ajuste opcache.validate_permission=1. Los detalles de la vulnerabilidad son los siguientes. En PHP SAPIs donde los int\u00e9rpretes PHP comparten un proceso padre com\u00fan, Zend OpCache crea un objeto de memoria compartido propiedad del padre com\u00fan durante la inicializaci\u00f3n. Los procesos Child PHP heredan el descriptor SHM, us\u00e1ndolo para almacenar en cach\u00e9 y recuperar la secuencia de comandos de bytecode (\"opcode\" en jerga PHP ). Las claves de cach\u00e9 var\u00edan dependiendo de la configuraci\u00f3n, pero el nombre del archivo es un componente clave central y el c\u00f3digo de operaci\u00f3n compilado puede ejecutarse generalmente si un nombre de archivo de la secuencia de comandos es conocido o puede ser adivinado. Muchas configuraciones comunes de alojamiento compartido cambian el EUID en los procesos hijo para forzar la separaci\u00f3n de privilegios entre los usuarios invitados (por ejemplo usando mod_ruid2 para el servidor HTTP de Apache o la configuraci\u00f3n de usuario php-fpm). En estos escenarios, el comportamiento predeterminado de Zend OpCache invalida los permisos del archivo de secuencia de comandos compartiendo una sola cach\u00e9 SHM entre todos los procesos hijo PHP. Las secuencias de comandos PHP a menudo contiene informaci\u00f3n sensible: las configuraciones de Think of CMS donde leen o ejecutan las secuencias de comandos de otros usuarios generalmente significa obtener privilegios de la base de datos CMS."
}
],
"id": "CVE-2015-8994",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-03-02T06:59:00.167",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=php-internals\u0026m=147876797317925\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=php-internals\u0026m=147921016724565\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://openwall.com/lists/oss-security/2017/02/28/1"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/oss-sec/2016/q4/343"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/oss-sec/2017/q1/520"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
],
"url": "https://bugs.php.net/bug.php?id=69090"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
],
"url": "https://ma.ttias.be/a-better-way-to-run-php-fpm/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=php-internals\u0026m=147876797317925\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=php-internals\u0026m=147921016724565\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://openwall.com/lists/oss-security/2017/02/28/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/oss-sec/2016/q4/343"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/oss-sec/2017/q1/520"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking"
],
"url": "https://bugs.php.net/bug.php?id=69090"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
],
"url": "https://ma.ttias.be/a-better-way-to-run-php-fpm/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-03-20 02:00
Modified
2025-04-11 00:51
Severity ?
Summary
Multiple memory leaks in the OpenSSL extension in PHP before 5.3.6 might allow remote attackers to cause a denial of service (memory consumption) via (1) plaintext data to the openssl_encrypt function or (2) ciphertext data to the openssl_decrypt function.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| php | php | 1.0 | |
| php | php | 2.0 | |
| php | php | 2.0b10 | |
| php | php | 3.0 | |
| php | php | 3.0.1 | |
| php | php | 3.0.2 | |
| php | php | 3.0.3 | |
| php | php | 3.0.4 | |
| php | php | 3.0.5 | |
| php | php | 3.0.6 | |
| php | php | 3.0.7 | |
| php | php | 3.0.8 | |
| php | php | 3.0.9 | |
| php | php | 3.0.10 | |
| php | php | 3.0.11 | |
| php | php | 3.0.12 | |
| php | php | 3.0.13 | |
| php | php | 3.0.14 | |
| php | php | 3.0.15 | |
| php | php | 3.0.16 | |
| php | php | 3.0.17 | |
| php | php | 3.0.18 | |
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0.0 | |
| php | php | 4.0.1 | |
| php | php | 4.0.2 | |
| php | php | 4.0.3 | |
| php | php | 4.0.4 | |
| php | php | 4.0.5 | |
| php | php | 4.0.6 | |
| php | php | 4.0.7 | |
| php | php | 4.1.0 | |
| php | php | 4.1.1 | |
| php | php | 4.1.2 | |
| php | php | 4.2.0 | |
| php | php | 4.2.1 | |
| php | php | 4.2.2 | |
| php | php | 4.2.3 | |
| php | php | 4.3.0 | |
| php | php | 4.3.1 | |
| php | php | 4.3.2 | |
| php | php | 4.3.3 | |
| php | php | 4.3.4 | |
| php | php | 4.3.5 | |
| php | php | 4.3.6 | |
| php | php | 4.3.7 | |
| php | php | 4.3.8 | |
| php | php | 4.3.9 | |
| php | php | 4.3.10 | |
| php | php | 4.3.11 | |
| php | php | 4.4.0 | |
| php | php | 4.4.1 | |
| php | php | 4.4.2 | |
| php | php | 4.4.3 | |
| php | php | 4.4.4 | |
| php | php | 4.4.5 | |
| php | php | 4.4.6 | |
| php | php | 4.4.7 | |
| php | php | 4.4.8 | |
| php | php | 4.4.9 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.1 | |
| php | php | 5.0.2 | |
| php | php | 5.0.3 | |
| php | php | 5.0.4 | |
| php | php | 5.0.5 | |
| php | php | 5.1.0 | |
| php | php | 5.1.1 | |
| php | php | 5.1.2 | |
| php | php | 5.1.3 | |
| php | php | 5.1.4 | |
| php | php | 5.1.5 | |
| php | php | 5.1.6 | |
| php | php | 5.2.0 | |
| php | php | 5.2.1 | |
| php | php | 5.2.2 | |
| php | php | 5.2.3 | |
| php | php | 5.2.4 | |
| php | php | 5.2.4 | |
| php | php | 5.2.5 | |
| php | php | 5.2.6 | |
| php | php | 5.2.7 | |
| php | php | 5.2.8 | |
| php | php | 5.2.9 | |
| php | php | 5.2.10 | |
| php | php | 5.2.11 | |
| php | php | 5.2.12 | |
| php | php | 5.2.13 | |
| php | php | 5.2.14 | |
| php | php | 5.2.15 | |
| php | php | 5.2.16 | |
| php | php | 5.2.17 | |
| php | php | 5.3.0 | |
| php | php | 5.3.1 | |
| php | php | 5.3.2 | |
| php | php | 5.3.3 | |
| php | php | 5.3.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "675ACEA8-3364-4ABD-BDE0-621310435AEC",
"versionEndIncluding": "5.3.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "92647629-083F-4042-8365-4AD2EBC9C1BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FF72E8D5-9F8C-4BD4-9AA4-28E23CB48A47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:2.0b10:*:*:*:*:*:*:*",
"matchCriteriaId": "83BE1120-6370-4470-8586-6581EDF3FD69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "245C601D-0FE7-47E3-8304-6FF45E9567D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "691BB8BB-329A-4640-B758-7590C99B5E42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E2BC4CCE-2774-463E-82EA-36CD442D3A7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C478024C-2FCD-463F-A75E-E04660AA9DF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AC9C32F4-5102-4E9B-9F32-B24B65A5ED2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A5BD99C0-E875-496E-BE5E-A8DCBD414B5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1851ADE5-C70C-46E0-941A-6ADF7DB5C126",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "69DA3BA2-AF53-4C9D-93FA-0317841595B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0CFEE5-2274-4BBC-A24A-3A0D13F607FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "67B59D6A-7EDA-4C34-81D6-C2557C85D164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "AEBA40B6-8FDF-41AA-8166-F491FF7F3118",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E74E2B72-A428-4BB3-B6F8-0AF5E487A807",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "1E2F1D82-8E6A-4FBF-9055-A0F395DC17FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "945FF149-3446-4905-BCA1-C397E3497B58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "8E446DBD-FEFA-4D22-9C9D-51F61C01E414",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "3C8DE728-78E1-4F9F-BC56-CD9B10E61287",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "80E31CC6-9356-4BB7-9F49-320AAF341E1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB8AD3A-9181-459A-9AF2-B3FC6BAF6FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "4B3E7199-8FB7-4930-9C0A-A36A698940B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EDBEC461-D553-41B7-8D85-20B6A933C21C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta_4_patch1:*:*:*:*:*:*",
"matchCriteriaId": "AEEF2298-98E8-409F-9205-84817CEF947B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "6AFC00BA-D64D-4407-AC69-FDD9FF013943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "D80F2A8B-B57F-4970-867A-55E8187C1502",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "EF4E0EFE-4FF6-4E8F-8EC5-68B059FC0C42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "49965B80-DC27-4864-BDF0-CBBFF16BFD80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF57C14-86B6-419A-BAFF-93D01CB1E081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78BAA18C-E5A0-4210-B64B-709BBFF31EEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "13A159B4-B847-47DE-B7F8-89384E6C551B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "57B59616-A309-40B4-94B1-50A7BC00E35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0F39A1B1-416E-4436-8007-733B66904A14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DD5FC218-3DDB-4981-81C9-6C69F8DA6F4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2E5F96-66D2-4F99-A74D-6A2305EE218E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2D724D09-0D45-4701-93C9-348301217C8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6713614A-B14E-4A85-BF89-ED780068FC68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FD95F8EB-B428-4B3C-9254-A5DECE03A989",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "069EB7EE-06B9-454F-9007-8DE5DCA33C53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "18BF5BE6-09EA-45AD-93BF-2BEF1742534E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EC1460DF-1687-4314-BF1A-01290B20302D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "470380B0-3982-48FC-871B-C8B43C81900D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAA7712-10F0-4BB6-BAFB-D0806AFD9DE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "63190D9B-7958-4B93-87C6-E7D5A572F6DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7AB2E2E8-81D6-4973-AC0F-AA644EE99DD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4AAF4586-74FF-47C6-864B-656FDF3F33D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B14EF0C7-61F2-47A4-B7F8-43FF03C62DCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5245F990-B4A7-4ED8-909D-B8137CE79FAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5652D5B0-68E4-4239-B9B7-599AFCF4C53E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "57B71BB7-5239-4860-9100-8CABC3992D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "72BD447A-4EED-482C-8F61-48FAD4FCF8BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B3F9DF9D-15E5-4387-ABE3-A7583331A928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "11579E5C-D7CF-46EE-B015-5F4185C174E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C69CDE21-2FD4-4529-8F02-8709CF5E3D7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "221B9AC4-C63C-4386-B3BD-E4BC102C6124",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "78B7BA75-2A32-4A8E-ADF8-BCB4FC48CB5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2BEA491B-77FD-4760-8F6F-3EBC6BD810D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BB25CFBB-347C-479E-8853-F49DD6CBD7D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4D2937B3-D034-400E-84F5-33833CE3764D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "71AEE8B4-FCF8-483B-8D4C-2E80A02E925E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4C2AF1D9-33B6-4B2C-9269-426B6B720164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "84B70263-37AA-4539-A286-12038A3792C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2E46E4B4-808C-4B47-81D9-EC2B02A5E57B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6FF30D7F-353B-4496-9A89-4EF2BB279E0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "DD97DF34-35AB-4979-96E2-B23DC8556A79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7007E77F-60EF-44D8-9676-15B59DF1325F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "E727CECE-E452-489A-A42F-5A069D6AF80E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "149A1FB8-593E-412B-8E1C-3E560301D500",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "5D6E8982-D7AE-4A52-8F7C-A4D59D2A2CA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "8FC144FA-8F84-44C0-B263-B639FEAD20FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "295907B4-C3DE-4021-BE3B-A8826D4379E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "DBC98F82-6E1D-4A89-8ED4-ECD9BD954EB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "B881352D-954E-4FC0-9E42-93D02A3F3089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "17437AED-816A-4CCF-96DE-8C3D0CC8DB2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "74E7AE59-1CB0-4300-BBE0-109F909789EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9222821E-370F-4616-B787-CC22C2F4E7CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9809449F-9A76-4318-B233-B4C2950A6EA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0AA962D4-A4EC-4DC3-B8A9-D10941B92781",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8CDFEF9-C367-4800-8A2F-375C261FAE55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "16E43B88-1563-4EFD-9267-AE3E8C35D67A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "11E5715F-A8BC-49EF-836B-BB78E1BC0790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5FA68843-158E-463E-B68A-1ACF041C4E10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1874F637-77E2-4C4A-BF92-AEE96A60BFB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9592B32E-55CD-42D0-901E-8319823BC820",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A9BF34B5-F74C-4D56-9841-42452D60CB87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD02D837-FD28-4E0F-93F8-25E8D1C84A99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "88358D1E-BE6F-4CE3-A522-83D1FA4739E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D8B97B03-7DA7-4A5F-89B4-E78CAB20DE17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "86767200-6C9C-4C3E-B111-0E5BE61E197B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B00B416D-FF23-4C76-8751-26D305F0FA0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.4:*:windows:*:*:*:*:*",
"matchCriteriaId": "F526115E-A68E-4B10-AA6A-9CD26CB81AF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CCB6CDDD-70D3-4004-BCE0-8C4723076103",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A782CA26-9C38-40A8-92AE-D47B14D2FCE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1C0E7E2A-4770-4B68-B74C-5F5A6E1876DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "0892C89E-9389-4452-B7E0-981A763CD426",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "635F3CB1-B042-43CC-91AB-746098018D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E1F32DDF-17A3-45B5-9227-833EBEBD3923",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "2CDFB7E9-8510-430F-BFBC-FD811D60DC78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "79D5336A-14AA-483E-9CBE-A7B53120B925",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "3AADA875-E0EA-483A-A07E-2914FE969972",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.14:*:*:*:*:*:*:*",
"matchCriteriaId": "95D48A71-B84E-4B6C-9603-B3373052E568",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "CAAB7D55-F155-43F9-A563-F2E35CFFEF26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.16:*:*:*:*:*:*:*",
"matchCriteriaId": "72243A3F-6BFD-472B-9EA4-82BE4253ED27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "E415CC22-09CA-47D2-9F1A-0BCA8960835B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9EF4B938-BB14-4C06-BEE9-10CA755C5DEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "981C922C-7A7D-473E-8C43-03AB62FB5B8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5D0CD11A-09C2-4C60-8F0C-68E55BD6EE63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B0F40E4A-E125-4099-A8B3-D42614AA9312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4933D9DD-A630-4A3D-9D13-9E182F5F6F8C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple memory leaks in the OpenSSL extension in PHP before 5.3.6 might allow remote attackers to cause a denial of service (memory consumption) via (1) plaintext data to the openssl_encrypt function or (2) ciphertext data to the openssl_decrypt function."
},
{
"lang": "es",
"value": "M\u00faltiples fugas de memoria en la extensi\u00f3n OpenSSL de PHP anteriores a v5.3.6 podr\u00eda permitir a atacantes remotos provocar una denegaci\u00f3n de servicio (consumo de memoria) a trav\u00e9s de (1) datos en texto plano sobre la funci\u00f3n openssl_encrypt o (2) Los datos de texto cifrado a la funci\u00f3n openssl_decrypt."
}
],
"id": "CVE-2011-1468",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-03-20T02:00:04.597",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://bugs.php.net/bug.php?id=54060"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://bugs.php.net/bug.php?id=54061"
},
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
},
{
"source": "cve@mitre.org",
"url": "http://support.apple.com/kb/HT5002"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:053"
},
{
"source": "cve@mitre.org",
"url": "http://www.php.net/ChangeLog-5.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1423.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/46977"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2011/0744"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://bugs.php.net/bug.php?id=54060"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://bugs.php.net/bug.php?id=54061"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5002"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:053"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.php.net/ChangeLog-5.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1423.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/46977"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2011/0744"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-09-24 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
The mail function in PHP 4.x to 4.2.2 does not filter ASCII control characters from its arguments, which could allow remote attackers to modify mail message content, including mail headers, and possibly use PHP as a "spam proxy."
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:3.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "4B3E7199-8FB7-4930-9C0A-A36A698940B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EDBEC461-D553-41B7-8D85-20B6A933C21C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78BAA18C-E5A0-4210-B64B-709BBFF31EEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.1:patch1:*:*:*:*:*:*",
"matchCriteriaId": "419867C6-37BE-43B4-BFE0-6325FEE3807D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.1:patch2:*:*:*:*:*:*",
"matchCriteriaId": "37896E87-95C2-4039-8362-BC03B1C56706",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "13A159B4-B847-47DE-B7F8-89384E6C551B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "57B59616-A309-40B4-94B1-50A7BC00E35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.3:patch1:*:*:*:*:*:*",
"matchCriteriaId": "8667FBC6-04B6-40E5-93B3-6C22BEED4B26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0F39A1B1-416E-4436-8007-733B66904A14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DD5FC218-3DDB-4981-81C9-6C69F8DA6F4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2E5F96-66D2-4F99-A74D-6A2305EE218E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2D724D09-0D45-4701-93C9-348301217C8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6713614A-B14E-4A85-BF89-ED780068FC68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FD95F8EB-B428-4B3C-9254-A5DECE03A989",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "069EB7EE-06B9-454F-9007-8DE5DCA33C53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "18BF5BE6-09EA-45AD-93BF-2BEF1742534E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EC1460DF-1687-4314-BF1A-01290B20302D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "470380B0-3982-48FC-871B-C8B43C81900D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The mail function in PHP 4.x to 4.2.2 does not filter ASCII control characters from its arguments, which could allow remote attackers to modify mail message content, including mail headers, and possibly use PHP as a \"spam proxy.\""
}
],
"id": "CVE-2002-0986",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-09-24T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-008.0.txt"
},
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000545"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=103011916928204\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=105760591228031\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2002/dsa-168"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/410609"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:082"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2002_036_modphp4.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/2160"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2002-213.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2002-214.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2002-243.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2002-244.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2002-248.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2003-159.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/5562"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9959"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-008.0.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000545"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=103011916928204\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=105760591228031\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2002/dsa-168"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/410609"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:082"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2002_036_modphp4.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/2160"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2002-213.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2002-214.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2002-243.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2002-244.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2002-248.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2003-159.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/5562"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9959"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-09-14 00:17
Modified
2025-04-09 00:30
Severity ?
Summary
The dl function in PHP 5.2.4 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long string in the library parameter. NOTE: there are limited usage scenarios under which this would be a vulnerability.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5B6B1C7-B7B8-495E-9FE5-FF39718DC64E",
"versionEndIncluding": "5.2.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The dl function in PHP 5.2.4 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long string in the library parameter. NOTE: there are limited usage scenarios under which this would be a vulnerability."
},
{
"lang": "es",
"value": "La funci\u00f3n dl en PHP 5.2.4 y versiones anteriores permite a atacantes locales o remotos dependientes del contexto provocar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) mediante una cadena larga en el par\u00e1metro library.\r\nNOTA. Existen escenarios de uso limitado bajo los cuales esto ser\u00eda una vulnerabilidad."
}
],
"id": "CVE-2007-4887",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-09-14T00:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://docs.info.apple.com/article.html?artnum=307562"
},
{
"source": "cve@mitre.org",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01345501"
},
{
"source": "cve@mitre.org",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01345501"
},
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/27102"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/27659"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/28750"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/29420"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/30040"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/3133"
},
{
"source": "cve@mitre.org",
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0242"
},
{
"source": "cve@mitre.org",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.php.net/ChangeLog-5.php#5.2.5"
},
{
"source": "cve@mitre.org",
"url": "http://www.php.net/releases/5_2_5.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/478985/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/478988/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/491693/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/491693/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/26403"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/3825"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/0398"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/0924/references"
},
{
"source": "cve@mitre.org",
"url": "https://issues.rpath.com/browse/RPL-1943"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5767"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://docs.info.apple.com/article.html?artnum=307562"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01345501"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01345501"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/27102"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/27659"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/28750"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/29420"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/30040"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/3133"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0242"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.php.net/ChangeLog-5.php#5.2.5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.php.net/releases/5_2_5.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/478985/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/478988/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/491693/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/491693/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/26403"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/3825"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/0398"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/0924/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://issues.rpath.com/browse/RPL-1943"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5767"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Because the argument passed to the dl() function are always under the control of the author, Mandriva does not consider this a security issue.",
"lastModified": "2007-09-18T00:00:00",
"organization": "Mandriva"
},
{
"comment": "The argument passed to the dl() function must always be under the control of the script author. We therefore do not consider this to be a security issue.\n",
"lastModified": "2007-09-14T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-11-13 21:15
Modified
2024-11-21 01:21
Severity ?
Summary
PHP5 before 5.4.4 allows passing invalid utf-8 strings via the xmlTextWriterWriteAttribute, which are then misparsed by libxml2. This results in memory leak into the resulting output.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://access.redhat.com/security/cve/cve-2010-4657 | Third Party Advisory | |
| secalert@redhat.com | https://bugs.launchpad.net/php/%2Bbug/655442 | Third Party Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4657 | Issue Tracking, Third Party Advisory | |
| secalert@redhat.com | https://security-tracker.debian.org/tracker/CVE-2010-4657 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/security/cve/cve-2010-4657 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.launchpad.net/php/%2Bbug/655442 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4657 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security-tracker.debian.org/tracker/CVE-2010-4657 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| redhat | enterprise_linux | 5.0 | |
| redhat | enterprise_linux | 6.0 | |
| debian | debian_linux | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AAEA909D-6F0B-4DC2-996F-AD843B00F615",
"versionEndExcluding": "5.4.4",
"versionStartIncluding": "5.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1D8B549B-E57B-4DFE-8A13-CAB06B5356B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PHP5 before 5.4.4 allows passing invalid utf-8 strings via the xmlTextWriterWriteAttribute, which are then misparsed by libxml2. This results in memory leak into the resulting output."
},
{
"lang": "es",
"value": "PHP5 versiones anteriores a la versi\u00f3n 5.4.4, permite pasar cadenas utf-8 no v\u00e1lidas por medio de la funci\u00f3n xmlTextWriterWriteAttribute, que libxml2 analiza incorrectamente. Esto resulta en una p\u00e9rdida de memoria en la salida resultante."
}
],
"id": "CVE-2010-4657",
"lastModified": "2024-11-21T01:21:27.467",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-13T21:15:11.243",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/cve-2010-4657"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://bugs.launchpad.net/php/%2Bbug/655442"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4657"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2010-4657"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/cve-2010-4657"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://bugs.launchpad.net/php/%2Bbug/655442"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4657"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2010-4657"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-772"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-08-31 21:04
Modified
2025-04-03 01:03
Severity ?
Summary
The cURL extension files (1) ext/curl/interface.c and (2) ext/curl/streams.c in PHP before 5.1.5 permit the CURLOPT_FOLLOWLOCATION option when open_basedir or safe_mode is enabled, which allows attackers to perform unauthorized actions, possibly related to the realpath cache.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A48AD4D-30B8-4263-85CB-BEDB618524FB",
"versionEndExcluding": "5.1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The cURL extension files (1) ext/curl/interface.c and (2) ext/curl/streams.c in PHP before 5.1.5 permit the CURLOPT_FOLLOWLOCATION option when open_basedir or safe_mode is enabled, which allows attackers to perform unauthorized actions, possibly related to the realpath cache."
},
{
"lang": "es",
"value": "Los ficheros con extensi\u00f3n cURL (1) ext/curl/interface.c y(2) ext/curl/streams.c en PHP anterior a 5.1.5 permite la opci\u00f3n CURLOPT_FOLLOWLOCATION cuando open_basedir o safe_mode est\u00e1 habilitado, lo cual permite a un atacante realizar acciones no autorizadas, posiblemente relacionado con la cach\u00e9 realpath."
}
],
"id": "CVE-2006-4483",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-08-31T21:04:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Patch"
],
"url": "http://cvs.php.net/viewcvs.cgi/php-src/ext/curl/interface.c?r1=1.62.2.14.2.6\u0026r2=1.62.2.14.2.7"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Patch"
],
"url": "http://cvs.php.net/viewcvs.cgi/php-src/ext/curl/interface.c?view=log"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Patch"
],
"url": "http://cvs.php.net/viewvc.cgi/php-src/ext/curl/streams.c?r1=1.14.2.2.2.3\u0026r2=1.14.2.2.2.4"
},
{
"source": "cve@mitre.org",
"tags": [
"Not Applicable",
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21546"
},
{
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/22039"
},
{
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/30411"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1016984"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0178"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.novell.com/linux/security/advisories/2006_52_php.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://www.php.net/ChangeLog-5.php#5.1.5"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Release Notes",
"Vendor Advisory"
],
"url": "http://www.php.net/release_5_1_5.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/492671/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/19582"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2006/3318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Patch"
],
"url": "http://cvs.php.net/viewcvs.cgi/php-src/ext/curl/interface.c?r1=1.62.2.14.2.6\u0026r2=1.62.2.14.2.7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Patch"
],
"url": "http://cvs.php.net/viewcvs.cgi/php-src/ext/curl/interface.c?view=log"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Patch"
],
"url": "http://cvs.php.net/viewvc.cgi/php-src/ext/curl/streams.c?r1=1.14.2.2.2.3\u0026r2=1.14.2.2.2.4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable",
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21546"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/22039"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/30411"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1016984"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0178"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.novell.com/linux/security/advisories/2006_52_php.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://www.php.net/ChangeLog-5.php#5.1.5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Release Notes",
"Vendor Advisory"
],
"url": "http://www.php.net/release_5_1_5.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/492671/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/19582"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2006/3318"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-862"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-08-31 21:04
Modified
2025-04-03 01:03
Severity ?
Summary
Integer overflow in memory allocation routines in PHP before 5.1.6, when running on a 64-bit system, allows context-dependent attackers to bypass the memory_limit restriction.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:5.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8CDFEF9-C367-4800-8A2F-375C261FAE55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "16E43B88-1563-4EFD-9267-AE3E8C35D67A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "11E5715F-A8BC-49EF-836B-BB78E1BC0790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1874F637-77E2-4C4A-BF92-AEE96A60BFB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9592B32E-55CD-42D0-901E-8319823BC820",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in memory allocation routines in PHP before 5.1.6, when running on a 64-bit system, allows context-dependent attackers to bypass the memory_limit restriction."
},
{
"lang": "es",
"value": "Desbordamiento de enteros en rutinas de asignaci\u00f3n de memoria en PHP anterior a 5.1.6, cuando se ejecuta en sistemas de 64 bits, permite a atacantes dependientes de contexto evitar la restricci\u00f3n memory_limit."
}
],
"id": "CVE-2006-4486",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-08-31T21:04:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2006-0688.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21546"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22004"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22069"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22225"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22331"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22440"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22487"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22538"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25945"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1016984"
},
{
"source": "cve@mitre.org",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-221.htm"
},
{
"source": "cve@mitre.org",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-222.htm"
},
{
"source": "cve@mitre.org",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-223.htm"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2007/dsa-1331"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.hardened-php.net/hphp/changelog.html#hardening_patch_0.4.14"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2006_52_php.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.php.net/ChangeLog-5.php#5.1.6"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.php.net/release_5_1_6.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0669.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0682.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/447866/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/19582"
},
{
"source": "cve@mitre.org",
"url": "http://www.turbolinux.com/security/2006/TLSA-2006-38.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/usn-362-1"
},
{
"source": "cve@mitre.org",
"url": "https://issues.rpath.com/browse/RPL-683"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11086"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2006-0688.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21546"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22004"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22069"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22225"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22331"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22440"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22487"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22538"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25945"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016984"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-221.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-222.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-223.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2007/dsa-1331"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.hardened-php.net/hphp/changelog.html#hardening_patch_0.4.14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2006_52_php.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.php.net/ChangeLog-5.php#5.1.6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.php.net/release_5_1_6.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0669.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0682.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/447866/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/19582"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.turbolinux.com/security/2006/TLSA-2006-38.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-362-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://issues.rpath.com/browse/RPL-683"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11086"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-03-28 00:19
Modified
2025-04-09 00:30
Severity ?
Summary
CRLF injection vulnerability in the mail function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows remote attackers to inject arbitrary e-mail headers and possibly conduct spam attacks via a control character immediately following folding of the (1) Subject or (2) To parameter, as demonstrated by a parameter containing a "\r\n\t\n" sequence, related to an increment bug in the SKIP_LONG_HEADER_SEP macro.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0.0 | |
| php | php | 4.0.1 | |
| php | php | 4.0.1 | |
| php | php | 4.0.1 | |
| php | php | 4.0.2 | |
| php | php | 4.0.3 | |
| php | php | 4.0.3 | |
| php | php | 4.0.4 | |
| php | php | 4.0.4 | |
| php | php | 4.0.5 | |
| php | php | 4.0.6 | |
| php | php | 4.0.7 | |
| php | php | 4.0.7 | |
| php | php | 4.0.7 | |
| php | php | 4.0.7 | |
| php | php | 4.1.0 | |
| php | php | 4.1.1 | |
| php | php | 4.1.2 | |
| php | php | 4.2 | |
| php | php | 4.2.0 | |
| php | php | 4.2.1 | |
| php | php | 4.2.2 | |
| php | php | 4.2.3 | |
| php | php | 4.3.0 | |
| php | php | 4.3.1 | |
| php | php | 4.3.2 | |
| php | php | 4.3.3 | |
| php | php | 4.3.4 | |
| php | php | 4.3.5 | |
| php | php | 4.3.6 | |
| php | php | 4.3.7 | |
| php | php | 4.3.8 | |
| php | php | 4.3.9 | |
| php | php | 4.3.10 | |
| php | php | 4.3.11 | |
| php | php | 4.4.0 | |
| php | php | 4.4.1 | |
| php | php | 4.4.2 | |
| php | php | 4.4.3 | |
| php | php | 4.4.4 | |
| php | php | 4.4.5 | |
| php | php | 4.4.6 | |
| php | php | 5.0 | |
| php | php | 5.0 | |
| php | php | 5.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.1 | |
| php | php | 5.0.2 | |
| php | php | 5.0.3 | |
| php | php | 5.0.4 | |
| php | php | 5.0.5 | |
| php | php | 5.1.0 | |
| php | php | 5.1.1 | |
| php | php | 5.1.2 | |
| php | php | 5.1.3 | |
| php | php | 5.1.4 | |
| php | php | 5.1.5 | |
| php | php | 5.1.6 | |
| php | php | 5.2.0 | |
| php | php | 5.2.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EDBEC461-D553-41B7-8D85-20B6A933C21C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta_4_patch1:*:*:*:*:*:*",
"matchCriteriaId": "AEEF2298-98E8-409F-9205-84817CEF947B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "6AFC00BA-D64D-4407-AC69-FDD9FF013943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "D80F2A8B-B57F-4970-867A-55E8187C1502",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "EF4E0EFE-4FF6-4E8F-8EC5-68B059FC0C42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "49965B80-DC27-4864-BDF0-CBBFF16BFD80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8212495A-0F2A-4787-93F2-F6618F9A777B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "C6F0F8FC-C57A-4AEA-A59F-41140347318A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF57C14-86B6-419A-BAFF-93D01CB1E081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78BAA18C-E5A0-4210-B64B-709BBFF31EEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.1:patch1:*:*:*:*:*:*",
"matchCriteriaId": "419867C6-37BE-43B4-BFE0-6325FEE3807D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.1:patch2:*:*:*:*:*:*",
"matchCriteriaId": "37896E87-95C2-4039-8362-BC03B1C56706",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "13A159B4-B847-47DE-B7F8-89384E6C551B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "57B59616-A309-40B4-94B1-50A7BC00E35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.3:patch1:*:*:*:*:*:*",
"matchCriteriaId": "8667FBC6-04B6-40E5-93B3-6C22BEED4B26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0F39A1B1-416E-4436-8007-733B66904A14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.4:patch1:*:*:*:*:*:*",
"matchCriteriaId": "9B8B3138-3DCC-4682-B9A8-920E1110700D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DD5FC218-3DDB-4981-81C9-6C69F8DA6F4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2E5F96-66D2-4F99-A74D-6A2305EE218E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2D724D09-0D45-4701-93C9-348301217C8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:rc1:*:*:*:*:*:*",
"matchCriteriaId": "FC6A6F47-5C7C-4F82-B23B-9C959C69B27F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:rc2:*:*:*:*:*:*",
"matchCriteriaId": "AE1A4DA6-6181-43A8-B0D8-5A016C3E75FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:rc3:*:*:*:*:*:*",
"matchCriteriaId": "6E36203C-1392-49BB-AE7E-49626963D673",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6713614A-B14E-4A85-BF89-ED780068FC68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FD95F8EB-B428-4B3C-9254-A5DECE03A989",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "069EB7EE-06B9-454F-9007-8DE5DCA33C53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2:*:dev:*:*:*:*:*",
"matchCriteriaId": "BBA861A2-F0CD-4DBB-B43A-4970EB114DA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "18BF5BE6-09EA-45AD-93BF-2BEF1742534E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EC1460DF-1687-4314-BF1A-01290B20302D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "470380B0-3982-48FC-871B-C8B43C81900D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAA7712-10F0-4BB6-BAFB-D0806AFD9DE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "63190D9B-7958-4B93-87C6-E7D5A572F6DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7AB2E2E8-81D6-4973-AC0F-AA644EE99DD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4AAF4586-74FF-47C6-864B-656FDF3F33D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B14EF0C7-61F2-47A4-B7F8-43FF03C62DCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5245F990-B4A7-4ED8-909D-B8137CE79FAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5652D5B0-68E4-4239-B9B7-599AFCF4C53E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "57B71BB7-5239-4860-9100-8CABC3992D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "72BD447A-4EED-482C-8F61-48FAD4FCF8BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B3F9DF9D-15E5-4387-ABE3-A7583331A928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "11579E5C-D7CF-46EE-B015-5F4185C174E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C69CDE21-2FD4-4529-8F02-8709CF5E3D7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "221B9AC4-C63C-4386-B3BD-E4BC102C6124",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "78B7BA75-2A32-4A8E-ADF8-BCB4FC48CB5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2BEA491B-77FD-4760-8F6F-3EBC6BD810D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BB25CFBB-347C-479E-8853-F49DD6CBD7D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4D2937B3-D034-400E-84F5-33833CE3764D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "71AEE8B4-FCF8-483B-8D4C-2E80A02E925E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4C2AF1D9-33B6-4B2C-9269-426B6B720164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "84B70263-37AA-4539-A286-12038A3792C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0F9D7662-A5B6-41D0-B6A1-E5ABC5ABA47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "E3797AB5-9E49-4251-A212-B6E5D9996764",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "D61D9CE9-F7A3-4F52-9D4E-B2473804ECB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7007E77F-60EF-44D8-9676-15B59DF1325F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "E727CECE-E452-489A-A42F-5A069D6AF80E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "149A1FB8-593E-412B-8E1C-3E560301D500",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "5D6E8982-D7AE-4A52-8F7C-A4D59D2A2CA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "8FC144FA-8F84-44C0-B263-B639FEAD20FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "295907B4-C3DE-4021-BE3B-A8826D4379E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "DBC98F82-6E1D-4A89-8ED4-ECD9BD954EB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "B881352D-954E-4FC0-9E42-93D02A3F3089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "17437AED-816A-4CCF-96DE-8C3D0CC8DB2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "74E7AE59-1CB0-4300-BBE0-109F909789EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9222821E-370F-4616-B787-CC22C2F4E7CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9809449F-9A76-4318-B233-B4C2950A6EA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0AA962D4-A4EC-4DC3-B8A9-D10941B92781",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8CDFEF9-C367-4800-8A2F-375C261FAE55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "16E43B88-1563-4EFD-9267-AE3E8C35D67A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "11E5715F-A8BC-49EF-836B-BB78E1BC0790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5FA68843-158E-463E-B68A-1ACF041C4E10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1874F637-77E2-4C4A-BF92-AEE96A60BFB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9592B32E-55CD-42D0-901E-8319823BC820",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A9BF34B5-F74C-4D56-9841-42452D60CB87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD02D837-FD28-4E0F-93F8-25E8D1C84A99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "88358D1E-BE6F-4CE3-A522-83D1FA4739E3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CRLF injection vulnerability in the mail function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows remote attackers to inject arbitrary e-mail headers and possibly conduct spam attacks via a control character immediately following folding of the (1) Subject or (2) To parameter, as demonstrated by a parameter containing a \"\\r\\n\\t\\n\" sequence, related to an increment bug in the SKIP_LONG_HEADER_SEP macro."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n de retorno de carro y salto de l\u00ednea (CRLF) en PHP 4.0.0 hasta 4.4.6 y 5.0.0 hasta 5.2.1 permite a atacantes remotos inyectar cabeceras de correo electr\u00f3nico de su elecci\u00f3n y posiblemente llevar a cabo ataques de spam mediante un car\u00e1cter de control en los par\u00e1metros (1) Subject o (2) To, como ha sido demostrado por un par\u00e1metro que contiene la secuencia \"\\r\\n\\t\\n\", relacionado con un fallo incremental en la macro SKIP_LONG_HEADER_SEP."
}
],
"id": "CVE-2007-1718",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:C/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-03-28T00:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2007-0155.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/24909"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/24924"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/24965"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/25025"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/25056"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/25057"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/25062"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/25445"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200705-19.xml"
},
{
"source": "cve@mitre.org",
"url": "http://us2.php.net/releases/5_2_2.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2007/dsa-1282"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2007/dsa-1283"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:087"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:088"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:089"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:090"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2007_32_php.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.php-security.org/MOPB/MOPB-34-2007.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0153.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0162.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/23145"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1017946"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/usn-455-1"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33516"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2007-0155.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24909"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24924"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24965"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25025"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25056"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25057"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25062"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25445"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200705-19.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://us2.php.net/releases/5_2_2.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2007/dsa-1282"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2007/dsa-1283"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:087"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:088"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:089"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:090"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2007_32_php.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.php-security.org/MOPB/MOPB-34-2007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0153.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0162.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/23145"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1017946"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-455-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33516"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10951"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-05-21 15:55
Modified
2025-04-11 00:51
Severity ?
Summary
Buffer overflow in the com_print_typeinfo function in PHP 5.4.3 and earlier on Windows allows remote attackers to execute arbitrary code via crafted arguments that trigger incorrect handling of COM object VARIANT types, as exploited in the wild in May 2012.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| php | php | 1.0 | |
| php | php | 2.0 | |
| php | php | 2.0b10 | |
| php | php | 3.0 | |
| php | php | 3.0.1 | |
| php | php | 3.0.2 | |
| php | php | 3.0.3 | |
| php | php | 3.0.4 | |
| php | php | 3.0.5 | |
| php | php | 3.0.6 | |
| php | php | 3.0.7 | |
| php | php | 3.0.8 | |
| php | php | 3.0.9 | |
| php | php | 3.0.10 | |
| php | php | 3.0.11 | |
| php | php | 3.0.12 | |
| php | php | 3.0.13 | |
| php | php | 3.0.14 | |
| php | php | 3.0.15 | |
| php | php | 3.0.16 | |
| php | php | 3.0.17 | |
| php | php | 3.0.18 | |
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0.0 | |
| php | php | 4.0.1 | |
| php | php | 4.0.2 | |
| php | php | 4.0.3 | |
| php | php | 4.0.4 | |
| php | php | 4.0.5 | |
| php | php | 4.0.6 | |
| php | php | 4.0.7 | |
| php | php | 4.1.0 | |
| php | php | 4.1.1 | |
| php | php | 4.1.2 | |
| php | php | 4.2.0 | |
| php | php | 4.2.1 | |
| php | php | 4.2.2 | |
| php | php | 4.2.3 | |
| php | php | 4.3.0 | |
| php | php | 4.3.1 | |
| php | php | 4.3.2 | |
| php | php | 4.3.3 | |
| php | php | 4.3.4 | |
| php | php | 4.3.5 | |
| php | php | 4.3.6 | |
| php | php | 4.3.7 | |
| php | php | 4.3.8 | |
| php | php | 4.3.9 | |
| php | php | 4.3.10 | |
| php | php | 4.3.11 | |
| php | php | 4.4.0 | |
| php | php | 4.4.1 | |
| php | php | 4.4.2 | |
| php | php | 4.4.3 | |
| php | php | 4.4.4 | |
| php | php | 4.4.5 | |
| php | php | 4.4.6 | |
| php | php | 4.4.7 | |
| php | php | 4.4.8 | |
| php | php | 4.4.9 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.1 | |
| php | php | 5.0.2 | |
| php | php | 5.0.3 | |
| php | php | 5.0.4 | |
| php | php | 5.0.5 | |
| php | php | 5.1.0 | |
| php | php | 5.1.1 | |
| php | php | 5.1.2 | |
| php | php | 5.1.3 | |
| php | php | 5.1.4 | |
| php | php | 5.1.5 | |
| php | php | 5.1.6 | |
| php | php | 5.2.0 | |
| php | php | 5.2.1 | |
| php | php | 5.2.2 | |
| php | php | 5.2.3 | |
| php | php | 5.2.4 | |
| php | php | 5.2.5 | |
| php | php | 5.2.6 | |
| php | php | 5.2.7 | |
| php | php | 5.2.8 | |
| php | php | 5.2.9 | |
| php | php | 5.2.10 | |
| php | php | 5.2.11 | |
| php | php | 5.2.12 | |
| php | php | 5.2.13 | |
| php | php | 5.2.14 | |
| php | php | 5.2.15 | |
| php | php | 5.2.16 | |
| php | php | 5.2.17 | |
| php | php | 5.3.0 | |
| php | php | 5.3.1 | |
| php | php | 5.3.2 | |
| php | php | 5.3.3 | |
| php | php | 5.3.4 | |
| php | php | 5.3.5 | |
| php | php | 5.3.6 | |
| php | php | 5.3.7 | |
| php | php | 5.3.8 | |
| php | php | 5.3.9 | |
| php | php | 5.4.0 | |
| php | php | 5.4.1 | |
| php | php | 5.4.2 | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D6382DD0-A236-4506-A587-5C12B2C6480C",
"versionEndIncluding": "5.4.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "92647629-083F-4042-8365-4AD2EBC9C1BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FF72E8D5-9F8C-4BD4-9AA4-28E23CB48A47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:2.0b10:*:*:*:*:*:*:*",
"matchCriteriaId": "83BE1120-6370-4470-8586-6581EDF3FD69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "245C601D-0FE7-47E3-8304-6FF45E9567D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "691BB8BB-329A-4640-B758-7590C99B5E42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E2BC4CCE-2774-463E-82EA-36CD442D3A7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C478024C-2FCD-463F-A75E-E04660AA9DF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AC9C32F4-5102-4E9B-9F32-B24B65A5ED2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A5BD99C0-E875-496E-BE5E-A8DCBD414B5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1851ADE5-C70C-46E0-941A-6ADF7DB5C126",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "69DA3BA2-AF53-4C9D-93FA-0317841595B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0CFEE5-2274-4BBC-A24A-3A0D13F607FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "67B59D6A-7EDA-4C34-81D6-C2557C85D164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "AEBA40B6-8FDF-41AA-8166-F491FF7F3118",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E74E2B72-A428-4BB3-B6F8-0AF5E487A807",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "1E2F1D82-8E6A-4FBF-9055-A0F395DC17FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "945FF149-3446-4905-BCA1-C397E3497B58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "8E446DBD-FEFA-4D22-9C9D-51F61C01E414",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "3C8DE728-78E1-4F9F-BC56-CD9B10E61287",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "80E31CC6-9356-4BB7-9F49-320AAF341E1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB8AD3A-9181-459A-9AF2-B3FC6BAF6FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "4B3E7199-8FB7-4930-9C0A-A36A698940B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta_4_patch1:*:*:*:*:*:*",
"matchCriteriaId": "AEEF2298-98E8-409F-9205-84817CEF947B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "6AFC00BA-D64D-4407-AC69-FDD9FF013943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "D80F2A8B-B57F-4970-867A-55E8187C1502",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "EF4E0EFE-4FF6-4E8F-8EC5-68B059FC0C42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "49965B80-DC27-4864-BDF0-CBBFF16BFD80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF57C14-86B6-419A-BAFF-93D01CB1E081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78BAA18C-E5A0-4210-B64B-709BBFF31EEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "13A159B4-B847-47DE-B7F8-89384E6C551B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "57B59616-A309-40B4-94B1-50A7BC00E35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0F39A1B1-416E-4436-8007-733B66904A14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DD5FC218-3DDB-4981-81C9-6C69F8DA6F4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2E5F96-66D2-4F99-A74D-6A2305EE218E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2D724D09-0D45-4701-93C9-348301217C8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6713614A-B14E-4A85-BF89-ED780068FC68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FD95F8EB-B428-4B3C-9254-A5DECE03A989",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "069EB7EE-06B9-454F-9007-8DE5DCA33C53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "18BF5BE6-09EA-45AD-93BF-2BEF1742534E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EC1460DF-1687-4314-BF1A-01290B20302D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "470380B0-3982-48FC-871B-C8B43C81900D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAA7712-10F0-4BB6-BAFB-D0806AFD9DE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "63190D9B-7958-4B93-87C6-E7D5A572F6DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7AB2E2E8-81D6-4973-AC0F-AA644EE99DD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4AAF4586-74FF-47C6-864B-656FDF3F33D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B14EF0C7-61F2-47A4-B7F8-43FF03C62DCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5245F990-B4A7-4ED8-909D-B8137CE79FAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5652D5B0-68E4-4239-B9B7-599AFCF4C53E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "57B71BB7-5239-4860-9100-8CABC3992D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "72BD447A-4EED-482C-8F61-48FAD4FCF8BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B3F9DF9D-15E5-4387-ABE3-A7583331A928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "11579E5C-D7CF-46EE-B015-5F4185C174E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C69CDE21-2FD4-4529-8F02-8709CF5E3D7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "221B9AC4-C63C-4386-B3BD-E4BC102C6124",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "78B7BA75-2A32-4A8E-ADF8-BCB4FC48CB5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2BEA491B-77FD-4760-8F6F-3EBC6BD810D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BB25CFBB-347C-479E-8853-F49DD6CBD7D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4D2937B3-D034-400E-84F5-33833CE3764D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "71AEE8B4-FCF8-483B-8D4C-2E80A02E925E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4C2AF1D9-33B6-4B2C-9269-426B6B720164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "84B70263-37AA-4539-A286-12038A3792C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2E46E4B4-808C-4B47-81D9-EC2B02A5E57B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6FF30D7F-353B-4496-9A89-4EF2BB279E0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "DD97DF34-35AB-4979-96E2-B23DC8556A79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7007E77F-60EF-44D8-9676-15B59DF1325F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "E727CECE-E452-489A-A42F-5A069D6AF80E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "149A1FB8-593E-412B-8E1C-3E560301D500",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "5D6E8982-D7AE-4A52-8F7C-A4D59D2A2CA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "8FC144FA-8F84-44C0-B263-B639FEAD20FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "295907B4-C3DE-4021-BE3B-A8826D4379E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "DBC98F82-6E1D-4A89-8ED4-ECD9BD954EB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "B881352D-954E-4FC0-9E42-93D02A3F3089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "17437AED-816A-4CCF-96DE-8C3D0CC8DB2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "74E7AE59-1CB0-4300-BBE0-109F909789EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9222821E-370F-4616-B787-CC22C2F4E7CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9809449F-9A76-4318-B233-B4C2950A6EA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0AA962D4-A4EC-4DC3-B8A9-D10941B92781",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8CDFEF9-C367-4800-8A2F-375C261FAE55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "16E43B88-1563-4EFD-9267-AE3E8C35D67A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "11E5715F-A8BC-49EF-836B-BB78E1BC0790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5FA68843-158E-463E-B68A-1ACF041C4E10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1874F637-77E2-4C4A-BF92-AEE96A60BFB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9592B32E-55CD-42D0-901E-8319823BC820",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A9BF34B5-F74C-4D56-9841-42452D60CB87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD02D837-FD28-4E0F-93F8-25E8D1C84A99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "88358D1E-BE6F-4CE3-A522-83D1FA4739E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D8B97B03-7DA7-4A5F-89B4-E78CAB20DE17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "86767200-6C9C-4C3E-B111-0E5BE61E197B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B00B416D-FF23-4C76-8751-26D305F0FA0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CCB6CDDD-70D3-4004-BCE0-8C4723076103",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A782CA26-9C38-40A8-92AE-D47B14D2FCE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1C0E7E2A-4770-4B68-B74C-5F5A6E1876DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "0892C89E-9389-4452-B7E0-981A763CD426",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "635F3CB1-B042-43CC-91AB-746098018D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E1F32DDF-17A3-45B5-9227-833EBEBD3923",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "2CDFB7E9-8510-430F-BFBC-FD811D60DC78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "79D5336A-14AA-483E-9CBE-A7B53120B925",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "3AADA875-E0EA-483A-A07E-2914FE969972",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.14:*:*:*:*:*:*:*",
"matchCriteriaId": "95D48A71-B84E-4B6C-9603-B3373052E568",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "CAAB7D55-F155-43F9-A563-F2E35CFFEF26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.16:*:*:*:*:*:*:*",
"matchCriteriaId": "72243A3F-6BFD-472B-9EA4-82BE4253ED27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "E415CC22-09CA-47D2-9F1A-0BCA8960835B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9EF4B938-BB14-4C06-BEE9-10CA755C5DEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "981C922C-7A7D-473E-8C43-03AB62FB5B8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5D0CD11A-09C2-4C60-8F0C-68E55BD6EE63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B0F40E4A-E125-4099-A8B3-D42614AA9312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4933D9DD-A630-4A3D-9D13-9E182F5F6F8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A9E6D530-91FC-42F4-A427-6601238E0187",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9EC938DB-E066-407F-BDF8-61A1C41136F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "ACDF768D-7F5A-4042-B7DD-398F65F3F094",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "2AF35BB6-C6B1-4683-A8BE-AA72CC34F5B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "EC3F1891-032D-409C-904C-A415D2323DFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E7B9B8D2-78B7-4B17-955B-741C7A6F6634",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5CA2A940-BD69-4D35-AF12-432CB929248B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "29BD13F9-86C8-44C4-A860-9A87870A518E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the com_print_typeinfo function in PHP 5.4.3 and earlier on Windows allows remote attackers to execute arbitrary code via crafted arguments that trigger incorrect handling of COM object VARIANT types, as exploited in the wild in May 2012."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en la funci\u00f3n com_print_typeinfo en PHP v5.4.3 y anteriores, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de la aplicaci\u00f3n) o ejecutar c\u00f3digo de su elecci\u00f3n mediante argumentos que provocan una gesti\u00f3n incorrecta de objetos COM de tipo VARIAN, como el explotado en mayo de 2012."
}
],
"id": "CVE-2012-2376",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-05-21T15:55:02.117",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://isc.sans.edu/diary.html?storyid=13255"
},
{
"source": "secalert@redhat.com",
"url": "http://openwall.com/lists/oss-security/2012/05/20/2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/18861/"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1027089"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=823464"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75778"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://isc.sans.edu/diary.html?storyid=13255"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://openwall.com/lists/oss-security/2012/05/20/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/18861/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1027089"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=823464"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75778"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
php.exe in PHP 3.0 through 4.2.2, when running on Apache, does not terminate properly, which allows remote attackers to cause a denial of service via a direct request without arguments.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | 3.0.1 | |
| php | php | 3.0.2 | |
| php | php | 3.0.3 | |
| php | php | 3.0.4 | |
| php | php | 3.0.5 | |
| php | php | 3.0.6 | |
| php | php | 3.0.7 | |
| php | php | 3.0.8 | |
| php | php | 3.0.9 | |
| php | php | 3.0.10 | |
| php | php | 3.0.11 | |
| php | php | 3.0.12 | |
| php | php | 3.0.13 | |
| php | php | 3.0.14 | |
| php | php | 3.0.15 | |
| php | php | 3.0.16 | |
| php | php | 3.0.17 | |
| php | php | 3.0.18 | |
| php | php | 4.0 | |
| php | php | 4.0.1 | |
| php | php | 4.0.1 | |
| php | php | 4.0.1 | |
| php | php | 4.0.2 | |
| php | php | 4.0.3 | |
| php | php | 4.0.3 | |
| php | php | 4.0.4 | |
| php | php | 4.0.5 | |
| php | php | 4.0.6 | |
| php | php | 4.0.7 | |
| php | php | 4.0.7 | |
| php | php | 4.0.7 | |
| php | php | 4.0.7 | |
| php | php | 4.1.0 | |
| php | php | 4.1.1 | |
| php | php | 4.1.2 | |
| php | php | 4.2.0 | |
| php | php | 4.2.1 | |
| php | php | 4.2.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "691BB8BB-329A-4640-B758-7590C99B5E42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E2BC4CCE-2774-463E-82EA-36CD442D3A7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C478024C-2FCD-463F-A75E-E04660AA9DF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AC9C32F4-5102-4E9B-9F32-B24B65A5ED2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A5BD99C0-E875-496E-BE5E-A8DCBD414B5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1851ADE5-C70C-46E0-941A-6ADF7DB5C126",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "69DA3BA2-AF53-4C9D-93FA-0317841595B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0CFEE5-2274-4BBC-A24A-3A0D13F607FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "67B59D6A-7EDA-4C34-81D6-C2557C85D164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "AEBA40B6-8FDF-41AA-8166-F491FF7F3118",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E74E2B72-A428-4BB3-B6F8-0AF5E487A807",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "1E2F1D82-8E6A-4FBF-9055-A0F395DC17FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "945FF149-3446-4905-BCA1-C397E3497B58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "8E446DBD-FEFA-4D22-9C9D-51F61C01E414",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "3C8DE728-78E1-4F9F-BC56-CD9B10E61287",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "80E31CC6-9356-4BB7-9F49-320AAF341E1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "1BB8AD3A-9181-459A-9AF2-B3FC6BAF6FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:3.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "4B3E7199-8FB7-4930-9C0A-A36A698940B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EDBEC461-D553-41B7-8D85-20B6A933C21C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78BAA18C-E5A0-4210-B64B-709BBFF31EEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.1:patch1:*:*:*:*:*:*",
"matchCriteriaId": "419867C6-37BE-43B4-BFE0-6325FEE3807D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.1:patch2:*:*:*:*:*:*",
"matchCriteriaId": "37896E87-95C2-4039-8362-BC03B1C56706",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "13A159B4-B847-47DE-B7F8-89384E6C551B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "57B59616-A309-40B4-94B1-50A7BC00E35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.3:patch1:*:*:*:*:*:*",
"matchCriteriaId": "8667FBC6-04B6-40E5-93B3-6C22BEED4B26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0F39A1B1-416E-4436-8007-733B66904A14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DD5FC218-3DDB-4981-81C9-6C69F8DA6F4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2E5F96-66D2-4F99-A74D-6A2305EE218E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2D724D09-0D45-4701-93C9-348301217C8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:rc1:*:*:*:*:*:*",
"matchCriteriaId": "FC6A6F47-5C7C-4F82-B23B-9C959C69B27F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:rc2:*:*:*:*:*:*",
"matchCriteriaId": "AE1A4DA6-6181-43A8-B0D8-5A016C3E75FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:rc3:*:*:*:*:*:*",
"matchCriteriaId": "6E36203C-1392-49BB-AE7E-49626963D673",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6713614A-B14E-4A85-BF89-ED780068FC68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FD95F8EB-B428-4B3C-9254-A5DECE03A989",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "069EB7EE-06B9-454F-9007-8DE5DCA33C53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "18BF5BE6-09EA-45AD-93BF-2BEF1742534E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EC1460DF-1687-4314-BF1A-01290B20302D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "470380B0-3982-48FC-871B-C8B43C81900D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "php.exe in PHP 3.0 through 4.2.2, when running on Apache, does not terminate properly, which allows remote attackers to cause a denial of service via a direct request without arguments."
}
],
"id": "CVE-2002-2309",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2002-July/000605.html"
},
{
"source": "cve@mitre.org",
"url": "http://online.securityfocus.com/archive/1/283586"
},
{
"source": "cve@mitre.org",
"url": "http://www.iss.net/security_center/static/9646.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/5280"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2002-July/000605.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://online.securityfocus.com/archive/1/283586"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.iss.net/security_center/static/9646.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/5280"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-06-08 20:29
Modified
2025-04-20 01:37
Severity ?
Summary
/ext/phar/phar_object.c in PHP 7.0.7 and 5.6.x allows remote attackers to execute arbitrary code. NOTE: Introduced as part of an incomplete fix to CVE-2015-6833.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00007.html | Third Party Advisory | |
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2016-2750.html | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.securityfocus.com/bid/98999 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=1347772 | Exploit, Issue Tracking, Patch, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00007.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2016-2750.html | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/98999 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1347772 | Exploit, Issue Tracking, Patch, Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.1 | |
| php | php | 5.6.2 | |
| php | php | 5.6.3 | |
| php | php | 5.6.4 | |
| php | php | 5.6.5 | |
| php | php | 5.6.6 | |
| php | php | 5.6.7 | |
| php | php | 5.6.8 | |
| php | php | 5.6.9 | |
| php | php | 5.6.10 | |
| php | php | 5.6.11 | |
| php | php | 5.6.12 | |
| php | php | 5.6.13 | |
| php | php | 5.6.14 | |
| php | php | 5.6.15 | |
| php | php | 5.6.16 | |
| php | php | 5.6.17 | |
| php | php | 5.6.18 | |
| php | php | 5.6.19 | |
| php | php | 5.6.20 | |
| php | php | 5.6.21 | |
| php | php | 5.6.22 | |
| php | php | 7.0.7 | |
| suse | linux_enterprise_module_for_web_scripting | 12 | |
| suse | linux_enterprise_software_development_kit | 12 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "5BF4E8FF-A3EC-43E8-A0C1-FD38AFCB77B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "54ADECFC-3C07-43BC-B296-6C25AC7F1C95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*",
"matchCriteriaId": "FE192054-2FBB-4388-A52A-422E20DEA2D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*",
"matchCriteriaId": "F0195D48-3B42-4AC0-B9C5-436E01C63879",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*",
"matchCriteriaId": "BF0E5D67-ABC1-41A5-94E1-7DD3CDB51D81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "319E0573-B1AD-40B6-B4BC-8BE67ED3EFDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "1A7C00EB-87B7-4EB7-A4AC-8665D8C78467",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "21BFCF10-786A-4D1E-9C37-50A1EC6056F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "95A6D6C8-5F46-4897-A0B0-778631E8CE6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F1F13E2D-A8F7-4B74-8D03-7905C81672C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE18933A-5FE6-41C7-B1B6-DA3E762C3FB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9AE1289F-03A6-4621-B387-5F5ADAC4AE92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "383697F5-D29E-475A-84F3-46B54A928889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "786ED182-5D71-4197-9196-12AB5CF05F85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF90980D-74AD-44AA-A7C5-A0B294CCE4F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "48D6B69C-8F27-4F4C-B953-67A7F9C2FBA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B53DC0C3-EA19-4465-B65A-BC7CDB10D8BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "BEA4DFC1-6C0C-42FB-9F47-E3E1AA9E47E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "D904E21A-4B3B-4D96-850C-0C0315F14E6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.11:*:*:*:*:*:*:*",
"matchCriteriaId": "C7CEF6D7-8966-45E7-BEBB-12055F5898C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.12:*:*:*:*:*:*:*",
"matchCriteriaId": "171C1035-414C-4F3A-90F4-1A8ED26E3346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.13:*:*:*:*:*:*:*",
"matchCriteriaId": "725BBA4E-B3BA-4AFA-A284-E0CDE3EC8FB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.14:*:*:*:*:*:*:*",
"matchCriteriaId": "F7793408-66A2-4DE7-B5AA-E49E8A2EE043",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.15:*:*:*:*:*:*:*",
"matchCriteriaId": "95840EC0-512D-468D-99B0-17E8CFDD6BE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.16:*:*:*:*:*:*:*",
"matchCriteriaId": "E1078D15-8073-4C04-82C2-3C8111E18B6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.17:*:*:*:*:*:*:*",
"matchCriteriaId": "1B2E5E0C-8DD7-4CF8-A7E7-28ED0FD8B0C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.18:*:*:*:*:*:*:*",
"matchCriteriaId": "3E6EE9E4-9D6E-4CCC-B116-6020DA6884BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.19:*:*:*:*:*:*:*",
"matchCriteriaId": "F9A23E37-8B94-440A-8014-389AC5389A19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.20:*:*:*:*:*:*:*",
"matchCriteriaId": "AD5E20AF-724B-4DBD-9AED-920375666B6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.21:*:*:*:*:*:*:*",
"matchCriteriaId": "FD008BBB-10C9-48E2-97B8-6B86B54FD48E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.22:*:*:*:*:*:*:*",
"matchCriteriaId": "90727984-6853-4348-B3CD-4869788117FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3EB58393-0C10-413C-8D95-6BAA8BC19A1B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_module_for_web_scripting:12:*:*:*:*:*:*:*",
"matchCriteriaId": "C6D0C550-7769-4004-B1A8-7FB8215AEFC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp1:*:*:*:*:*:*",
"matchCriteriaId": "5A633996-2FD7-467C-BAA6-529E16BD06D1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "/ext/phar/phar_object.c in PHP 7.0.7 and 5.6.x allows remote attackers to execute arbitrary code. NOTE: Introduced as part of an incomplete fix to CVE-2015-6833."
},
{
"lang": "es",
"value": "/ext/phar/phar_object.c en PHP 7.0.7 y 5.6.x permite a atacantes remotos ejecutar c\u00f3digo arbitrario. NOTA: completa la informaci\u00f3n del CVE-2015-6833."
}
],
"id": "CVE-2016-4473",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-06-08T20:29:00.217",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00007.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/98999"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1347772"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/98999"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1347772"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-11-26 22:15
Modified
2024-11-21 01:27
Severity ?
Summary
SQL injection vulnerability in Zend Framework 1.10.x before 1.10.9 and 1.11.x before 1.11.6 when using non-ASCII-compatible encodings in conjunction PDO_MySql in PHP before 5.3.6.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| zend | zend_framework | * | |
| zend | zend_framework | * | |
| php | php | * | |
| debian | debian_linux | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zend:zend_framework:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E5191A23-BD5C-49FB-B76E-24BF59BE6E19",
"versionEndExcluding": "1.10.9",
"versionStartIncluding": "1.10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zend:zend_framework:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5D309B4-171B-440F-9F85-E9F2F4C9F9AF",
"versionEndExcluding": "1.11.6",
"versionStartIncluding": "1.11.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DAC569B2-A261-4D43-B677-F566568D42E9",
"versionEndExcluding": "5.3.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in Zend Framework 1.10.x before 1.10.9 and 1.11.x before 1.11.6 when using non-ASCII-compatible encodings in conjunction PDO_MySql in PHP before 5.3.6."
},
{
"lang": "es",
"value": "Una vulnerabilidad de inyecci\u00f3n SQL en Zend Framework versiones 1.10.x anteriores a la versi\u00f3n 1.10.9 y versiones 1.11.x anteriores a la versi\u00f3n 1.11.6, cuando son utilizadas codificaciones no compatibles con ASCII junto con PDO_MySql en PHP versiones anteriores a la versi\u00f3n 5.3.6."
}
],
"id": "CVE-2011-1939",
"lastModified": "2024-11-21T01:27:21.067",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-26T22:15:14.133",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201408-01.xml"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/47919"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "https://access.redhat.com/security/cve/cve-2011-1939"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://bugs.php.net/bug.php?id=47802"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-1939"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://framework.zend.com/security/advisory/ZF2011-02"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2011-1939"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201408-01.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/47919"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://access.redhat.com/security/cve/cve-2011-1939"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://bugs.php.net/bug.php?id=47802"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-1939"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://framework.zend.com/security/advisory/ZF2011-02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2011-1939"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-02-18 11:55
Modified
2025-04-11 00:51
Severity ?
Summary
Multiple integer signedness errors in the gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 allow remote attackers to cause a denial of service (application crash) or obtain sensitive information via an imagecrop function call with a negative value for the (1) x or (2) y dimension, a different vulnerability than CVE-2013-7226.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.1 | |
| php | php | 5.5.2 | |
| php | php | 5.5.3 | |
| php | php | 5.5.4 | |
| php | php | 5.5.5 | |
| php | php | 5.5.6 | |
| php | php | 5.5.7 | |
| php | php | 5.5.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9F6D9B19-E64D-4BED-9194-17460CE19E6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "3D25E591-448C-4E3B-8557-6E48F7571796",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "6DA18F3F-B4B5-40C3-BF19-67C1F0C1787D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha3:*:*:*:*:*:*",
"matchCriteriaId": "3AF783C9-26E7-4E02-BD41-77B9783667E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha4:*:*:*:*:*:*",
"matchCriteriaId": "EF49701D-ECE4-4CEB-BDAB-24C09C8AD4B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha5:*:*:*:*:*:*",
"matchCriteriaId": "7AEDF6F7-001D-4A35-A26F-417991AD377F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha6:*:*:*:*:*:*",
"matchCriteriaId": "4031DB99-B4B4-41EC-B3C1-543D92C575A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "D5450EA7-A398-49D2-AA8E-7C95B074BAB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "04FE0E4E-BC94-4DC9-BE9B-DC57B952B2FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "BB8E09D8-9CBE-4279-88B7-24A214A5A537",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "2D41ECCE-887D-49A2-9BB3-B559495AC55B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "79B418BC-27F4-4443-A0F7-FF4ADA568C1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "8EEBDF62-BA1B-4438-9AEA-8B56AA5713E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F644EA6C-50C6-4A1C-A4AC-287AA9477B46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4DD47F30-74F5-48E8-8657-C2373FE2BD22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0C09527B-6B47-41F8-BDE6-01C47E452286",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2E454D87-23CB-4D7F-90FE-942EE54D661F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1031E646-F2CF-4A3E-8E6A-5D4BC950BEDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "130E50C1-D209-4CFF-9399-69D561340FBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F29948-9417-460B-8B04-D91AE4E8B423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A37D00C1-4F41-4400-9CE4-8E8BAA3E4142",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple integer signedness errors in the gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 allow remote attackers to cause a denial of service (application crash) or obtain sensitive information via an imagecrop function call with a negative value for the (1) x or (2) y dimension, a different vulnerability than CVE-2013-7226."
},
{
"lang": "es",
"value": "M\u00faltiples errores de signo de enteros en la funci\u00f3n gdImageCrop en ext/gd/gd.c en PHP 5.5.x anterior a 5.5.9 permiten a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) u obtener informaci\u00f3n sensible a trav\u00e9s de una llamada de la funci\u00f3n imagecrop con un valor negativo para la dimensi\u00f3n (1) x o (2) y, una vulnerabilidad diferente a CVE-2013-7226."
}
],
"id": "CVE-2013-7328",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-02-18T11:55:16.400",
"references": [
{
"source": "cve@mitre.org",
"url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=8f4a5373bb71590352fd934028d6dde5bc18530b"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-2126-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=66356"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1065108"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=8f4a5373bb71590352fd934028d6dde5bc18530b"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2126-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=66356"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1065108"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-08-07 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
php_zip.c in the zip extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and application crash) via crafted serialized data containing a ZipArchive object.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.1 | |
| php | php | 5.6.2 | |
| php | php | 5.6.3 | |
| php | php | 5.6.4 | |
| php | php | 5.6.5 | |
| php | php | 5.6.6 | |
| php | php | 5.6.7 | |
| php | php | 5.6.8 | |
| php | php | 5.6.9 | |
| php | php | 5.6.10 | |
| php | php | 5.6.11 | |
| php | php | 5.6.12 | |
| php | php | 5.6.13 | |
| php | php | 5.6.14 | |
| php | php | 5.6.15 | |
| php | php | 5.6.16 | |
| php | php | 5.6.17 | |
| php | php | 5.6.18 | |
| php | php | 5.6.19 | |
| php | php | 5.6.20 | |
| php | php | 5.6.21 | |
| php | php | 5.6.22 | |
| php | php | 5.6.23 | |
| php | php | 7.0.0 | |
| php | php | 7.0.1 | |
| php | php | 7.0.2 | |
| php | php | 7.0.3 | |
| php | php | 7.0.4 | |
| php | php | 7.0.5 | |
| php | php | 7.0.6 | |
| php | php | 7.0.7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "44C85C39-7022-488D-8473-DB55CF456D7E",
"versionEndIncluding": "5.5.36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "5BF4E8FF-A3EC-43E8-A0C1-FD38AFCB77B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "54ADECFC-3C07-43BC-B296-6C25AC7F1C95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*",
"matchCriteriaId": "FE192054-2FBB-4388-A52A-422E20DEA2D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*",
"matchCriteriaId": "F0195D48-3B42-4AC0-B9C5-436E01C63879",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*",
"matchCriteriaId": "BF0E5D67-ABC1-41A5-94E1-7DD3CDB51D81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "319E0573-B1AD-40B6-B4BC-8BE67ED3EFDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "1A7C00EB-87B7-4EB7-A4AC-8665D8C78467",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "21BFCF10-786A-4D1E-9C37-50A1EC6056F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "95A6D6C8-5F46-4897-A0B0-778631E8CE6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F1F13E2D-A8F7-4B74-8D03-7905C81672C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE18933A-5FE6-41C7-B1B6-DA3E762C3FB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9AE1289F-03A6-4621-B387-5F5ADAC4AE92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "383697F5-D29E-475A-84F3-46B54A928889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "786ED182-5D71-4197-9196-12AB5CF05F85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF90980D-74AD-44AA-A7C5-A0B294CCE4F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "48D6B69C-8F27-4F4C-B953-67A7F9C2FBA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B53DC0C3-EA19-4465-B65A-BC7CDB10D8BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "BEA4DFC1-6C0C-42FB-9F47-E3E1AA9E47E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "D904E21A-4B3B-4D96-850C-0C0315F14E6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.11:*:*:*:*:*:*:*",
"matchCriteriaId": "C7CEF6D7-8966-45E7-BEBB-12055F5898C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.12:*:*:*:*:*:*:*",
"matchCriteriaId": "171C1035-414C-4F3A-90F4-1A8ED26E3346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.13:*:*:*:*:*:*:*",
"matchCriteriaId": "725BBA4E-B3BA-4AFA-A284-E0CDE3EC8FB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.14:*:*:*:*:*:*:*",
"matchCriteriaId": "F7793408-66A2-4DE7-B5AA-E49E8A2EE043",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.15:*:*:*:*:*:*:*",
"matchCriteriaId": "95840EC0-512D-468D-99B0-17E8CFDD6BE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.16:*:*:*:*:*:*:*",
"matchCriteriaId": "E1078D15-8073-4C04-82C2-3C8111E18B6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.17:*:*:*:*:*:*:*",
"matchCriteriaId": "1B2E5E0C-8DD7-4CF8-A7E7-28ED0FD8B0C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.18:*:*:*:*:*:*:*",
"matchCriteriaId": "3E6EE9E4-9D6E-4CCC-B116-6020DA6884BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.19:*:*:*:*:*:*:*",
"matchCriteriaId": "F9A23E37-8B94-440A-8014-389AC5389A19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.20:*:*:*:*:*:*:*",
"matchCriteriaId": "AD5E20AF-724B-4DBD-9AED-920375666B6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.21:*:*:*:*:*:*:*",
"matchCriteriaId": "FD008BBB-10C9-48E2-97B8-6B86B54FD48E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.22:*:*:*:*:*:*:*",
"matchCriteriaId": "90727984-6853-4348-B3CD-4869788117FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.23:*:*:*:*:*:*:*",
"matchCriteriaId": "08AA5F56-9D59-436E-BEB8-68A8A73B6D32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6890AF-8A0A-46EE-AAD5-CF9AAE14A321",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6B90B947-7B54-47F3-9637-2F4AC44079EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "35848414-BD5D-4164-84DC-61ABBB1C4152",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2B1F8402-8551-4F66-A9A7-81D472AB058E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7A773E8E-48CD-4D35-A0FD-629BD9334486",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FC492340-79AF-4676-A161-079A97EC6F0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F1C2D8FE-C380-4B43-B634-A3DBA4700A71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3EB58393-0C10-413C-8D95-6BAA8BC19A1B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "php_zip.c in the zip extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and application crash) via crafted serialized data containing a ZipArchive object."
},
{
"lang": "es",
"value": "php_zip.c en la extension zip en PHP en versiones anteriores a 5.5.37, 5.6.x en versiones anteriores a 5.6.23 y 7.x en versiones anteriores 7.0.8 interact\u00faa incorrectamente con la implementaci\u00f3n no serializada y la recolecci\u00f3n de basura, lo que permite a atacantes remotos ejecutar un c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (uso despu\u00e9s de liberaci\u00f3n y ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de datos serializados manipulados que contienen un objeto ZipArchive."
}
],
"id": "CVE-2016-5773",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-08-07T10:59:21.650",
"references": [
{
"source": "cve@mitre.org",
"url": "http://github.com/php/php-src/commit/f6aef68089221c5ea047d4a74224ee3deead99a6?w=1"
},
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00004.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Release Notes"
],
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Release Notes"
],
"url": "http://php.net/ChangeLog-7.php"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2016/dsa-3618"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes"
],
"url": "http://www.openwall.com/lists/oss-security/2016/06/23/4"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/91397"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=72434"
},
{
"source": "cve@mitre.org",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731"
},
{
"source": "cve@mitre.org",
"url": "https://support.apple.com/HT207170"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://github.com/php/php-src/commit/f6aef68089221c5ea047d4a74224ee3deead99a6?w=1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Release Notes"
],
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Release Notes"
],
"url": "http://php.net/ChangeLog-7.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3618"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "http://www.openwall.com/lists/oss-security/2016/06/23/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/91397"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=72434"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.apple.com/HT207170"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-03-10 22:19
Modified
2025-04-09 00:30
Severity ?
Summary
The import_request_variables function in PHP 4.0.7 through 4.4.6, and 5.x before 5.2.2, when called without a prefix, does not prevent the (1) GET, (2) POST, (3) COOKIE, (4) FILES, (5) SERVER, (6) SESSION, and other superglobals from being overwritten, which allows remote attackers to spoof source IP address and Referer data, and have other unspecified impact. NOTE: it could be argued that this is a design limitation of PHP and that only the misuse of this feature, i.e. implementation bugs in applications, should be included in CVE. However, it has been fixed by the vendor.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | 4.0.7 | |
| php | php | 4.1.0 | |
| php | php | 4.1.1 | |
| php | php | 4.1.2 | |
| php | php | 4.2.0 | |
| php | php | 4.2.1 | |
| php | php | 4.2.2 | |
| php | php | 4.2.3 | |
| php | php | 4.3.0 | |
| php | php | 4.3.1 | |
| php | php | 4.3.2 | |
| php | php | 4.3.3 | |
| php | php | 4.3.4 | |
| php | php | 4.3.5 | |
| php | php | 4.3.6 | |
| php | php | 4.3.7 | |
| php | php | 4.3.8 | |
| php | php | 4.3.9 | |
| php | php | 4.3.10 | |
| php | php | 4.3.11 | |
| php | php | 4.4.0 | |
| php | php | 4.4.1 | |
| php | php | 4.4.2 | |
| php | php | 4.4.3 | |
| php | php | 4.4.4 | |
| php | php | 4.4.5 | |
| php | php | 4.4.6 | |
| php | php | 5.0.0 | |
| php | php | 5.0.1 | |
| php | php | 5.0.2 | |
| php | php | 5.0.3 | |
| php | php | 5.0.4 | |
| php | php | 5.0.5 | |
| php | php | 5.1.0 | |
| php | php | 5.1.1 | |
| php | php | 5.1.2 | |
| php | php | 5.1.3 | |
| php | php | 5.1.4 | |
| php | php | 5.1.5 | |
| php | php | 5.1.6 | |
| php | php | 5.2.0 | |
| php | php | 5.2.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2D724D09-0D45-4701-93C9-348301217C8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6713614A-B14E-4A85-BF89-ED780068FC68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FD95F8EB-B428-4B3C-9254-A5DECE03A989",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "069EB7EE-06B9-454F-9007-8DE5DCA33C53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "18BF5BE6-09EA-45AD-93BF-2BEF1742534E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EC1460DF-1687-4314-BF1A-01290B20302D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "470380B0-3982-48FC-871B-C8B43C81900D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAA7712-10F0-4BB6-BAFB-D0806AFD9DE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "63190D9B-7958-4B93-87C6-E7D5A572F6DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7AB2E2E8-81D6-4973-AC0F-AA644EE99DD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4AAF4586-74FF-47C6-864B-656FDF3F33D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B14EF0C7-61F2-47A4-B7F8-43FF03C62DCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5245F990-B4A7-4ED8-909D-B8137CE79FAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5652D5B0-68E4-4239-B9B7-599AFCF4C53E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "57B71BB7-5239-4860-9100-8CABC3992D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "72BD447A-4EED-482C-8F61-48FAD4FCF8BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B3F9DF9D-15E5-4387-ABE3-A7583331A928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "11579E5C-D7CF-46EE-B015-5F4185C174E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C69CDE21-2FD4-4529-8F02-8709CF5E3D7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "221B9AC4-C63C-4386-B3BD-E4BC102C6124",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "78B7BA75-2A32-4A8E-ADF8-BCB4FC48CB5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2BEA491B-77FD-4760-8F6F-3EBC6BD810D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BB25CFBB-347C-479E-8853-F49DD6CBD7D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4D2937B3-D034-400E-84F5-33833CE3764D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "71AEE8B4-FCF8-483B-8D4C-2E80A02E925E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4C2AF1D9-33B6-4B2C-9269-426B6B720164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "84B70263-37AA-4539-A286-12038A3792C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7007E77F-60EF-44D8-9676-15B59DF1325F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "17437AED-816A-4CCF-96DE-8C3D0CC8DB2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "74E7AE59-1CB0-4300-BBE0-109F909789EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9222821E-370F-4616-B787-CC22C2F4E7CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9809449F-9A76-4318-B233-B4C2950A6EA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0AA962D4-A4EC-4DC3-B8A9-D10941B92781",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8CDFEF9-C367-4800-8A2F-375C261FAE55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "16E43B88-1563-4EFD-9267-AE3E8C35D67A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "11E5715F-A8BC-49EF-836B-BB78E1BC0790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5FA68843-158E-463E-B68A-1ACF041C4E10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1874F637-77E2-4C4A-BF92-AEE96A60BFB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9592B32E-55CD-42D0-901E-8319823BC820",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A9BF34B5-F74C-4D56-9841-42452D60CB87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD02D837-FD28-4E0F-93F8-25E8D1C84A99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "88358D1E-BE6F-4CE3-A522-83D1FA4739E3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The import_request_variables function in PHP 4.0.7 through 4.4.6, and 5.x before 5.2.2, when called without a prefix, does not prevent the (1) GET, (2) POST, (3) COOKIE, (4) FILES, (5) SERVER, (6) SESSION, and other superglobals from being overwritten, which allows remote attackers to spoof source IP address and Referer data, and have other unspecified impact. NOTE: it could be argued that this is a design limitation of PHP and that only the misuse of this feature, i.e. implementation bugs in applications, should be included in CVE. However, it has been fixed by the vendor."
},
{
"lang": "es",
"value": "La funci\u00f3n import_request_variables en PHP versi\u00f3n 4.0.7 hasta 4.4.6 y versi\u00f3n 5.x anterior a 5.2.2, cuando se llama sin prefijo, no impide que (1) GET, (2) POST, (3) COOKIE, (4) FILES, (5) SERVER, (6) SESSION y otras super globales se sobrescriban, lo que permite a atacantes remotos suplantar la direcci\u00f3n IP de origen y el datos Referer, y tienen otro impacto no especificado. NOTA: se podr\u00eda argumentar que se trata de una limitaci\u00f3n de dise\u00f1o de PHP y que s\u00f3lo el uso inapropiado de esta caracter\u00edstica, es decir, errores de implementaci\u00f3n en aplicaciones, debe incluirse en el CVE. Sin embargo, ha sido corregido por el proveedor."
}
],
"id": "CVE-2007-1396",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-03-10T22:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2007-07/msg00006.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/26048"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/2406"
},
{
"source": "cve@mitre.org",
"url": "http://us2.php.net/releases/4_4_7.php"
},
{
"source": "cve@mitre.org",
"url": "http://us2.php.net/releases/5_2_2.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/462263/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/462457/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/462658/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/462800/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/22886"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2007-07/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26048"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/2406"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://us2.php.net/releases/4_4_7.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://us2.php.net/releases/5_2_2.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/462263/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/462457/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/462658/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/462800/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/22886"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Red Hat does not consider this to be a security vulnerability. Using import_request_variables() is generally a discouraged practice and it is improper use that can lead to security problems, not flaw of PHP itself.\n",
"lastModified": "2007-03-19T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-11-29 11:03
Modified
2025-04-03 01:03
Severity ?
Summary
CRLF injection vulnerability in the mb_send_mail function in PHP before 5.1.0 might allow remote attackers to inject arbitrary e-mail headers via line feeds (LF) in the "To" address argument.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | 4.0.6 | |
| php | php | 4.0.7 | |
| php | php | 4.0.7 | |
| php | php | 4.0.7 | |
| php | php | 4.0.7 | |
| php | php | 4.1.0 | |
| php | php | 4.1.1 | |
| php | php | 4.1.2 | |
| php | php | 4.2 | |
| php | php | 4.2.0 | |
| php | php | 4.2.1 | |
| php | php | 4.2.2 | |
| php | php | 4.2.3 | |
| php | php | 4.3.0 | |
| php | php | 4.3.1 | |
| php | php | 4.3.2 | |
| php | php | 4.3.3 | |
| php | php | 4.3.4 | |
| php | php | 4.3.5 | |
| php | php | 4.3.6 | |
| php | php | 4.3.7 | |
| php | php | 4.3.8 | |
| php | php | 4.3.9 | |
| php | php | 4.3.10 | |
| php | php | 4.3.11 | |
| php | php | 4.4.0 | |
| php | php | 4.4.1 | |
| php | php | 5.0 | |
| php | php | 5.0 | |
| php | php | 5.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.1 | |
| php | php | 5.0.2 | |
| php | php | 5.0.3 | |
| php | php | 5.0.4 | |
| php | php | 5.0.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2E5F96-66D2-4F99-A74D-6A2305EE218E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2D724D09-0D45-4701-93C9-348301217C8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:rc1:*:*:*:*:*:*",
"matchCriteriaId": "FC6A6F47-5C7C-4F82-B23B-9C959C69B27F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:rc2:*:*:*:*:*:*",
"matchCriteriaId": "AE1A4DA6-6181-43A8-B0D8-5A016C3E75FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:rc3:*:*:*:*:*:*",
"matchCriteriaId": "6E36203C-1392-49BB-AE7E-49626963D673",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6713614A-B14E-4A85-BF89-ED780068FC68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FD95F8EB-B428-4B3C-9254-A5DECE03A989",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "069EB7EE-06B9-454F-9007-8DE5DCA33C53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2:*:dev:*:*:*:*:*",
"matchCriteriaId": "BBA861A2-F0CD-4DBB-B43A-4970EB114DA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "18BF5BE6-09EA-45AD-93BF-2BEF1742534E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EC1460DF-1687-4314-BF1A-01290B20302D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "470380B0-3982-48FC-871B-C8B43C81900D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAA7712-10F0-4BB6-BAFB-D0806AFD9DE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "63190D9B-7958-4B93-87C6-E7D5A572F6DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7AB2E2E8-81D6-4973-AC0F-AA644EE99DD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4AAF4586-74FF-47C6-864B-656FDF3F33D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B14EF0C7-61F2-47A4-B7F8-43FF03C62DCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5245F990-B4A7-4ED8-909D-B8137CE79FAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5652D5B0-68E4-4239-B9B7-599AFCF4C53E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "57B71BB7-5239-4860-9100-8CABC3992D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "72BD447A-4EED-482C-8F61-48FAD4FCF8BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B3F9DF9D-15E5-4387-ABE3-A7583331A928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "11579E5C-D7CF-46EE-B015-5F4185C174E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C69CDE21-2FD4-4529-8F02-8709CF5E3D7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "221B9AC4-C63C-4386-B3BD-E4BC102C6124",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "78B7BA75-2A32-4A8E-ADF8-BCB4FC48CB5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2BEA491B-77FD-4760-8F6F-3EBC6BD810D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0F9D7662-A5B6-41D0-B6A1-E5ABC5ABA47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "E3797AB5-9E49-4251-A212-B6E5D9996764",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "D61D9CE9-F7A3-4F52-9D4E-B2473804ECB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7007E77F-60EF-44D8-9676-15B59DF1325F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "17437AED-816A-4CCF-96DE-8C3D0CC8DB2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "74E7AE59-1CB0-4300-BBE0-109F909789EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9222821E-370F-4616-B787-CC22C2F4E7CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9809449F-9A76-4318-B233-B4C2950A6EA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0AA962D4-A4EC-4DC3-B8A9-D10941B92781",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CRLF injection vulnerability in the mb_send_mail function in PHP before 5.1.0 might allow remote attackers to inject arbitrary e-mail headers via line feeds (LF) in the \"To\" address argument."
}
],
"id": "CVE-2005-3883",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-11-29T11:03:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060501-01-U.asc"
},
{
"source": "cve@mitre.org",
"url": "http://bugs.php.net/bug.php?id=35307"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2006-0276.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17763"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/18054"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/18198"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/19832"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/20210"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/20951"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1015296"
},
{
"source": "cve@mitre.org",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-129.htm"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:238"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.php.net/release_5_1_0.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/419504/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/15571"
},
{
"source": "cve@mitre.org",
"url": "http://www.turbolinux.com/security/2006/TLSA-2006-38.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/2685"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23270"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10332"
},
{
"source": "cve@mitre.org",
"url": "https://www.ubuntu.com/usn/usn-232-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060501-01-U.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.php.net/bug.php?id=35307"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2006-0276.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17763"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18054"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18198"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/19832"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/20210"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/20951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1015296"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-129.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:238"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.php.net/release_5_1_0.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/419504/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/15571"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.turbolinux.com/security/2006/TLSA-2006-38.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/2685"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23270"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10332"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.ubuntu.com/usn/usn-232-1/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-27 08:15
Modified
2024-11-21 05:48
Severity ?
8.2 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
In PHP versions 7.4.x below 7.4.28, 8.0.x below 8.0.16, and 8.1.x below 8.1.3, when using filter functions with FILTER_VALIDATE_FLOAT filter and min/max limits, if the filter fails, there is a possibility to trigger use of allocated memory after free, which can result it crashes, and potentially in overwrite of other memory chunks and RCE. This issue affects: code that uses FILTER_VALIDATE_FLOAT with min/max limits.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@php.net | https://bugs.php.net/bug.php?id=81708 | Exploit, Issue Tracking, Patch, Vendor Advisory | |
| security@php.net | https://security.gentoo.org/glsa/202209-20 | Third Party Advisory | |
| security@php.net | https://security.netapp.com/advisory/ntap-20220325-0004/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.php.net/bug.php?id=81708 | Exploit, Issue Tracking, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202209-20 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20220325-0004/ | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07B88F14-3867-49F4-8BE6-64E1D98927AB",
"versionEndExcluding": "7.4.28",
"versionStartIncluding": "7.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC80C1D0-09AC-43B1-A653-7ECFB37DC42E",
"versionEndExcluding": "8.0.16",
"versionStartIncluding": "8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B7E795BC-F012-4904-B445-D76E358EC66D",
"versionEndExcluding": "8.1.3",
"versionStartIncluding": "8.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In PHP versions 7.4.x below 7.4.28, 8.0.x below 8.0.16, and 8.1.x below 8.1.3, when using filter functions with FILTER_VALIDATE_FLOAT filter and min/max limits, if the filter fails, there is a possibility to trigger use of allocated memory after free, which can result it crashes, and potentially in overwrite of other memory chunks and RCE. This issue affects: code that uses FILTER_VALIDATE_FLOAT with min/max limits."
},
{
"lang": "es",
"value": "En PHP versiones 7.4.x anteriores a 7.4.28, versiones 8.0.x anteriores a 8.0.16 y versiones 8.1.x anteriores a 8.1.3, cuando son usados funciones de filtrado con el filtro FILTER_VALIDATE_FLOAT y los l\u00edmites m\u00ednimo/m\u00e1ximo, si el filtro falla, se presenta la posibilidad de que sea activado el uso de la memoria asignada despu\u00e9s de liberarla, lo que puede resultar en un bloqueo, y potencialmente la sobreescritura de otros trozos de memoria y RCE. Este problema afecta a: el c\u00f3digo que usa FILTER_VALIDATE_FLOAT con l\u00edmites m\u00edn/m\u00e1x."
}
],
"id": "CVE-2021-21708",
"lastModified": "2024-11-21T05:48:52.737",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.2,
"source": "security@php.net",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-27T08:15:06.817",
"references": [
{
"source": "security@php.net",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=81708"
},
{
"source": "security@php.net",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202209-20"
},
{
"source": "security@php.net",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20220325-0004/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=81708"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202209-20"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20220325-0004/"
}
],
"sourceIdentifier": "security@php.net",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "security@php.net",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-03-25 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
PHP 4.0 through 4.1.1 stores session IDs in temporary files whose name contains the session ID, which allows local users to hijack web connections.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0F39A1B1-416E-4436-8007-733B66904A14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DD5FC218-3DDB-4981-81C9-6C69F8DA6F4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2E5F96-66D2-4F99-A74D-6A2305EE218E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6713614A-B14E-4A85-BF89-ED780068FC68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "069EB7EE-06B9-454F-9007-8DE5DCA33C53",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PHP 4.0 through 4.1.1 stores session IDs in temporary files whose name contains the session ID, which allows local users to hijack web connections."
},
{
"lang": "es",
"value": "PHP 4.0 a 4.1.1 almacena IDs en archivos temporales cuyo nombre contiene la sesi\u00f3n ID, que permite a usuarios locales secuestrar conexiones de web."
}
],
"id": "CVE-2002-0121",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-03-25T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://online.securityfocus.com/archive/1/250196"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/7908.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/3873"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://online.securityfocus.com/archive/1/250196"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/7908.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/3873"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-06-09 18:59
Modified
2025-04-12 10:46
Severity ?
Summary
The phar_parse_tarfile function in ext/phar/tar.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 does not verify that the first character of a filename is different from the \0 character, which allows remote attackers to cause a denial of service (integer underflow and memory corruption) via a crafted entry in a tar archive.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84489B-B08C-4854-8A12-D01B6E45CF79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8CD4EF-DC90-40BB-A721-6EC087507906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7883E465-932D-4C11-AA54-97E44181F906",
"versionEndIncluding": "10.10.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3D712E27-BB9C-4626-BFD2-12E50F9C2FD4",
"versionEndIncluding": "5.4.40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.39:*:*:*:*:*:*:*",
"matchCriteriaId": "14D652D3-59BB-4BCA-95E4-87A8102154CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9F6D9B19-E64D-4BED-9194-17460CE19E6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "3D25E591-448C-4E3B-8557-6E48F7571796",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "6DA18F3F-B4B5-40C3-BF19-67C1F0C1787D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha3:*:*:*:*:*:*",
"matchCriteriaId": "3AF783C9-26E7-4E02-BD41-77B9783667E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha4:*:*:*:*:*:*",
"matchCriteriaId": "EF49701D-ECE4-4CEB-BDAB-24C09C8AD4B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha5:*:*:*:*:*:*",
"matchCriteriaId": "7AEDF6F7-001D-4A35-A26F-417991AD377F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha6:*:*:*:*:*:*",
"matchCriteriaId": "4031DB99-B4B4-41EC-B3C1-543D92C575A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "D5450EA7-A398-49D2-AA8E-7C95B074BAB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "04FE0E4E-BC94-4DC9-BE9B-DC57B952B2FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "BB8E09D8-9CBE-4279-88B7-24A214A5A537",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "2D41ECCE-887D-49A2-9BB3-B559495AC55B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "79B418BC-27F4-4443-A0F7-FF4ADA568C1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "8EEBDF62-BA1B-4438-9AEA-8B56AA5713E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F644EA6C-50C6-4A1C-A4AC-287AA9477B46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4DD47F30-74F5-48E8-8657-C2373FE2BD22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0C09527B-6B47-41F8-BDE6-01C47E452286",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2E454D87-23CB-4D7F-90FE-942EE54D661F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1031E646-F2CF-4A3E-8E6A-5D4BC950BEDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "130E50C1-D209-4CFF-9399-69D561340FBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F29948-9417-460B-8B04-D91AE4E8B423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A37D00C1-4F41-4400-9CE4-8E8BAA3E4142",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "093D08B7-CC3C-4616-8697-F15B253A7D9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E9CD8FEE-DE7B-47CB-9985-4092BFA071D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "A30B2D9E-F289-43C9-BFBC-1CEF284A417E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*",
"matchCriteriaId": "FE41CFDF-8ECD-41C1-94A7-5AFD42C5DDEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*",
"matchCriteriaId": "6AEAC9BA-AF82-4345-839C-D339DCB962A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:*",
"matchCriteriaId": "1EFE682F-52E3-48EC-A993-F522FC29712F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.18:*:*:*:*:*:*:*",
"matchCriteriaId": "AC63A449-5D92-4F5F-8186-B58FFFBA54FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.19:*:*:*:*:*:*:*",
"matchCriteriaId": "F18236F6-2065-4A6A-93E7-FD90E650C689",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.20:*:*:*:*:*:*:*",
"matchCriteriaId": "DEFBA84A-A4E4-438B-B9B5-8549809DCECC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.21:*:*:*:*:*:*:*",
"matchCriteriaId": "146D3DC9-50F4-430B-B321-68ECE78879A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.22:*:*:*:*:*:*:*",
"matchCriteriaId": "1D5A7CA6-7653-46C5-8DF7-95584BF7A879",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.23:*:*:*:*:*:*:*",
"matchCriteriaId": "C5BA8300-2F4D-4C1E-8CCE-F45E8F3547A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.24:*:*:*:*:*:*:*",
"matchCriteriaId": "59A42F02-F363-4C13-BE83-19F757B84455",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "5BF4E8FF-A3EC-43E8-A0C1-FD38AFCB77B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "54ADECFC-3C07-43BC-B296-6C25AC7F1C95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*",
"matchCriteriaId": "FE192054-2FBB-4388-A52A-422E20DEA2D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*",
"matchCriteriaId": "F0195D48-3B42-4AC0-B9C5-436E01C63879",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*",
"matchCriteriaId": "BF0E5D67-ABC1-41A5-94E1-7DD3CDB51D81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "319E0573-B1AD-40B6-B4BC-8BE67ED3EFDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "1A7C00EB-87B7-4EB7-A4AC-8665D8C78467",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "21BFCF10-786A-4D1E-9C37-50A1EC6056F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "95A6D6C8-5F46-4897-A0B0-778631E8CE6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE18933A-5FE6-41C7-B1B6-DA3E762C3FB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9AE1289F-03A6-4621-B387-5F5ADAC4AE92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "383697F5-D29E-475A-84F3-46B54A928889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "786ED182-5D71-4197-9196-12AB5CF05F85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF90980D-74AD-44AA-A7C5-A0B294CCE4F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "48D6B69C-8F27-4F4C-B953-67A7F9C2FBA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B53DC0C3-EA19-4465-B65A-BC7CDB10D8BF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The phar_parse_tarfile function in ext/phar/tar.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 does not verify that the first character of a filename is different from the \\0 character, which allows remote attackers to cause a denial of service (integer underflow and memory corruption) via a crafted entry in a tar archive."
},
{
"lang": "es",
"value": "La funci\u00f3n phar_parse_tarfile en ext/phar/tar.c en PHP anterior a 5.4.41, 5.5.x anterior a 5.5.25, y 5.6.x anterior a 5.6.9 no verifica que el primer caracter de un nombre de fichero es diferente al caracter \\0, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (desbordamientos de enteros y corrupci\u00f3n de memoria) a trav\u00e9s de una entrada manipulada en un archivo tar."
}
],
"id": "CVE-2015-4021",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-06-09T18:59:04.567",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158616.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158915.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159031.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00002.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1135.html"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1186.html"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1187.html"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1218.html"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1219.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2015/dsa-3280"
},
{
"source": "cve@mitre.org",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/74700"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1032433"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "https://bugs.php.net/bug.php?id=69453"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201606-10"
},
{
"source": "cve@mitre.org",
"url": "https://support.apple.com/kb/HT205031"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158616.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158915.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159031.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1135.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1186.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1187.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1218.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1219.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3280"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/74700"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032433"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://bugs.php.net/bug.php?id=69453"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201606-10"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.apple.com/kb/HT205031"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-06-20 21:30
Modified
2025-04-09 00:30
Severity ?
Summary
Multiple buffer overflows in libtidy, as used in the Tidy extension for PHP 5.2.3 and possibly other products, allow context-dependent attackers to execute arbitrary code via (1) a long second argument to the tidy_parse_string function or (2) an unspecified vector to the tidy_repair_string function. NOTE: this might only be an issue in environments where vsnprintf is implemented as a wrapper for vsprintf.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "86767200-6C9C-4C3E-B111-0E5BE61E197B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in libtidy, as used in the Tidy extension for PHP 5.2.3 and possibly other products, allow context-dependent attackers to execute arbitrary code via (1) a long second argument to the tidy_parse_string function or (2) an unspecified vector to the tidy_repair_string function. NOTE: this might only be an issue in environments where vsnprintf is implemented as a wrapper for vsprintf."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer en libtidy, como es usado en la extensi\u00f3n Tidy para PHP versi\u00f3n 5.2.3 y posiblemente otros productos, permiten a atacantes dependiendo del contexto ejecutar c\u00f3digo arbitrario por medio de (1) un segundo argumento largo en la funci\u00f3n tidy_parse_string o (2) un vector no especificado en la funci\u00f3n tidy_repair_string. NOTA: esto solo puede ser un problema en entornos donde vsnprintf se implementa como un contenedor para vsprintf."
}
],
"id": "CVE-2007-3294",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-06-20T21:30:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/36853"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25735"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34931"
},
{
"source": "cve@mitre.org",
"url": "https://www.exploit-db.com/exploits/4080"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/36853"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25735"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34931"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/4080"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Not vulnerable. PHP is not complied with the tidy library as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5, or Red Hat Application Stack v1 or v2.",
"lastModified": "2007-09-28T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-02 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
The GIF decoding function gdImageCreateFromGifCtx in gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.31 and 7.x before 7.1.7, does not zero colorMap arrays before use. A specially crafted GIF image could use the uninitialized tables to read ~700 bytes from the top of the stack, potentially disclosing sensitive information.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| php | php | 7.0.0 | |
| php | php | 7.0.1 | |
| php | php | 7.0.2 | |
| php | php | 7.0.3 | |
| php | php | 7.0.4 | |
| php | php | 7.0.5 | |
| php | php | 7.0.6 | |
| php | php | 7.0.7 | |
| php | php | 7.0.8 | |
| php | php | 7.0.9 | |
| php | php | 7.0.10 | |
| php | php | 7.0.11 | |
| php | php | 7.0.12 | |
| php | php | 7.0.13 | |
| php | php | 7.0.14 | |
| php | php | 7.0.15 | |
| php | php | 7.0.16 | |
| php | php | 7.0.17 | |
| php | php | 7.0.18 | |
| php | php | 7.0.19 | |
| php | php | 7.0.20 | |
| php | php | 7.1.0 | |
| php | php | 7.1.1 | |
| php | php | 7.1.2 | |
| php | php | 7.1.3 | |
| php | php | 7.1.4 | |
| php | php | 7.1.5 | |
| php | php | 7.1.6 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "399EA21A-9B46-4F4F-9A33-4DC557B11743",
"versionEndIncluding": "5.6.30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6890AF-8A0A-46EE-AAD5-CF9AAE14A321",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6B90B947-7B54-47F3-9637-2F4AC44079EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "35848414-BD5D-4164-84DC-61ABBB1C4152",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2B1F8402-8551-4F66-A9A7-81D472AB058E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7A773E8E-48CD-4D35-A0FD-629BD9334486",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FC492340-79AF-4676-A161-079A97EC6F0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F1C2D8FE-C380-4B43-B634-A3DBA4700A71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3EB58393-0C10-413C-8D95-6BAA8BC19A1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "751F51CA-9D88-4971-A6EC-8C0B72E8E22B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "37B74118-8FC2-44CB-9673-A83DF777B2E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "4D56A200-1477-40DA-9444-CFC946157C69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "FD0D1CCC-A857-4C15-899E-08F9255CEE34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "6745CC43-2836-4CD8-848F-EEA08AE9D5AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "7BEB6696-14F9-4D9B-9974-B682FFBB828E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "04146390-021D-4147-9830-9EAA90D120A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "5B124547-DC1D-4A92-B8AB-8A1900063786",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "F45B2127-CF3D-4D59-9042-AE6DF2908319",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "29A450E3-931F-4487-A76D-80A38210297A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "C099A0C4-883D-42ED-8359-FFD3ADD692A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.19:*:*:*:*:*:*:*",
"matchCriteriaId": "ABD07432-5A23-491E-892E-42F0F58307D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.0.20:*:*:*:*:*:*:*",
"matchCriteriaId": "19627ECC-9342-4917-8FCC-7757339E3242",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0C68AA43-ED90-4B98-A5F8-4E210C2CC7CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2466D297-9442-40B0-A1A7-F9D166396CF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EADBF7EE-18DC-49F9-BF2F-A09BBAE76F45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1726E9B6-A7FA-402B-A911-0CE81C623087",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C3670FF7-2CA3-41A4-92FE-0123497E4E87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1C22CE03-DFE5-4CD3-B229-10B219A55434",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C258AF27-84DF-4FC3-A651-1349BB567FB9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The GIF decoding function gdImageCreateFromGifCtx in gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.31 and 7.x before 7.1.7, does not zero colorMap arrays before use. A specially crafted GIF image could use the uninitialized tables to read ~700 bytes from the top of the stack, potentially disclosing sensitive information."
},
{
"lang": "es",
"value": "La funci\u00f3n de descodificaci\u00f3n de GIF \"gdImageCreateFromGifCtx \" en gd_gif_in.c en GD Graphics Library (tambi\u00e9n conocido como libgd),que se usa en PHP en versiones anteriores a la 5.6.31 y en todas las 7.x anteriores a la 7.1.7, no asigna el valor cero a los objetos array colorMap antes de usarse. Una imagen GIF especialmente manipulada podr\u00eda utilizar las tablas no inicializadas para leer sobre 700 bytes por encima de la pila, pudiendo divulgar informaci\u00f3n sensible."
}
],
"id": "CVE-2017-7890",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-02T19:29:00.897",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://php.net/ChangeLog-7.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2017/dsa-3938"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/99492"
},
{
"source": "cve@mitre.org",
"url": "https://access.redhat.com/errata/RHSA-2018:0406"
},
{
"source": "cve@mitre.org",
"url": "https://access.redhat.com/errata/RHSA-2018:1296"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=74435"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://bugs.php.net/patch-display.php?bug=74435\u0026patch=fix-74435-php-7.0\u0026revision=1497970038"
},
{
"source": "cve@mitre.org",
"url": "https://security.netapp.com/advisory/ntap-20180112-0001/"
},
{
"source": "cve@mitre.org",
"url": "https://www.tenable.com/security/tns-2017-12"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://php.net/ChangeLog-7.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2017/dsa-3938"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/99492"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2018:0406"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2018:1296"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=74435"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://bugs.php.net/patch-display.php?bug=74435\u0026patch=fix-74435-php-7.0\u0026revision=1497970038"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20180112-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.tenable.com/security/tns-2017-12"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-06-09 18:59
Modified
2025-04-12 10:46
Severity ?
Summary
Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote FTP servers to execute arbitrary code via a long reply to a LIST command, leading to a heap-based buffer overflow.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84489B-B08C-4854-8A12-D01B6E45CF79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8CD4EF-DC90-40BB-A721-6EC087507906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3D712E27-BB9C-4626-BFD2-12E50F9C2FD4",
"versionEndIncluding": "5.4.40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.4.39:*:*:*:*:*:*:*",
"matchCriteriaId": "14D652D3-59BB-4BCA-95E4-87A8102154CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9F6D9B19-E64D-4BED-9194-17460CE19E6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "3D25E591-448C-4E3B-8557-6E48F7571796",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "6DA18F3F-B4B5-40C3-BF19-67C1F0C1787D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha3:*:*:*:*:*:*",
"matchCriteriaId": "3AF783C9-26E7-4E02-BD41-77B9783667E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha4:*:*:*:*:*:*",
"matchCriteriaId": "EF49701D-ECE4-4CEB-BDAB-24C09C8AD4B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha5:*:*:*:*:*:*",
"matchCriteriaId": "7AEDF6F7-001D-4A35-A26F-417991AD377F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha6:*:*:*:*:*:*",
"matchCriteriaId": "4031DB99-B4B4-41EC-B3C1-543D92C575A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "D5450EA7-A398-49D2-AA8E-7C95B074BAB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "04FE0E4E-BC94-4DC9-BE9B-DC57B952B2FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "BB8E09D8-9CBE-4279-88B7-24A214A5A537",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "2D41ECCE-887D-49A2-9BB3-B559495AC55B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "79B418BC-27F4-4443-A0F7-FF4ADA568C1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "8EEBDF62-BA1B-4438-9AEA-8B56AA5713E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F644EA6C-50C6-4A1C-A4AC-287AA9477B46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4DD47F30-74F5-48E8-8657-C2373FE2BD22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0C09527B-6B47-41F8-BDE6-01C47E452286",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2E454D87-23CB-4D7F-90FE-942EE54D661F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1031E646-F2CF-4A3E-8E6A-5D4BC950BEDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "130E50C1-D209-4CFF-9399-69D561340FBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F29948-9417-460B-8B04-D91AE4E8B423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A37D00C1-4F41-4400-9CE4-8E8BAA3E4142",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "093D08B7-CC3C-4616-8697-F15B253A7D9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E9CD8FEE-DE7B-47CB-9985-4092BFA071D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "A30B2D9E-F289-43C9-BFBC-1CEF284A417E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*",
"matchCriteriaId": "FE41CFDF-8ECD-41C1-94A7-5AFD42C5DDEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*",
"matchCriteriaId": "6AEAC9BA-AF82-4345-839C-D339DCB962A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:*",
"matchCriteriaId": "1EFE682F-52E3-48EC-A993-F522FC29712F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.18:*:*:*:*:*:*:*",
"matchCriteriaId": "AC63A449-5D92-4F5F-8186-B58FFFBA54FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.19:*:*:*:*:*:*:*",
"matchCriteriaId": "F18236F6-2065-4A6A-93E7-FD90E650C689",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.20:*:*:*:*:*:*:*",
"matchCriteriaId": "DEFBA84A-A4E4-438B-B9B5-8549809DCECC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.21:*:*:*:*:*:*:*",
"matchCriteriaId": "146D3DC9-50F4-430B-B321-68ECE78879A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.22:*:*:*:*:*:*:*",
"matchCriteriaId": "1D5A7CA6-7653-46C5-8DF7-95584BF7A879",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.23:*:*:*:*:*:*:*",
"matchCriteriaId": "C5BA8300-2F4D-4C1E-8CCE-F45E8F3547A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.24:*:*:*:*:*:*:*",
"matchCriteriaId": "59A42F02-F363-4C13-BE83-19F757B84455",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "5BF4E8FF-A3EC-43E8-A0C1-FD38AFCB77B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "54ADECFC-3C07-43BC-B296-6C25AC7F1C95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*",
"matchCriteriaId": "FE192054-2FBB-4388-A52A-422E20DEA2D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*",
"matchCriteriaId": "F0195D48-3B42-4AC0-B9C5-436E01C63879",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*",
"matchCriteriaId": "BF0E5D67-ABC1-41A5-94E1-7DD3CDB51D81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "319E0573-B1AD-40B6-B4BC-8BE67ED3EFDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "1A7C00EB-87B7-4EB7-A4AC-8665D8C78467",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "21BFCF10-786A-4D1E-9C37-50A1EC6056F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "95A6D6C8-5F46-4897-A0B0-778631E8CE6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE18933A-5FE6-41C7-B1B6-DA3E762C3FB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9AE1289F-03A6-4621-B387-5F5ADAC4AE92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "383697F5-D29E-475A-84F3-46B54A928889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "786ED182-5D71-4197-9196-12AB5CF05F85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF90980D-74AD-44AA-A7C5-A0B294CCE4F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "48D6B69C-8F27-4F4C-B953-67A7F9C2FBA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B53DC0C3-EA19-4465-B65A-BC7CDB10D8BF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7883E465-932D-4C11-AA54-97E44181F906",
"versionEndIncluding": "10.10.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote FTP servers to execute arbitrary code via a long reply to a LIST command, leading to a heap-based buffer overflow."
},
{
"lang": "es",
"value": "Desbordamiento de enteros en la funci\u00f3n ftp_genlist en ext/ftp/ftp.c en PHP anterior a 5.4.41, 5.5.x anterior a 5.5.25, y 5.6.x anterior a 5.6.9 permite a servidores FTP remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de una contestaci\u00f3n larga a un comando LIST, que conduce a un desbordamiento de buffer basado en memoria din\u00e1mica."
}
],
"id": "CVE-2015-4022",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-06-09T18:59:05.833",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158616.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158915.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159031.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00002.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1135.html"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1186.html"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1187.html"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1218.html"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1219.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2015/dsa-3280"
},
{
"source": "cve@mitre.org",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/74902"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1032433"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=69545"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201606-10"
},
{
"source": "cve@mitre.org",
"url": "https://support.apple.com/kb/HT205031"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158616.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158915.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159031.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1135.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1186.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1187.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1218.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1219.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3280"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/74902"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032433"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=69545"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201606-10"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.apple.com/kb/HT205031"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-06-30 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
PHP 4.0.5 through 4.1.0 in safe mode does not properly cleanse the 5th parameter to the mail() function, which allows local users and possibly remote attackers to execute arbitrary commands via shell metacharacters.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF5EFBC9-2F17-44CD-8298-3D0BA0B48F4C",
"versionEndIncluding": "4.1.0",
"versionStartIncluding": "4.0.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PHP 4.0.5 through 4.1.0 in safe mode does not properly cleanse the 5th parameter to the mail() function, which allows local users and possibly remote attackers to execute arbitrary commands via shell metacharacters."
}
],
"id": "CVE-2001-1246",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-06-30T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://online.securityfocus.com/archive/1/194425"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Patch",
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/6787.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.php.net/do_download.php?download_file=php-4.1.2.tar.gz"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-102.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-129.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-159.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/2954"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://online.securityfocus.com/archive/1/194425"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Patch",
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/6787.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.php.net/do_download.php?download_file=php-4.1.2.tar.gz"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-102.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-129.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-159.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/2954"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-88"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-02-14 15:55
Modified
2025-04-11 00:51
Severity ?
Summary
The PDORow implementation in PHP before 5.3.9 does not properly interact with the session feature, which allows remote attackers to cause a denial of service (application crash) via a crafted application that uses a PDO driver for a fetch and then calls the session_start function, as demonstrated by a crash of the Apache HTTP Server.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.1 | |
| php | php | 5.0.2 | |
| php | php | 5.0.3 | |
| php | php | 5.0.4 | |
| php | php | 5.0.5 | |
| php | php | 5.1.1 | |
| php | php | 5.1.2 | |
| php | php | 5.1.3 | |
| php | php | 5.1.4 | |
| php | php | 5.1.5 | |
| php | php | 5.1.6 | |
| php | php | 5.2.0 | |
| php | php | 5.2.1 | |
| php | php | 5.2.2 | |
| php | php | 5.2.3 | |
| php | php | 5.2.4 | |
| php | php | 5.2.5 | |
| php | php | 5.2.6 | |
| php | php | 5.2.7 | |
| php | php | 5.2.8 | |
| php | php | 5.2.9 | |
| php | php | 5.2.10 | |
| php | php | 5.2.11 | |
| php | php | 5.2.12 | |
| php | php | 5.2.14 | |
| php | php | 5.2.15 | |
| php | php | 5.2.16 | |
| php | php | 5.2.17 | |
| php | php | 5.3.0 | |
| php | php | 5.3.1 | |
| php | php | 5.3.2 | |
| php | php | 5.3.3 | |
| php | php | 5.3.4 | |
| php | php | 5.3.5 | |
| php | php | 5.3.6 | |
| php | php | 5.3.7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8C09D791-3577-4B41-821D-C3965FEF8FCC",
"versionEndIncluding": "5.3.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7007E77F-60EF-44D8-9676-15B59DF1325F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "E727CECE-E452-489A-A42F-5A069D6AF80E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "149A1FB8-593E-412B-8E1C-3E560301D500",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "5D6E8982-D7AE-4A52-8F7C-A4D59D2A2CA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "8FC144FA-8F84-44C0-B263-B639FEAD20FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "295907B4-C3DE-4021-BE3B-A8826D4379E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "DBC98F82-6E1D-4A89-8ED4-ECD9BD954EB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "B881352D-954E-4FC0-9E42-93D02A3F3089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "17437AED-816A-4CCF-96DE-8C3D0CC8DB2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "74E7AE59-1CB0-4300-BBE0-109F909789EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9222821E-370F-4616-B787-CC22C2F4E7CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9809449F-9A76-4318-B233-B4C2950A6EA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0AA962D4-A4EC-4DC3-B8A9-D10941B92781",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "16E43B88-1563-4EFD-9267-AE3E8C35D67A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "11E5715F-A8BC-49EF-836B-BB78E1BC0790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5FA68843-158E-463E-B68A-1ACF041C4E10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1874F637-77E2-4C4A-BF92-AEE96A60BFB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9592B32E-55CD-42D0-901E-8319823BC820",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A9BF34B5-F74C-4D56-9841-42452D60CB87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD02D837-FD28-4E0F-93F8-25E8D1C84A99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "88358D1E-BE6F-4CE3-A522-83D1FA4739E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D8B97B03-7DA7-4A5F-89B4-E78CAB20DE17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "86767200-6C9C-4C3E-B111-0E5BE61E197B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B00B416D-FF23-4C76-8751-26D305F0FA0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CCB6CDDD-70D3-4004-BCE0-8C4723076103",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A782CA26-9C38-40A8-92AE-D47B14D2FCE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1C0E7E2A-4770-4B68-B74C-5F5A6E1876DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "0892C89E-9389-4452-B7E0-981A763CD426",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "635F3CB1-B042-43CC-91AB-746098018D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E1F32DDF-17A3-45B5-9227-833EBEBD3923",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "2CDFB7E9-8510-430F-BFBC-FD811D60DC78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "79D5336A-14AA-483E-9CBE-A7B53120B925",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.14:*:*:*:*:*:*:*",
"matchCriteriaId": "95D48A71-B84E-4B6C-9603-B3373052E568",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "CAAB7D55-F155-43F9-A563-F2E35CFFEF26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.16:*:*:*:*:*:*:*",
"matchCriteriaId": "72243A3F-6BFD-472B-9EA4-82BE4253ED27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "E415CC22-09CA-47D2-9F1A-0BCA8960835B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9EF4B938-BB14-4C06-BEE9-10CA755C5DEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "981C922C-7A7D-473E-8C43-03AB62FB5B8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5D0CD11A-09C2-4C60-8F0C-68E55BD6EE63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B0F40E4A-E125-4099-A8B3-D42614AA9312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4933D9DD-A630-4A3D-9D13-9E182F5F6F8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A9E6D530-91FC-42F4-A427-6601238E0187",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9EC938DB-E066-407F-BDF8-61A1C41136F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "ACDF768D-7F5A-4042-B7DD-398F65F3F094",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The PDORow implementation in PHP before 5.3.9 does not properly interact with the session feature, which allows remote attackers to cause a denial of service (application crash) via a crafted application that uses a PDO driver for a fetch and then calls the session_start function, as demonstrated by a crash of the Apache HTTP Server."
},
{
"lang": "es",
"value": "La implementaci\u00f3n de PDORow en PHP anterior a v5.3.9 no interact\u00faan adecuadamente con la funci\u00f3n de la sesi\u00f3n, que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de una aplicaci\u00f3n hecha a mano que utiliza un controlador para una DOP a buscar y luego llama a la funci\u00f3n session_start , como lo demuestra una ca\u00edda del servidor HTTP Apache."
}
],
"id": "CVE-2012-0788",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-02-14T15:55:00.883",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00013.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48668"
},
{
"source": "secalert@redhat.com",
"url": "http://www.php.net/ChangeLog-5.php#5.3.9"
},
{
"source": "secalert@redhat.com",
"url": "https://bugs.php.net/bug.php?id=55776"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=783605"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00013.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48668"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.php.net/ChangeLog-5.php#5.3.9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugs.php.net/bug.php?id=55776"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=783605"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-04-06 01:19
Modified
2025-04-09 00:30
Severity ?
Summary
PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows context-dependent attackers to read arbitrary memory locations via an interruption that triggers a user space error handler that changes a parameter to an arbitrary pointer, as demonstrated via the iptcembed function, which calls certain convert_to_* functions with its input parameters.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | 4.0.0 | |
| php | php | 4.0.1 | |
| php | php | 4.0.1 | |
| php | php | 4.0.1 | |
| php | php | 4.0.2 | |
| php | php | 4.0.3 | |
| php | php | 4.0.3 | |
| php | php | 4.0.4 | |
| php | php | 4.0.4 | |
| php | php | 4.0.5 | |
| php | php | 4.0.6 | |
| php | php | 4.0.7 | |
| php | php | 4.0.7 | |
| php | php | 4.0.7 | |
| php | php | 4.0.7 | |
| php | php | 4.1.0 | |
| php | php | 4.1.1 | |
| php | php | 4.1.2 | |
| php | php | 4.2 | |
| php | php | 4.2.0 | |
| php | php | 4.2.1 | |
| php | php | 4.2.2 | |
| php | php | 4.2.3 | |
| php | php | 4.3.0 | |
| php | php | 4.3.1 | |
| php | php | 4.3.2 | |
| php | php | 4.3.3 | |
| php | php | 4.3.4 | |
| php | php | 4.3.5 | |
| php | php | 4.3.6 | |
| php | php | 4.3.7 | |
| php | php | 4.3.8 | |
| php | php | 4.3.9 | |
| php | php | 4.3.10 | |
| php | php | 4.3.11 | |
| php | php | 4.4.0 | |
| php | php | 4.4.1 | |
| php | php | 4.4.2 | |
| php | php | 4.4.3 | |
| php | php | 4.4.4 | |
| php | php | 4.4.5 | |
| php | php | 4.4.6 | |
| php | php | 5.0 | |
| php | php | 5.0 | |
| php | php | 5.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.1 | |
| php | php | 5.0.2 | |
| php | php | 5.0.3 | |
| php | php | 5.0.4 | |
| php | php | 5.0.5 | |
| php | php | 5.1.0 | |
| php | php | 5.1.1 | |
| php | php | 5.1.2 | |
| php | php | 5.1.3 | |
| php | php | 5.1.4 | |
| php | php | 5.1.5 | |
| php | php | 5.1.6 | |
| php | php | 5.2.0 | |
| php | php | 5.2.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF57C14-86B6-419A-BAFF-93D01CB1E081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78BAA18C-E5A0-4210-B64B-709BBFF31EEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.1:patch1:*:*:*:*:*:*",
"matchCriteriaId": "419867C6-37BE-43B4-BFE0-6325FEE3807D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.1:patch2:*:*:*:*:*:*",
"matchCriteriaId": "37896E87-95C2-4039-8362-BC03B1C56706",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "13A159B4-B847-47DE-B7F8-89384E6C551B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "57B59616-A309-40B4-94B1-50A7BC00E35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.3:patch1:*:*:*:*:*:*",
"matchCriteriaId": "8667FBC6-04B6-40E5-93B3-6C22BEED4B26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0F39A1B1-416E-4436-8007-733B66904A14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.4:patch1:*:*:*:*:*:*",
"matchCriteriaId": "9B8B3138-3DCC-4682-B9A8-920E1110700D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DD5FC218-3DDB-4981-81C9-6C69F8DA6F4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2E5F96-66D2-4F99-A74D-6A2305EE218E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2D724D09-0D45-4701-93C9-348301217C8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:rc1:*:*:*:*:*:*",
"matchCriteriaId": "FC6A6F47-5C7C-4F82-B23B-9C959C69B27F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:rc2:*:*:*:*:*:*",
"matchCriteriaId": "AE1A4DA6-6181-43A8-B0D8-5A016C3E75FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:rc3:*:*:*:*:*:*",
"matchCriteriaId": "6E36203C-1392-49BB-AE7E-49626963D673",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6713614A-B14E-4A85-BF89-ED780068FC68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FD95F8EB-B428-4B3C-9254-A5DECE03A989",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "069EB7EE-06B9-454F-9007-8DE5DCA33C53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2:*:dev:*:*:*:*:*",
"matchCriteriaId": "BBA861A2-F0CD-4DBB-B43A-4970EB114DA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "18BF5BE6-09EA-45AD-93BF-2BEF1742534E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EC1460DF-1687-4314-BF1A-01290B20302D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "470380B0-3982-48FC-871B-C8B43C81900D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAA7712-10F0-4BB6-BAFB-D0806AFD9DE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "63190D9B-7958-4B93-87C6-E7D5A572F6DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7AB2E2E8-81D6-4973-AC0F-AA644EE99DD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4AAF4586-74FF-47C6-864B-656FDF3F33D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B14EF0C7-61F2-47A4-B7F8-43FF03C62DCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5245F990-B4A7-4ED8-909D-B8137CE79FAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5652D5B0-68E4-4239-B9B7-599AFCF4C53E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "57B71BB7-5239-4860-9100-8CABC3992D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "72BD447A-4EED-482C-8F61-48FAD4FCF8BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B3F9DF9D-15E5-4387-ABE3-A7583331A928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "11579E5C-D7CF-46EE-B015-5F4185C174E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C69CDE21-2FD4-4529-8F02-8709CF5E3D7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "221B9AC4-C63C-4386-B3BD-E4BC102C6124",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "78B7BA75-2A32-4A8E-ADF8-BCB4FC48CB5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2BEA491B-77FD-4760-8F6F-3EBC6BD810D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BB25CFBB-347C-479E-8853-F49DD6CBD7D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4D2937B3-D034-400E-84F5-33833CE3764D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "71AEE8B4-FCF8-483B-8D4C-2E80A02E925E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4C2AF1D9-33B6-4B2C-9269-426B6B720164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "84B70263-37AA-4539-A286-12038A3792C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0F9D7662-A5B6-41D0-B6A1-E5ABC5ABA47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "E3797AB5-9E49-4251-A212-B6E5D9996764",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "D61D9CE9-F7A3-4F52-9D4E-B2473804ECB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7007E77F-60EF-44D8-9676-15B59DF1325F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "E727CECE-E452-489A-A42F-5A069D6AF80E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "149A1FB8-593E-412B-8E1C-3E560301D500",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "5D6E8982-D7AE-4A52-8F7C-A4D59D2A2CA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "8FC144FA-8F84-44C0-B263-B639FEAD20FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "295907B4-C3DE-4021-BE3B-A8826D4379E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "DBC98F82-6E1D-4A89-8ED4-ECD9BD954EB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "B881352D-954E-4FC0-9E42-93D02A3F3089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "17437AED-816A-4CCF-96DE-8C3D0CC8DB2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "74E7AE59-1CB0-4300-BBE0-109F909789EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9222821E-370F-4616-B787-CC22C2F4E7CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9809449F-9A76-4318-B233-B4C2950A6EA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0AA962D4-A4EC-4DC3-B8A9-D10941B92781",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8CDFEF9-C367-4800-8A2F-375C261FAE55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "16E43B88-1563-4EFD-9267-AE3E8C35D67A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "11E5715F-A8BC-49EF-836B-BB78E1BC0790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5FA68843-158E-463E-B68A-1ACF041C4E10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1874F637-77E2-4C4A-BF92-AEE96A60BFB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9592B32E-55CD-42D0-901E-8319823BC820",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A9BF34B5-F74C-4D56-9841-42452D60CB87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD02D837-FD28-4E0F-93F8-25E8D1C84A99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "88358D1E-BE6F-4CE3-A522-83D1FA4739E3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows context-dependent attackers to read arbitrary memory locations via an interruption that triggers a user space error handler that changes a parameter to an arbitrary pointer, as demonstrated via the iptcembed function, which calls certain convert_to_* functions with its input parameters."
},
{
"lang": "es",
"value": "PHP 4.0.0 hasta 4.4.6 y 5.0.0 hasta 5.2.1 permite a atacantes dependientes del contexto leer localizaciones de memoria de su elecci\u00f3n a trav\u00e9s de una interrupci\u00f3n que dispara el manejador del espacio de error del usuario que cambia un par\u00e1metro a un puntero de su elecci\u00f3n, como se demostr\u00f3 a trav\u00e9s de la funci\u00f3n, lo cual llama a ciertas funciones convert_to_* con sus propios par\u00e1metros de entrada."
}
],
"id": "CVE-2007-1883",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-04-06T01:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24542"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/27102"
},
{
"source": "cve@mitre.org",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.php-security.org/MOPB/MOPB-37-2007.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33750"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24542"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/27102"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.php-security.org/MOPB/MOPB-37-2007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33750"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "The PHP interpreter does not offer a reliable \u0026quot;sandboxed\u0026quot; security\nlayer (as found in, say, a JVM) in which untrusted scripts can be run;\nany script run by the PHP interpreter must be trusted with the\nprivileges of the interpreter itself. We therefore do not classify\nthis issue as security-sensitive since no trust boundary is crossed.\n",
"lastModified": "2007-04-16T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-09-17 21:59
Modified
2025-04-12 10:46
Severity ?
Summary
ext/standard/var_unserializer.re in PHP before 5.6.26 mishandles object-deserialization failures, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via an unserialize call that references a partially constructed object.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D860D77C-575A-48A1-9475-485D26EF5E41",
"versionEndIncluding": "5.6.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ext/standard/var_unserializer.re in PHP before 5.6.26 mishandles object-deserialization failures, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via an unserialize call that references a partially constructed object."
},
{
"lang": "es",
"value": "ext/standard/var_unserializer.re en PHP en versiones anteriores a 5.6.26 no maneja correctamente los fallos de deserializaci\u00f3n de objeto, lo que podr\u00eda permitir a atacantes remotos provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) o tener otro posible impacto no especificado a trav\u00e9s de una llamada no serializada que referencia a un objeto construido parcialmente."
}
],
"id": "CVE-2016-7411",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-09-17T21:59:02.573",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2016/09/15/10"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes"
],
"url": "http://www.php.net/ChangeLog-5.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/93009"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1036836"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
],
"url": "https://bugs.php.net/bug.php?id=73052"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://github.com/php/php-src/commit/6a7cc8ff85827fa9ac715b3a83c2d9147f33cd43?w=1"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201611-22"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2016/09/15/10"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "http://www.php.net/ChangeLog-5.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93009"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036836"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking"
],
"url": "https://bugs.php.net/bug.php?id=73052"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://github.com/php/php-src/commit/6a7cc8ff85827fa9ac715b3a83c2d9147f33cd43?w=1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201611-22"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-08-23 19:17
Modified
2025-04-09 00:30
Severity ?
Summary
Multiple buffer overflows in the php_ntuser component for PHP 5.2.3 allow context-dependent attackers to cause a denial of service or execute arbitrary code via long arguments to the (1) ntuser_getuserlist, (2) ntuser_getuserinfo, (3) ntuser_getusergroups, or (4) ntuser_getdomaincontroller functions.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "86767200-6C9C-4C3E-B111-0E5BE61E197B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in the php_ntuser component for PHP 5.2.3 allow context-dependent attackers to cause a denial of service or execute arbitrary code via long arguments to the (1) ntuser_getuserlist, (2) ntuser_getuserinfo, (3) ntuser_getusergroups, or (4) ntuser_getdomaincontroller functions."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer en el componente php_ntuser para PHP 5.2.3 permite a atacantes locales o remotos (dependiendo del contexto) provocar una denegaci\u00f3n de servicio o ejecutar c\u00f3digo de su elecci\u00f3n mediante argumentos largos para las funciones (1) ntuser_getuserlist, (2) ntuser_getuserinfo, (3) ntuser_getusergroups, o (4) ntuser_getdomaincontroller."
}
],
"id": "CVE-2007-4507",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-08-23T19:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "https://www.exploit-db.com/exploits/4304"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/4304"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Not vulnerable. This issue did not affect the versions of php as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5, or Red Hat Application Stack 1.\n",
"lastModified": "2007-08-24T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-03-27 01:19
Modified
2025-04-09 00:30
Severity ?
Summary
The session extension in PHP 4 before 4.4.5, and PHP 5 before 5.2.1, calculates the reference count for the session variables without considering the internal pointer from the session globals, which allows context-dependent attackers to execute arbitrary code via a crafted string in the session_register after unsetting HTTP_SESSION_VARS and _SESSION, which destroys the session data Hashtable.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0 | |
| php | php | 4.0.0 | |
| php | php | 4.0.1 | |
| php | php | 4.0.1 | |
| php | php | 4.0.1 | |
| php | php | 4.0.2 | |
| php | php | 4.0.3 | |
| php | php | 4.0.3 | |
| php | php | 4.0.4 | |
| php | php | 4.0.4 | |
| php | php | 4.0.5 | |
| php | php | 4.0.6 | |
| php | php | 4.0.7 | |
| php | php | 4.0.7 | |
| php | php | 4.0.7 | |
| php | php | 4.0.7 | |
| php | php | 4.1.0 | |
| php | php | 4.1.1 | |
| php | php | 4.1.2 | |
| php | php | 4.2 | |
| php | php | 4.2.0 | |
| php | php | 4.2.1 | |
| php | php | 4.2.2 | |
| php | php | 4.2.3 | |
| php | php | 4.3.0 | |
| php | php | 4.3.1 | |
| php | php | 4.3.2 | |
| php | php | 4.3.3 | |
| php | php | 4.3.4 | |
| php | php | 4.3.5 | |
| php | php | 4.3.6 | |
| php | php | 4.3.7 | |
| php | php | 4.3.8 | |
| php | php | 4.3.9 | |
| php | php | 4.3.10 | |
| php | php | 4.3.11 | |
| php | php | 4.4.0 | |
| php | php | 4.4.1 | |
| php | php | 4.4.2 | |
| php | php | 4.4.3 | |
| php | php | 4.4.4 | |
| php | php | 5.0 | |
| php | php | 5.0 | |
| php | php | 5.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.0 | |
| php | php | 5.0.1 | |
| php | php | 5.0.2 | |
| php | php | 5.0.3 | |
| php | php | 5.0.4 | |
| php | php | 5.0.5 | |
| php | php | 5.1.0 | |
| php | php | 5.1.1 | |
| php | php | 5.1.2 | |
| php | php | 5.1.3 | |
| php | php | 5.1.4 | |
| php | php | 5.1.5 | |
| php | php | 5.1.6 | |
| php | php | 5.2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EDBEC461-D553-41B7-8D85-20B6A933C21C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta_4_patch1:*:*:*:*:*:*",
"matchCriteriaId": "AEEF2298-98E8-409F-9205-84817CEF947B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "6AFC00BA-D64D-4407-AC69-FDD9FF013943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "D80F2A8B-B57F-4970-867A-55E8187C1502",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "EF4E0EFE-4FF6-4E8F-8EC5-68B059FC0C42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "49965B80-DC27-4864-BDF0-CBBFF16BFD80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8212495A-0F2A-4787-93F2-F6618F9A777B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "C6F0F8FC-C57A-4AEA-A59F-41140347318A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF57C14-86B6-419A-BAFF-93D01CB1E081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78BAA18C-E5A0-4210-B64B-709BBFF31EEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.1:patch1:*:*:*:*:*:*",
"matchCriteriaId": "419867C6-37BE-43B4-BFE0-6325FEE3807D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.1:patch2:*:*:*:*:*:*",
"matchCriteriaId": "37896E87-95C2-4039-8362-BC03B1C56706",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "13A159B4-B847-47DE-B7F8-89384E6C551B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "57B59616-A309-40B4-94B1-50A7BC00E35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.3:patch1:*:*:*:*:*:*",
"matchCriteriaId": "8667FBC6-04B6-40E5-93B3-6C22BEED4B26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0F39A1B1-416E-4436-8007-733B66904A14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.4:patch1:*:*:*:*:*:*",
"matchCriteriaId": "9B8B3138-3DCC-4682-B9A8-920E1110700D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DD5FC218-3DDB-4981-81C9-6C69F8DA6F4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FC2E5F96-66D2-4F99-A74D-6A2305EE218E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2D724D09-0D45-4701-93C9-348301217C8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:rc1:*:*:*:*:*:*",
"matchCriteriaId": "FC6A6F47-5C7C-4F82-B23B-9C959C69B27F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:rc2:*:*:*:*:*:*",
"matchCriteriaId": "AE1A4DA6-6181-43A8-B0D8-5A016C3E75FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0.7:rc3:*:*:*:*:*:*",
"matchCriteriaId": "6E36203C-1392-49BB-AE7E-49626963D673",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6713614A-B14E-4A85-BF89-ED780068FC68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FD95F8EB-B428-4B3C-9254-A5DECE03A989",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "069EB7EE-06B9-454F-9007-8DE5DCA33C53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2:*:dev:*:*:*:*:*",
"matchCriteriaId": "BBA861A2-F0CD-4DBB-B43A-4970EB114DA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "18BF5BE6-09EA-45AD-93BF-2BEF1742534E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EC1460DF-1687-4314-BF1A-01290B20302D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "470380B0-3982-48FC-871B-C8B43C81900D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAA7712-10F0-4BB6-BAFB-D0806AFD9DE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "63190D9B-7958-4B93-87C6-E7D5A572F6DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7AB2E2E8-81D6-4973-AC0F-AA644EE99DD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4AAF4586-74FF-47C6-864B-656FDF3F33D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B14EF0C7-61F2-47A4-B7F8-43FF03C62DCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5245F990-B4A7-4ED8-909D-B8137CE79FAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5652D5B0-68E4-4239-B9B7-599AFCF4C53E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "57B71BB7-5239-4860-9100-8CABC3992D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "72BD447A-4EED-482C-8F61-48FAD4FCF8BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B3F9DF9D-15E5-4387-ABE3-A7583331A928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "11579E5C-D7CF-46EE-B015-5F4185C174E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C69CDE21-2FD4-4529-8F02-8709CF5E3D7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "221B9AC4-C63C-4386-B3BD-E4BC102C6124",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "78B7BA75-2A32-4A8E-ADF8-BCB4FC48CB5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2BEA491B-77FD-4760-8F6F-3EBC6BD810D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BB25CFBB-347C-479E-8853-F49DD6CBD7D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4D2937B3-D034-400E-84F5-33833CE3764D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "71AEE8B4-FCF8-483B-8D4C-2E80A02E925E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0F9D7662-A5B6-41D0-B6A1-E5ABC5ABA47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "E3797AB5-9E49-4251-A212-B6E5D9996764",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "D61D9CE9-F7A3-4F52-9D4E-B2473804ECB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7007E77F-60EF-44D8-9676-15B59DF1325F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "E727CECE-E452-489A-A42F-5A069D6AF80E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "149A1FB8-593E-412B-8E1C-3E560301D500",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "5D6E8982-D7AE-4A52-8F7C-A4D59D2A2CA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "8FC144FA-8F84-44C0-B263-B639FEAD20FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "295907B4-C3DE-4021-BE3B-A8826D4379E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "DBC98F82-6E1D-4A89-8ED4-ECD9BD954EB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "B881352D-954E-4FC0-9E42-93D02A3F3089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "17437AED-816A-4CCF-96DE-8C3D0CC8DB2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "74E7AE59-1CB0-4300-BBE0-109F909789EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9222821E-370F-4616-B787-CC22C2F4E7CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9809449F-9A76-4318-B233-B4C2950A6EA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0AA962D4-A4EC-4DC3-B8A9-D10941B92781",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8CDFEF9-C367-4800-8A2F-375C261FAE55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "16E43B88-1563-4EFD-9267-AE3E8C35D67A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "11E5715F-A8BC-49EF-836B-BB78E1BC0790",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5FA68843-158E-463E-B68A-1ACF041C4E10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1874F637-77E2-4C4A-BF92-AEE96A60BFB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9592B32E-55CD-42D0-901E-8319823BC820",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A9BF34B5-F74C-4D56-9841-42452D60CB87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD02D837-FD28-4E0F-93F8-25E8D1C84A99",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The session extension in PHP 4 before 4.4.5, and PHP 5 before 5.2.1, calculates the reference count for the session variables without considering the internal pointer from the session globals, which allows context-dependent attackers to execute arbitrary code via a crafted string in the session_register after unsetting HTTP_SESSION_VARS and _SESSION, which destroys the session data Hashtable."
},
{
"lang": "es",
"value": "La extensi\u00f3n session de PHP 4 anterior a 4.4.5, y PHP 5 anterior a 5.2.1, calcula la cuenta de referencia para las variables de sesi\u00f3n sin considerar el puntero interno global de sesi\u00f3n, lo cual permite a atacantes locales o remotos dependiendo del contexto ejecutar c\u00f3digo de su elecci\u00f3n mediante una cadena manipulada en session_register tras desasignar HTTP_SESSION_VARS y _SESSION, lo cual destruye la tabla asociativa (Hashtable) de datos de sesi\u00f3n."
}
],
"id": "CVE-2007-1700",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-03-27T01:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01056506"
},
{
"source": "cve@mitre.org",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01056506"
},
{
"source": "cve@mitre.org",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01086137"
},
{
"source": "cve@mitre.org",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01086137"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/25056"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/25057"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/25062"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/25423"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/25445"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/25850"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200705-19.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2007/dsa-1283"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2007_32_php.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.php-security.org/MOPB/MOPB-30-2007.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/23119"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/usn-455-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/1991"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/2374"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33520"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01056506"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01056506"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01086137"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c01086137"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25056"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25057"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25062"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25423"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25445"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25850"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200705-19.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2007/dsa-1283"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2007_32_php.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.php-security.org/MOPB/MOPB-30-2007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/23119"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-455-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1991"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/2374"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33520"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "The PHP interpreter does not offer a reliable \u0026quot;sandboxed\u0026quot; security\nlayer (as found in, say, a JVM) in which untrusted scripts can be run;\nany script run by the PHP interpreter must be trusted with the\nprivileges of the interpreter itself. We therefore do not classify\nthis issue as security-sensitive since no trust boundary is crossed.\n",
"lastModified": "2007-04-16T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-03-27 17:44
Modified
2025-04-09 00:30
Severity ?
Summary
Integer overflow in PHP 5.2.5 and earlier allows context-dependent attackers to cause a denial of service and possibly have unspecified other impact via a printf format parameter with a large width specifier, related to the php_sprintf_appendstring function in formatted_print.c and probably other functions for formatted strings (aka *printf functions).
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "18255FF5-3F40-483F-85DC-21D9B6B4FE07",
"versionEndIncluding": "5.2.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in PHP 5.2.5 and earlier allows context-dependent attackers to cause a denial of service and possibly have unspecified other impact via a printf format parameter with a large width specifier, related to the php_sprintf_appendstring function in formatted_print.c and probably other functions for formatted strings (aka *printf functions)."
},
{
"lang": "es",
"value": "Desbordamiento de entero en PHP 5.2.5 y versiones anteriores permite a atacantes dependientes del contexto provocar una denegaci\u00f3n de servicio y posiblemente tener otros impactos no especificados a trav\u00e9s de un par\u00e1metro de formato printf con un especificador de gran anchura, en relaci\u00f3n a la funci\u00f3n php_sprintf_appendstring en formatted_print.c y posiblemente otras funciones para cadenas de formato (tambi\u00e9n conocido como funciones *printf)."
}
],
"id": "CVE-2008-1384",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-03-27T17:44:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://cvs.php.net/viewvc.cgi/php-src/NEWS?revision=1.2027.2.547.2.1120\u0026view=markup"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/30158"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/30345"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/30411"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/30967"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/31200"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/32746"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200811-05.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://securityreason.com/achievement_securityalert/52"
},
{
"source": "cve@mitre.org",
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0176"
},
{
"source": "cve@mitre.org",
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0178"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2008/dsa-1572"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:022"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:023"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/489962/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/492535/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/492671/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/28392"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/usn-628-1"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41386"
},
{
"source": "cve@mitre.org",
"url": "https://issues.rpath.com/browse/RPL-2503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://cvs.php.net/viewvc.cgi/php-src/NEWS?revision=1.2027.2.547.2.1120\u0026view=markup"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/30158"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/30345"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/30411"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/30967"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/31200"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/32746"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200811-05.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://securityreason.com/achievement_securityalert/52"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0176"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0178"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2008/dsa-1572"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/489962/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/492535/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/492671/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/28392"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-628-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41386"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://issues.rpath.com/browse/RPL-2503"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Red Hat do not consider this to be a security vulnerability:\nhttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-1384",
"lastModified": "2008-03-28T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-01-05 20:30
Modified
2025-04-09 00:30
Severity ?
Summary
PHP 5.2.7 contains an incorrect change to the FILTER_UNSAFE_RAW functionality, and unintentionally disables magic_quotes_gpc regardless of the actual magic_quotes_gpc setting, which might make it easier for context-dependent attackers to conduct SQL injection attacks and unspecified other attacks.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:5.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1C0E7E2A-4770-4B68-B74C-5F5A6E1876DC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PHP 5.2.7 contains an incorrect change to the FILTER_UNSAFE_RAW functionality, and unintentionally disables magic_quotes_gpc regardless of the actual magic_quotes_gpc setting, which might make it easier for context-dependent attackers to conduct SQL injection attacks and unspecified other attacks."
},
{
"lang": "es",
"value": "PHP v5.2.7 contiene un cambio incorrecto de la funcionalidad FILTER_UNSAFE_RAW, y de forma no intencionada desactiva la opci\u00f3n magic_quotes_gpc, sin importar la actual configuraci\u00f3n de magic_quotes_gpc, lo cual facilita a los atacantes, dependiendo del contexto, provocar ataques de inyecci\u00f3n SQL y otros ataques no especificados."
}
],
"id": "CVE-2008-5844",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-01-05T20:30:02.313",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://bugs.php.net/bug.php?id=42718"
},
{
"source": "cve@mitre.org",
"url": "http://bugs.php.net/bug.php?id=46759"
},
{
"source": "cve@mitre.org",
"url": "http://www.php.net/ChangeLog-5.php#5.2.8"
},
{
"source": "cve@mitre.org",
"url": "http://www.php.net/archive/2008.php#id2008-12-07-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.php.net/archive/2008.php#id2008-12-08-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/32673"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1021393"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://bugs.php.net/bug.php?id=42718"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.php.net/bug.php?id=46759"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.php.net/ChangeLog-5.php#5.2.8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.php.net/archive/2008.php#id2008-12-07-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.php.net/archive/2008.php#id2008-12-08-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/32673"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1021393"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Not vulnerable. This issue did not affect the versions of the php package, as shipped with Red Hat Enterprise Linux 2.1, 3, 4, 5, and with\nRed Hat Application Stack v1 and v2. Only PHP version 5.2.7 was affected by this flaw.",
"lastModified": "2009-01-23T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-16"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-08-07 15:29
Modified
2024-11-21 03:50
Severity ?
Summary
An issue was discovered in ext/standard/link_win32.c in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8. The linkinfo function on Windows doesn't implement the open_basedir check. This could be abused to find files on paths outside of the allowed directories.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C7790A37-5872-498A-AF77-4C72F5E6535E",
"versionEndExcluding": "5.6.37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D4F254A0-4FCB-4015-B4BA-FC634D47A473",
"versionEndExcluding": "7.0.31",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9AEDB1B-9295-45A4-80FE-E10DF404E267",
"versionEndExcluding": "7.1.20",
"versionStartIncluding": "7.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF1D395B-6711-40A9-8E0E-9153B8A71F04",
"versionEndExcluding": "7.2.8",
"versionStartIncluding": "7.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B7A6697-98CC-4E36-93DB-B7160F8399F9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in ext/standard/link_win32.c in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8. The linkinfo function on Windows doesn\u0027t implement the open_basedir check. This could be abused to find files on paths outside of the allowed directories."
},
{
"lang": "es",
"value": "Se ha descubierto un problema en ext/standard/link_win32.c en PHP en versiones anteriores a la 5.6.37, versiones 7.0.x anteriores a la 7.0.31, versiones 7.1.x anteriores a la 7.1.20 y versiones 7.2.x anteriores a la 7.2.8. La funci\u00f3n linkinfo en Windows no implementa la comprobaci\u00f3n open_basedir. Se podr\u00eda abusar de esto para encontrar archivos en rutas fuera de los directorios permitidos."
}
],
"id": "CVE-2018-15132",
"lastModified": "2024-11-21T03:50:22.557",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-08-07T15:29:00.873",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://php.net/ChangeLog-7.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=76459"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/php/php-src/commit/f151e048ed27f6f4eef729f3310d053ab5da71d4"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20181107-0003/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/tns-2018-12"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://php.net/ChangeLog-7.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=76459"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/php/php-src/commit/f151e048ed27f6f4eef729f3310d053ab5da71d4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20181107-0003/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/tns-2018-12"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-16 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
The xsl_ext_function_php function in ext/xsl/xsltprocessor.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13, when libxml2 before 2.9.2 is used, does not consider the possibility of a NULL valuePop return value before proceeding with a free operation after the principal argument loop, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted XML document, a different vulnerability than CVE-2015-6837.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.1 | |
| php | php | 5.6.2 | |
| php | php | 5.6.3 | |
| php | php | 5.6.4 | |
| php | php | 5.6.5 | |
| php | php | 5.6.6 | |
| php | php | 5.6.7 | |
| php | php | 5.6.8 | |
| php | php | 5.6.9 | |
| php | php | 5.6.10 | |
| php | php | 5.6.11 | |
| php | php | 5.6.12 | |
| xmlsoft | libxml2 | * | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.0 | |
| php | php | 5.5.1 | |
| php | php | 5.5.2 | |
| php | php | 5.5.3 | |
| php | php | 5.5.4 | |
| php | php | 5.5.5 | |
| php | php | 5.5.6 | |
| php | php | 5.5.7 | |
| php | php | 5.5.8 | |
| php | php | 5.5.9 | |
| php | php | 5.5.10 | |
| php | php | 5.5.11 | |
| php | php | 5.5.12 | |
| php | php | 5.5.13 | |
| php | php | 5.5.14 | |
| php | php | 5.5.15 | |
| php | php | 5.5.16 | |
| php | php | 5.5.17 | |
| php | php | 5.5.18 | |
| php | php | 5.5.19 | |
| php | php | 5.5.20 | |
| php | php | 5.5.21 | |
| php | php | 5.5.22 | |
| php | php | 5.5.23 | |
| php | php | 5.5.24 | |
| php | php | 5.5.25 | |
| php | php | 5.5.26 | |
| php | php | 5.5.27 | |
| php | php | 5.5.28 | |
| xmlsoft | libxml2 | * | |
| php | php | * | |
| xmlsoft | libxml2 | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "5BF4E8FF-A3EC-43E8-A0C1-FD38AFCB77B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "54ADECFC-3C07-43BC-B296-6C25AC7F1C95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*",
"matchCriteriaId": "FE192054-2FBB-4388-A52A-422E20DEA2D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*",
"matchCriteriaId": "F0195D48-3B42-4AC0-B9C5-436E01C63879",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*",
"matchCriteriaId": "BF0E5D67-ABC1-41A5-94E1-7DD3CDB51D81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "319E0573-B1AD-40B6-B4BC-8BE67ED3EFDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "1A7C00EB-87B7-4EB7-A4AC-8665D8C78467",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "21BFCF10-786A-4D1E-9C37-50A1EC6056F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "95A6D6C8-5F46-4897-A0B0-778631E8CE6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F1F13E2D-A8F7-4B74-8D03-7905C81672C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE18933A-5FE6-41C7-B1B6-DA3E762C3FB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9AE1289F-03A6-4621-B387-5F5ADAC4AE92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "383697F5-D29E-475A-84F3-46B54A928889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "786ED182-5D71-4197-9196-12AB5CF05F85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF90980D-74AD-44AA-A7C5-A0B294CCE4F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "48D6B69C-8F27-4F4C-B953-67A7F9C2FBA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B53DC0C3-EA19-4465-B65A-BC7CDB10D8BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "BEA4DFC1-6C0C-42FB-9F47-E3E1AA9E47E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "D904E21A-4B3B-4D96-850C-0C0315F14E6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.11:*:*:*:*:*:*:*",
"matchCriteriaId": "C7CEF6D7-8966-45E7-BEBB-12055F5898C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.12:*:*:*:*:*:*:*",
"matchCriteriaId": "171C1035-414C-4F3A-90F4-1A8ED26E3346",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "18BCA403-8F0F-4564-BE7E-1DE10408B54B",
"versionEndIncluding": "2.9.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9F6D9B19-E64D-4BED-9194-17460CE19E6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "3D25E591-448C-4E3B-8557-6E48F7571796",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "6DA18F3F-B4B5-40C3-BF19-67C1F0C1787D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha3:*:*:*:*:*:*",
"matchCriteriaId": "3AF783C9-26E7-4E02-BD41-77B9783667E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha4:*:*:*:*:*:*",
"matchCriteriaId": "EF49701D-ECE4-4CEB-BDAB-24C09C8AD4B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha5:*:*:*:*:*:*",
"matchCriteriaId": "7AEDF6F7-001D-4A35-A26F-417991AD377F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:alpha6:*:*:*:*:*:*",
"matchCriteriaId": "4031DB99-B4B4-41EC-B3C1-543D92C575A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "D5450EA7-A398-49D2-AA8E-7C95B074BAB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "04FE0E4E-BC94-4DC9-BE9B-DC57B952B2FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "BB8E09D8-9CBE-4279-88B7-24A214A5A537",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "2D41ECCE-887D-49A2-9BB3-B559495AC55B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "79B418BC-27F4-4443-A0F7-FF4ADA568C1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "8EEBDF62-BA1B-4438-9AEA-8B56AA5713E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F644EA6C-50C6-4A1C-A4AC-287AA9477B46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4DD47F30-74F5-48E8-8657-C2373FE2BD22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0C09527B-6B47-41F8-BDE6-01C47E452286",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2E454D87-23CB-4D7F-90FE-942EE54D661F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1031E646-F2CF-4A3E-8E6A-5D4BC950BEDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "130E50C1-D209-4CFF-9399-69D561340FBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F29948-9417-460B-8B04-D91AE4E8B423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A37D00C1-4F41-4400-9CE4-8E8BAA3E4142",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "093D08B7-CC3C-4616-8697-F15B253A7D9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E9CD8FEE-DE7B-47CB-9985-4092BFA071D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "A30B2D9E-F289-43C9-BFBC-1CEF284A417E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*",
"matchCriteriaId": "FE41CFDF-8ECD-41C1-94A7-5AFD42C5DDEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*",
"matchCriteriaId": "6AEAC9BA-AF82-4345-839C-D339DCB962A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:*",
"matchCriteriaId": "1EFE682F-52E3-48EC-A993-F522FC29712F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.15:*:*:*:*:*:*:*",
"matchCriteriaId": "840EE3AC-5293-4F33-9E2C-96A0A2534B02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.16:*:*:*:*:*:*:*",
"matchCriteriaId": "1C0FC407-96DB-425E-BB57-7A5BA839C37F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.17:*:*:*:*:*:*:*",
"matchCriteriaId": "D3839C81-3DAB-4E1D-9D95-BEFFD491F43D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.18:*:*:*:*:*:*:*",
"matchCriteriaId": "AC63A449-5D92-4F5F-8186-B58FFFBA54FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.19:*:*:*:*:*:*:*",
"matchCriteriaId": "F18236F6-2065-4A6A-93E7-FD90E650C689",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.20:*:*:*:*:*:*:*",
"matchCriteriaId": "DEFBA84A-A4E4-438B-B9B5-8549809DCECC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.21:*:*:*:*:*:*:*",
"matchCriteriaId": "146D3DC9-50F4-430B-B321-68ECE78879A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.22:*:*:*:*:*:*:*",
"matchCriteriaId": "1D5A7CA6-7653-46C5-8DF7-95584BF7A879",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.23:*:*:*:*:*:*:*",
"matchCriteriaId": "C5BA8300-2F4D-4C1E-8CCE-F45E8F3547A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.24:*:*:*:*:*:*:*",
"matchCriteriaId": "59A42F02-F363-4C13-BE83-19F757B84455",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.25:*:*:*:*:*:*:*",
"matchCriteriaId": "423ECD5F-5611-4D9A-8BE8-E4DC1527AF58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.26:*:*:*:*:*:*:*",
"matchCriteriaId": "44FE4648-22C5-44A6-A6DF-8B235EB7DEF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.27:*:*:*:*:*:*:*",
"matchCriteriaId": "23006CC4-85FB-48AF-8F3A-97BC3FD7FAF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.28:*:*:*:*:*:*:*",
"matchCriteriaId": "D6393D02-3968-4B0F-A2DE-61442E95DB32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "18BCA403-8F0F-4564-BE7E-1DE10408B54B",
"versionEndIncluding": "2.9.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2382042D-E28D-480C-9504-AC073E8A1C6C",
"versionEndIncluding": "5.4.44",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "18BCA403-8F0F-4564-BE7E-1DE10408B54B",
"versionEndIncluding": "2.9.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The xsl_ext_function_php function in ext/xsl/xsltprocessor.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13, when libxml2 before 2.9.2 is used, does not consider the possibility of a NULL valuePop return value before proceeding with a free operation after the principal argument loop, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted XML document, a different vulnerability than CVE-2015-6837."
},
{
"lang": "es",
"value": "La funci\u00f3n xsl_function_php en ext/xsl/xsl/xsltprocessor.c en PHP en versiones anteriores a 5.4.45, 5.5.x en versiones anteriores a 5.5.29 y 5.6.x en versiones anteriores a 5.6.13, cuando se utiliza libxml2 en versiones anteriores a 2.9.2, no considera la posibilidad de un retorno NULL valuePop antes de proceder a una operaci\u00f3n libre despues del bucle del argumento principal, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (referencia a puntero NULL y ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de un documento XML manipulado, una vulnerabilidad diferente a CVE-2015-6838."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/476.html\"\u003eCWE-476: NULL Pointer Dereference\u003c/a\u003e",
"id": "CVE-2015-6838",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-16T10:59:21.503",
"references": [
{
"source": "security@opentext.com",
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "security@opentext.com",
"url": "http://www.debian.org/security/2015/dsa-3358"
},
{
"source": "security@opentext.com",
"url": "http://www.securityfocus.com/bid/76733"
},
{
"source": "security@opentext.com",
"url": "http://www.securitytracker.com/id/1033548"
},
{
"source": "security@opentext.com",
"url": "https://bugs.php.net/bug.php?id=69782"
},
{
"source": "security@opentext.com",
"url": "https://security.gentoo.org/glsa/201606-10"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3358"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/76733"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1033548"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugs.php.net/bug.php?id=69782"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201606-10"
}
],
"sourceIdentifier": "security@opentext.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-02-13 23:28
Modified
2025-04-09 00:30
Severity ?
Summary
The WDDX deserializer in the wddx extension in PHP 5 before 5.2.1 and PHP 4 before 4.4.5 does not properly initialize the key_length variable for a numerical key, which allows context-dependent attackers to read stack memory via a wddxPacket element that contains a variable with a string name before a numerical variable.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FCAA3859-EAB8-4F6E-84FE-4DBBF9B1A251",
"versionEndExcluding": "4.4.5",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E8CF9623-B049-425F-ADC0-3E7E94E2F7A3",
"versionEndExcluding": "5.2.1",
"versionStartIncluding": "5.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EDBEC461-D553-41B7-8D85-20B6A933C21C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta_4_patch1:*:*:*:*:*:*",
"matchCriteriaId": "AEEF2298-98E8-409F-9205-84817CEF947B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "6AFC00BA-D64D-4407-AC69-FDD9FF013943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "D80F2A8B-B57F-4970-867A-55E8187C1502",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "EF4E0EFE-4FF6-4E8F-8EC5-68B059FC0C42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "49965B80-DC27-4864-BDF0-CBBFF16BFD80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8212495A-0F2A-4787-93F2-F6618F9A777B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:4.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "C6F0F8FC-C57A-4AEA-A59F-41140347318A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "0FA3A32E-445A-4D39-A8D5-75F5370AD23D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*",
"matchCriteriaId": "5C18C3CD-969B-4AA3-AE3A-BA4A188F8BFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "23E304C9-F780-4358-A58D-1E4C93977704",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The WDDX deserializer in the wddx extension in PHP 5 before 5.2.1 and PHP 4 before 4.4.5 does not properly initialize the key_length variable for a numerical key, which allows context-dependent attackers to read stack memory via a wddxPacket element that contains a variable with a string name before a numerical variable."
},
{
"lang": "es",
"value": "El deserializador WDDX en la extensi\u00f3n wddx en PHP versi\u00f3n 5 anterior a 5.2.1 y PHP versi\u00f3n 4 anterior a 4.4.5, no inicializa apropiadamente la variable key_length para una clave num\u00e9rica, lo que permite a los atacantes dependiendo del contexto leer la memoria de pila por medio de un elemento wddxPacket que contiene un variable con un nombre de cadena anterior a una variable num\u00e9rica."
}
],
"id": "CVE-2007-0908",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-02-13T23:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2007-Mar/0003.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://osvdb.org/32766"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2007-0089.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/24089"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/24195"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/24217"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/24236"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/24248"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/24284"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/24295"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/24322"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/24419"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/24421"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/24432"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/24514"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/24606"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/24642"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200703-21.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://securityreason.com/securityalert/2321"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-101.htm"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-136.htm"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:048"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.010.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.php-security.org/MOPB/MOPB-11-2007.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.php.net/ChangeLog-5.php#5.2.1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.php.net/releases/5_2_1.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0076.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0081.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0082.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0088.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/461462/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/22496"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/22806"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1017671"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.trustix.org/errata/2007/0009/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/usn-424-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/usn-424-2"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.us.debian.org/security/2007/dsa-1264"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/0546"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32493"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "https://issues.rpath.com/browse/RPL-1088"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11185"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2007-Mar/0003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://osvdb.org/32766"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2007-0089.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/24089"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/24195"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/24217"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/24236"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/24248"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/24284"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/24295"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/24322"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/24419"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/24421"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/24432"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/24514"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/24606"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/24642"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200703-21.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://securityreason.com/securityalert/2321"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-101.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-136.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:048"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.php-security.org/MOPB/MOPB-11-2007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.php.net/ChangeLog-5.php#5.2.1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.php.net/releases/5_2_1.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0076.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0081.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0082.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0088.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/461462/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/22496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/22806"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1017671"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.trustix.org/errata/2007/0009/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/usn-424-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/usn-424-2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.us.debian.org/security/2007/dsa-1264"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/0546"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32493"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://issues.rpath.com/browse/RPL-1088"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11185"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-08-07 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Integer overflow in the php_html_entities function in ext/standard/html.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering a large output string from the htmlspecialchars function.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.0 | |
| php | php | 5.6.1 | |
| php | php | 5.6.2 | |
| php | php | 5.6.3 | |
| php | php | 5.6.4 | |
| php | php | 5.6.5 | |
| php | php | 5.6.6 | |
| php | php | 5.6.7 | |
| php | php | 5.6.8 | |
| php | php | 5.6.9 | |
| php | php | 5.6.10 | |
| php | php | 5.6.11 | |
| php | php | 5.6.12 | |
| php | php | 5.6.13 | |
| php | php | 5.6.14 | |
| php | php | 5.6.15 | |
| php | php | 5.6.16 | |
| php | php | 5.6.17 | |
| php | php | 5.6.18 | |
| php | php | 5.6.19 | |
| php | php | 5.6.20 | |
| php | php | 5.6.21 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "44C85C39-7022-488D-8473-DB55CF456D7E",
"versionEndIncluding": "5.5.36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "5BF4E8FF-A3EC-43E8-A0C1-FD38AFCB77B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "54ADECFC-3C07-43BC-B296-6C25AC7F1C95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha3:*:*:*:*:*:*",
"matchCriteriaId": "FE192054-2FBB-4388-A52A-422E20DEA2D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha4:*:*:*:*:*:*",
"matchCriteriaId": "F0195D48-3B42-4AC0-B9C5-436E01C63879",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:alpha5:*:*:*:*:*:*",
"matchCriteriaId": "BF0E5D67-ABC1-41A5-94E1-7DD3CDB51D81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "319E0573-B1AD-40B6-B4BC-8BE67ED3EFDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "1A7C00EB-87B7-4EB7-A4AC-8665D8C78467",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "21BFCF10-786A-4D1E-9C37-50A1EC6056F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "95A6D6C8-5F46-4897-A0B0-778631E8CE6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F1F13E2D-A8F7-4B74-8D03-7905C81672C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE18933A-5FE6-41C7-B1B6-DA3E762C3FB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9AE1289F-03A6-4621-B387-5F5ADAC4AE92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "383697F5-D29E-475A-84F3-46B54A928889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "786ED182-5D71-4197-9196-12AB5CF05F85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF90980D-74AD-44AA-A7C5-A0B294CCE4F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "48D6B69C-8F27-4F4C-B953-67A7F9C2FBA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B53DC0C3-EA19-4465-B65A-BC7CDB10D8BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "BEA4DFC1-6C0C-42FB-9F47-E3E1AA9E47E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "D904E21A-4B3B-4D96-850C-0C0315F14E6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.11:*:*:*:*:*:*:*",
"matchCriteriaId": "C7CEF6D7-8966-45E7-BEBB-12055F5898C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.12:*:*:*:*:*:*:*",
"matchCriteriaId": "171C1035-414C-4F3A-90F4-1A8ED26E3346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.13:*:*:*:*:*:*:*",
"matchCriteriaId": "725BBA4E-B3BA-4AFA-A284-E0CDE3EC8FB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.14:*:*:*:*:*:*:*",
"matchCriteriaId": "F7793408-66A2-4DE7-B5AA-E49E8A2EE043",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.15:*:*:*:*:*:*:*",
"matchCriteriaId": "95840EC0-512D-468D-99B0-17E8CFDD6BE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.16:*:*:*:*:*:*:*",
"matchCriteriaId": "E1078D15-8073-4C04-82C2-3C8111E18B6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.17:*:*:*:*:*:*:*",
"matchCriteriaId": "1B2E5E0C-8DD7-4CF8-A7E7-28ED0FD8B0C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.18:*:*:*:*:*:*:*",
"matchCriteriaId": "3E6EE9E4-9D6E-4CCC-B116-6020DA6884BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.19:*:*:*:*:*:*:*",
"matchCriteriaId": "F9A23E37-8B94-440A-8014-389AC5389A19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.20:*:*:*:*:*:*:*",
"matchCriteriaId": "AD5E20AF-724B-4DBD-9AED-920375666B6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.21:*:*:*:*:*:*:*",
"matchCriteriaId": "FD008BBB-10C9-48E2-97B8-6B86B54FD48E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the php_html_entities function in ext/standard/html.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering a large output string from the htmlspecialchars function."
},
{
"lang": "es",
"value": "Desbordamiento de entero en la funci\u00f3n php_html_entities en ext/standard/html.c en PHP en versiones anteriores a 5.5.36 y 5.6.x en versiones anteriores a 5.6.22 permite a atacantes remotos provocar una denegaci\u00f3n de servicio o posiblemente tener otro impacto no especificado desencadenando una cadena de salida grande de la funci\u00f3n htmlspecialchars."
}
],
"id": "CVE-2016-5094",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-08-07T10:59:07.397",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Release Notes"
],
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2016/dsa-3602"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes"
],
"url": "http://www.openwall.com/lists/oss-security/2016/05/26/3"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/90857"
},
{
"source": "cve@mitre.org",
"url": "https://bugs.php.net/bug.php?id=72135"
},
{
"source": "cve@mitre.org",
"url": "https://github.com/php/php-src/commit/0da8b8b801f9276359262f1ef8274c7812d3dfda?w=1"
},
{
"source": "cve@mitre.org",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3602"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "http://www.openwall.com/lists/oss-security/2016/05/26/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/90857"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugs.php.net/bug.php?id=72135"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/php/php-src/commit/0da8b8b801f9276359262f1ef8274c7812d3dfda?w=1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-08-20 20:00
Modified
2025-04-11 00:51
Severity ?
Summary
The default session serializer in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 does not properly handle the PS_UNDEF_MARKER marker, which allows context-dependent attackers to modify arbitrary session variables via a crafted session variable name.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD02D837-FD28-4E0F-93F8-25E8D1C84A99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "88358D1E-BE6F-4CE3-A522-83D1FA4739E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D8B97B03-7DA7-4A5F-89B4-E78CAB20DE17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "86767200-6C9C-4C3E-B111-0E5BE61E197B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B00B416D-FF23-4C76-8751-26D305F0FA0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CCB6CDDD-70D3-4004-BCE0-8C4723076103",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A782CA26-9C38-40A8-92AE-D47B14D2FCE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1C0E7E2A-4770-4B68-B74C-5F5A6E1876DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "0892C89E-9389-4452-B7E0-981A763CD426",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "635F3CB1-B042-43CC-91AB-746098018D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E1F32DDF-17A3-45B5-9227-833EBEBD3923",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "2CDFB7E9-8510-430F-BFBC-FD811D60DC78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "79D5336A-14AA-483E-9CBE-A7B53120B925",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "3AADA875-E0EA-483A-A07E-2914FE969972",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9EF4B938-BB14-4C06-BEE9-10CA755C5DEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "981C922C-7A7D-473E-8C43-03AB62FB5B8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5D0CD11A-09C2-4C60-8F0C-68E55BD6EE63",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The default session serializer in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 does not properly handle the PS_UNDEF_MARKER marker, which allows context-dependent attackers to modify arbitrary session variables via a crafted session variable name."
},
{
"lang": "es",
"value": "El serializador de sesi\u00f3n por defecto en PHP v5.2 hasta v5.2.13 y v5.3 hasta v5.3.2 no maneja adecuadamente PS_UNDEF_MARKER marker, lo que permite dependiendo del contexto a atacantes modificar variables de sesi\u00f3n de su elecci\u00f3n a trav\u00e9s de un nombre de variable de sesi\u00f3n manipulado."
}
],
"id": "CVE-2010-3065",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-08-20T20:00:03.373",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://php-security.org/2010/05/31/mops-2010-060-php-session-serializer-session-data-injection-vulnerability/index.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/42410"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2010/dsa-2089"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0919.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2010/3081"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://php-security.org/2010/05/31/mops-2010-060-php-session-serializer-session-data-injection-vulnerability/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/42410"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2010/dsa-2089"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0919.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2010/3081"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-24 21:59
Modified
2025-04-20 01:37
Severity ?
Summary
Integer overflow in the phar_parse_pharfile function in ext/phar/phar.c in PHP before 5.6.30 and 7.0.x before 7.0.15 allows remote attackers to cause a denial of service (memory consumption or application crash) via a truncated manifest entry in a PHAR archive.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C73E784C-E707-4C48-B286-A4958D402DD7",
"versionEndIncluding": "5.6.29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A59822F-11EA-4F4D-9721-6D3DD9842FC8",
"versionEndExcluding": "7.0.15",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:7.1.0:-:*:*:*:*:*:*",
"matchCriteriaId": "CED53910-5DFB-44F6-B2A9-38518B245EEB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the phar_parse_pharfile function in ext/phar/phar.c in PHP before 5.6.30 and 7.0.x before 7.0.15 allows remote attackers to cause a denial of service (memory consumption or application crash) via a truncated manifest entry in a PHAR archive."
},
{
"lang": "es",
"value": "Desbordamiento de entero en la funci\u00f3n phar_parse_pharfile en ext/phar/phar.c en PHP en versiones anteriores a 5.6.30 y 7.0.x en versiones anteriores a 7.0.15 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (consumo de memoria o ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de una entrada de manifiesto truncado en un archivo PHAR."
}
],
"id": "CVE-2016-10159",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-24T21:59:00.180",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://php.net/ChangeLog-7.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3783"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95774"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037659"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1296"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://bugs.php.net/bug.php?id=73764"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/php/php-src/commit/ca46d0acbce55019b970fcd4c1e8a10edfdded93"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201702-29"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180112-0001/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/tns-2017-04"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://php.net/ChangeLog-7.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3783"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95774"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037659"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1296"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://bugs.php.net/bug.php?id=73764"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/php/php-src/commit/ca46d0acbce55019b970fcd4c1e8a10edfdded93"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201702-29"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180112-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/tns-2017-04"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-16 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Multiple use-after-free vulnerabilities in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 allow remote attackers to execute arbitrary code via vectors related to (1) the Serializable interface, (2) the SplObjectStorage class, and (3) the SplDoublyLinkedList class, which are mishandled during unserialization.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| php | php | 5.5.0 | |
| php | php | 5.5.1 | |
| php | php | 5.5.2 | |
| php | php | 5.5.3 | |
| php | php | 5.5.4 | |
| php | php | 5.5.5 | |
| php | php | 5.5.6 | |
| php | php | 5.5.7 | |
| php | php | 5.5.8 | |
| php | php | 5.5.9 | |
| php | php | 5.5.10 | |
| php | php | 5.5.11 | |
| php | php | 5.5.12 | |
| php | php | 5.5.13 | |
| php | php | 5.5.14 | |
| php | php | 5.5.15 | |
| php | php | 5.5.16 | |
| php | php | 5.5.17 | |
| php | php | 5.5.18 | |
| php | php | 5.5.19 | |
| php | php | 5.5.20 | |
| php | php | 5.5.21 | |
| php | php | 5.5.22 | |
| php | php | 5.5.23 | |
| php | php | 5.5.24 | |
| php | php | 5.5.25 | |
| php | php | 5.5.26 | |
| php | php | 5.5.27 | |
| php | php | 5.5.28 | |
| php | php | 5.6.0 | |
| php | php | 5.6.1 | |
| php | php | 5.6.2 | |
| php | php | 5.6.3 | |
| php | php | 5.6.4 | |
| php | php | 5.6.5 | |
| php | php | 5.6.6 | |
| php | php | 5.6.7 | |
| php | php | 5.6.8 | |
| php | php | 5.6.9 | |
| php | php | 5.6.10 | |
| php | php | 5.6.11 | |
| php | php | 5.6.12 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2382042D-E28D-480C-9504-AC073E8A1C6C",
"versionEndIncluding": "5.4.44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9F6D9B19-E64D-4BED-9194-17460CE19E6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F644EA6C-50C6-4A1C-A4AC-287AA9477B46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4DD47F30-74F5-48E8-8657-C2373FE2BD22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0C09527B-6B47-41F8-BDE6-01C47E452286",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2E454D87-23CB-4D7F-90FE-942EE54D661F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1031E646-F2CF-4A3E-8E6A-5D4BC950BEDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "130E50C1-D209-4CFF-9399-69D561340FBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F29948-9417-460B-8B04-D91AE4E8B423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A37D00C1-4F41-4400-9CE4-8E8BAA3E4142",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "093D08B7-CC3C-4616-8697-F15B253A7D9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E9CD8FEE-DE7B-47CB-9985-4092BFA071D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "A30B2D9E-F289-43C9-BFBC-1CEF284A417E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.12:*:*:*:*:*:*:*",
"matchCriteriaId": "FE41CFDF-8ECD-41C1-94A7-5AFD42C5DDEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.13:*:*:*:*:*:*:*",
"matchCriteriaId": "6AEAC9BA-AF82-4345-839C-D339DCB962A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.14:*:*:*:*:*:*:*",
"matchCriteriaId": "1EFE682F-52E3-48EC-A993-F522FC29712F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.15:*:*:*:*:*:*:*",
"matchCriteriaId": "840EE3AC-5293-4F33-9E2C-96A0A2534B02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.16:*:*:*:*:*:*:*",
"matchCriteriaId": "1C0FC407-96DB-425E-BB57-7A5BA839C37F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.17:*:*:*:*:*:*:*",
"matchCriteriaId": "D3839C81-3DAB-4E1D-9D95-BEFFD491F43D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.18:*:*:*:*:*:*:*",
"matchCriteriaId": "AC63A449-5D92-4F5F-8186-B58FFFBA54FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.19:*:*:*:*:*:*:*",
"matchCriteriaId": "F18236F6-2065-4A6A-93E7-FD90E650C689",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.20:*:*:*:*:*:*:*",
"matchCriteriaId": "DEFBA84A-A4E4-438B-B9B5-8549809DCECC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.21:*:*:*:*:*:*:*",
"matchCriteriaId": "146D3DC9-50F4-430B-B321-68ECE78879A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.22:*:*:*:*:*:*:*",
"matchCriteriaId": "1D5A7CA6-7653-46C5-8DF7-95584BF7A879",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.23:*:*:*:*:*:*:*",
"matchCriteriaId": "C5BA8300-2F4D-4C1E-8CCE-F45E8F3547A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.24:*:*:*:*:*:*:*",
"matchCriteriaId": "59A42F02-F363-4C13-BE83-19F757B84455",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.25:*:*:*:*:*:*:*",
"matchCriteriaId": "423ECD5F-5611-4D9A-8BE8-E4DC1527AF58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.26:*:*:*:*:*:*:*",
"matchCriteriaId": "44FE4648-22C5-44A6-A6DF-8B235EB7DEF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.27:*:*:*:*:*:*:*",
"matchCriteriaId": "23006CC4-85FB-48AF-8F3A-97BC3FD7FAF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.5.28:*:*:*:*:*:*:*",
"matchCriteriaId": "D6393D02-3968-4B0F-A2DE-61442E95DB32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CE65D0D4-CB56-4946-AB44-2EF554602A96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F1F13E2D-A8F7-4B74-8D03-7905C81672C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE18933A-5FE6-41C7-B1B6-DA3E762C3FB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9AE1289F-03A6-4621-B387-5F5ADAC4AE92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "383697F5-D29E-475A-84F3-46B54A928889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "786ED182-5D71-4197-9196-12AB5CF05F85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF90980D-74AD-44AA-A7C5-A0B294CCE4F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "48D6B69C-8F27-4F4C-B953-67A7F9C2FBA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B53DC0C3-EA19-4465-B65A-BC7CDB10D8BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "BEA4DFC1-6C0C-42FB-9F47-E3E1AA9E47E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "D904E21A-4B3B-4D96-850C-0C0315F14E6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.11:*:*:*:*:*:*:*",
"matchCriteriaId": "C7CEF6D7-8966-45E7-BEBB-12055F5898C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:php:php:5.6.12:*:*:*:*:*:*:*",
"matchCriteriaId": "171C1035-414C-4F3A-90F4-1A8ED26E3346",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple use-after-free vulnerabilities in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 allow remote attackers to execute arbitrary code via vectors related to (1) the Serializable interface, (2) the SplObjectStorage class, and (3) the SplDoublyLinkedList class, which are mishandled during unserialization."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de uso despu\u00e9s de liberaci\u00f3n de memoria en PHP en versiones anteriores a 5.4.45, 5.5.x en versiones anteriores a 5.5.29 y 5.6.x en versiones anteriores a 5.6.13 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores relacionados con (1) la interfaz Serializable, (2) la clase SplObjectStorage y (3) la clase SplDoublyLinkedList, que no es correctamente manejado durante la deserializaci\u00f3n."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/502.html\"\u003eCWE-502: Deserialization of Untrusted Data\u003c/a\u003e",
"id": "CVE-2015-6834",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-16T10:59:18.427",
"references": [
{
"source": "security@opentext.com",
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "security@opentext.com",
"url": "http://www.debian.org/security/2015/dsa-3358"
},
{
"source": "security@opentext.com",
"url": "http://www.securityfocus.com/bid/76649"
},
{
"source": "security@opentext.com",
"url": "http://www.securitytracker.com/id/1033548"
},
{
"source": "security@opentext.com",
"url": "https://bugs.php.net/bug.php?id=70172"
},
{
"source": "security@opentext.com",
"url": "https://bugs.php.net/bug.php?id=70365"
},
{
"source": "security@opentext.com",
"url": "https://bugs.php.net/bug.php?id=70366"
},
{
"source": "security@opentext.com",
"url": "https://security.gentoo.org/glsa/201606-10"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://php.net/ChangeLog-5.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3358"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/76649"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1033548"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugs.php.net/bug.php?id=70172"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugs.php.net/bug.php?id=70365"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugs.php.net/bug.php?id=70366"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201606-10"
}
],
"sourceIdentifier": "security@opentext.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-12-31 02:59
Modified
2025-04-12 10:46
Severity ?
Summary
The apprentice_load function in libmagic/apprentice.c in the Fileinfo component in PHP through 5.6.4 attempts to perform a free operation on a stack-based character array, which allows remote attackers to cause a denial of service (memory corruption or application crash) or possibly have unspecified other impact via unknown vectors. NOTE: this is disputed by the vendor because the standard erealloc behavior makes the free operation unreachable
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A68BE296-46AA-42D2-B71F-F41F0AD0B039",
"versionEndIncluding": "5.6.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The apprentice_load function in libmagic/apprentice.c in the Fileinfo component in PHP through 5.6.4 attempts to perform a free operation on a stack-based character array, which allows remote attackers to cause a denial of service (memory corruption or application crash) or possibly have unspecified other impact via unknown vectors. NOTE: this is disputed by the vendor because the standard erealloc behavior makes the free operation unreachable"
},
{
"lang": "es",
"value": "** DISPUTADA ** La funci\u00f3n apprentice_load en libmagic/apprentice.c en el componente Fileinfo en PHP hasta 5.6.4 intenta realizar una operaci\u00f3n libre sobre un array de caracteres basado en pila, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria o ca\u00edda de la aplicaci\u00f3n) o posiblemente tener otro impacto no especificado a trav\u00e9s de vectores desconocidos. NOTA: esto lo disputa el proveedor porque el comportamiento erealloc est\u00e1ndar hace que la operaci\u00f3n libre sea inalcanzable."
}
],
"id": "CVE-2014-9426",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2014-12-31T02:59:01.217",
"references": [
{
"source": "cve@mitre.org",
"url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=a72cd07f2983dc43a6bb35209dc4687852e53c09"
},
{
"source": "cve@mitre.org",
"url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=ef89ab2f99fbd9b7b714556d4f1f50644eb54191"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00079.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=68665"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=a72cd07f2983dc43a6bb35209dc4687852e53c09"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=ef89ab2f99fbd9b7b714556d4f1f50644eb54191"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00079.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://bugs.php.net/bug.php?id=68665"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-17"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-03-10 22:19
Modified
2025-04-09 00:30
Severity ?
Summary
Stack-based buffer overflow in the zip:// URL wrapper in PECL ZIP 1.8.3 and earlier, as bundled with PHP 5.2.0 and 5.2.1, allows remote attackers to execute arbitrary code via a long zip:// URL, as demonstrated by actively triggering URL access from a remote PHP interpreter via avatar upload or blog pingback.
References