Vulnerabilities > PHP > PHP > 5.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-06-20 | CVE-2008-2666 | Path Traversal vulnerability in PHP Multiple directory traversal vulnerabilities in PHP 5.2.6 and earlier allow context-dependent attackers to bypass safe_mode restrictions by creating a subdirectory named http: and then placing ../ (dot dot slash) sequences in an http URL argument to the (1) chdir or (2) ftok function. | 5.0 |
2007-05-24 | CVE-2007-2844 | Authentication Bypass vulnerability in PHP Crypt Function PHP 4.x and 5.x before 5.2.1, when running on multi-threaded systems, does not ensure thread safety for libc crypt function calls using protection schemes such as a mutex, which creates race conditions that allow remote attackers to overwrite internal program memory and gain system access. | 9.3 |
2007-05-09 | CVE-2007-2511 | Unspecified vulnerability in PHP Buffer overflow in the user_filter_factory_create function in PHP before 5.2.2 has unknown impact and local attack vectors. | 7.2 |
2007-05-09 | CVE-2007-2510 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in PHP Buffer overflow in the make_http_soap_request function in PHP before 5.2.2 has unknown impact and remote attack vectors, possibly related to "/" (slash) characters. | 5.1 |
2007-05-09 | CVE-2007-2509 | Improper Input Validation vulnerability in PHP CRLF injection vulnerability in the ftp_putcmd function in PHP before 4.4.7, and 5.x before 5.2.2 allows remote attackers to inject arbitrary FTP commands via CRLF sequences in the parameters to earlier FTP commands. | 2.6 |
2007-04-06 | CVE-2007-1890 | Integer Overflow vulnerability in PHP Msg_Receive() Memory Allocation Integer overflow in the msg_receive function in PHP 4 before 4.4.5 and PHP 5 before 5.2.1, on FreeBSD and possibly other platforms, allows context-dependent attackers to execute arbitrary code via certain maxsize values, as demonstrated by 0xffffffff. | 7.5 |
2007-04-06 | CVE-2007-1888 | Unspecified vulnerability in PHP Buffer overflow in the sqlite_decode_binary function in src/encode.c in SQLite 2, as used by PHP 4.x through 5.x and other applications, allows context-dependent attackers to execute arbitrary code via an empty value of the in parameter. | 7.5 |
2007-04-06 | CVE-2007-1885 | Integer Overflow vulnerability in PHP Str_Replace() Integer overflow in the str_replace function in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 allows context-dependent attackers to execute arbitrary code via a single character search string in conjunction with a long replacement string, which overflows a 32 bit length counter. | 7.5 |
2007-04-06 | CVE-2007-1884 | Format String vulnerability in PHP Printf() Function 64bit Casting Multiple integer signedness errors in the printf function family in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 on 64 bit machines allow context-dependent attackers to execute arbitrary code via (1) certain negative argument numbers that arise in the php_formatted_print function because of 64 to 32 bit truncation, and bypass a check for the maximum allowable value; and (2) a width and precision of -1, which make it possible for the php_sprintf_appendstring function to place an internal buffer at an arbitrary memory location. | 6.8 |
2007-04-06 | CVE-2007-1883 | Denial-Of-Service vulnerability in PHP PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows context-dependent attackers to read arbitrary memory locations via an interruption that triggers a user space error handler that changes a parameter to an arbitrary pointer, as demonstrated via the iptcembed function, which calls certain convert_to_* functions with its input parameters. | 7.8 |