Vulnerabilities > PHP > PHP > 5.2.4
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-05-07 | CVE-2008-2108 | Insufficient Entropy vulnerability in multiple products The GENERATE_SEED macro in PHP 4.x before 4.4.8 and 5.x before 5.2.5, when running on 64-bit systems, performs a multiplication that generates a portion of zero bits during conversion due to insufficient precision, which produces 24 bits of entropy and simplifies brute force attacks against protection mechanisms that use the rand and mt_rand functions. | 9.8 |
2008-05-07 | CVE-2008-2107 | Numeric Errors vulnerability in PHP The GENERATE_SEED macro in PHP 4.x before 4.4.8 and 5.x before 5.2.5, when running on 32-bit systems, performs a multiplication using values that can produce a zero seed in rare circumstances, which allows context-dependent attackers to predict subsequent values of the rand and mt_rand functions and possibly bypass protection mechanisms that rely on an unknown initial seed. | 7.5 |
2008-05-05 | CVE-2008-2051 | Multiple vulnerability in PHP 5.2.5 and Prior Versions The escapeshellcmd API function in PHP before 5.2.6 has unknown impact and context-dependent attack vectors related to "incomplete multibyte chars." | 10.0 |
2008-05-05 | CVE-2008-0599 | Incorrect Calculation of Buffer Size vulnerability in multiple products The init_request_info function in sapi/cgi/cgi_main.c in PHP before 5.2.6 does not properly consider operator precedence when calculating the length of PATH_TRANSLATED, which might allow remote attackers to execute arbitrary code via a crafted URI. | 9.8 |
2008-03-27 | CVE-2008-1384 | Numeric Errors vulnerability in PHP Integer overflow in PHP 5.2.5 and earlier allows context-dependent attackers to cause a denial of service and possibly have unspecified other impact via a printf format parameter with a large width specifier, related to the php_sprintf_appendstring function in formatted_print.c and probably other functions for formatted strings (aka *printf functions). | 5.0 |
2008-01-25 | CVE-2007-4850 | Permissions, Privileges, and Access Controls vulnerability in PHP 5.2.4/5.2.5 curl/interface.c in the cURL library (aka libcurl) in PHP 5.2.4 and 5.2.5 allows context-dependent attackers to bypass safe_mode and open_basedir restrictions and read arbitrary files via a file:// request containing a \x00 sequence, a different vulnerability than CVE-2006-2563. | 5.0 |
2007-11-20 | CVE-2007-6039 | Improper Input Validation vulnerability in PHP PHP 5.2.5 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long string in (1) the domain parameter to the dgettext function, the message parameter to the (2) dcgettext or (3) gettext function, the msgid1 parameter to the (4) dngettext or (5) ngettext function, or (6) the classname parameter to the stream_wrapper_register function. | 2.1 |
2007-11-20 | CVE-2007-5899 | Information Exposure vulnerability in PHP The output_add_rewrite_var function in PHP before 5.2.5 rewrites local forms in which the ACTION attribute references a non-local URL, which allows remote attackers to obtain potentially sensitive information by reading the requests for this URL, as demonstrated by a rewritten form containing a local session ID. | 4.3 |
2007-11-20 | CVE-2007-5900 | Permissions, Privileges, and Access Controls vulnerability in PHP PHP before 5.2.5 allows local users to bypass protection mechanisms configured through php_admin_value or php_admin_flag in httpd.conf by using ini_set to modify arbitrary configuration variables, a different issue than CVE-2006-4625. | 6.9 |
2007-11-20 | CVE-2007-5898 | Unspecified vulnerability in PHP The (1) htmlentities and (2) htmlspecialchars functions in PHP before 5.2.5 accept partial multibyte sequences, which has unknown impact and attack vectors, a different issue than CVE-2006-5465. | 6.4 |