Vulnerabilities > PHP > PHP > 1.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-05-09 | CVE-2007-1864 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Buffer overflow in the bundled libxmlrpc library in PHP before 4.4.7, and 5.x before 5.2.2, has unknown impact and remote attack vectors. | 7.5 |
2007-04-30 | CVE-2007-2369 | Directory Traversal vulnerability in PHP Directory traversal vulnerability in picture.php in WebSPELL 4.01.02 and earlier, when PHP before 4.3.0 is used, allows remote attackers to read arbitrary files via a .. | 5.0 |
2007-03-20 | CVE-2007-1521 | Unspecified vulnerability in PHP Double free vulnerability in PHP before 4.4.7, and 5.x before 5.2.2, allows context-dependent attackers to execute arbitrary code by interrupting the session_regenerate_id function, as demonstrated by calling a userspace error handler or triggering a memory limit violation. network php | 6.8 |
2007-03-16 | CVE-2007-1484 | Unspecified vulnerability in PHP The array_user_key_compare function in PHP 4.4.6 and earlier, and 5.x up to 5.2.1, makes erroneous calls to zval_dtor, which triggers memory corruption and allows local users to bypass safe_mode and execute arbitrary code via a certain unset operation after array_user_key_compare has been called. | 4.6 |
2007-03-16 | CVE-2007-1475 | Remote Buffer Overflow vulnerability in PHP Interbase Extension Multiple buffer overflows in the (1) ibase_connect and (2) ibase_pconnect functions in the interbase extension in PHP 4.4.6 and earlier allow context-dependent attackers to execute arbitrary code via a long argument. | 5.4 |
2007-03-14 | CVE-2007-1461 | Permissions, Privileges, and Access Controls vulnerability in PHP The compress.bzip2:// URL wrapper provided by the bz2 extension in PHP before 4.4.7, and 5.x before 5.2.2, does not implement safemode or open_basedir checks, which allows remote attackers to read bzip2 archives located outside of the intended directories. | 7.8 |
2007-03-14 | CVE-2007-1460 | Permissions, Privileges, and Access Controls vulnerability in PHP The zip:// URL wrapper provided by the PECL zip extension in PHP before 4.4.7, and 5.2.0 and 5.2.1, does not implement safemode or open_basedir checks, which allows remote attackers to read ZIP archives located outside of the intended directories. | 5.0 |
2007-03-12 | CVE-2007-1413 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in PHP Buffer overflow in the snmpget function in the snmp extension in PHP 5.2.3 and earlier, including PHP 4.4.6 and probably other PHP 4 versions, allows context-dependent attackers to execute arbitrary code via a long value in the third argument (object id). | 7.5 |
2007-03-10 | CVE-2007-1411 | Local Buffer Overflow vulnerability in PHP MSSQL_Connect Buffer overflow in PHP 4.4.6 and earlier, and unspecified PHP 5 versions, allows local and possibly remote attackers to execute arbitrary code via long server name arguments to the (1) mssql_connect and (2) mssql_pconnect functions. network php | 6.8 |
2007-03-10 | CVE-2007-1375 | Integer Overflow vulnerability in PHP 5 Substr_Compare Integer overflow in the substr_compare function in PHP 5.2.1 and earlier allows context-dependent attackers to read sensitive memory via a large value in the length argument, a different vulnerability than CVE-2006-1991. | 5.0 |