Vulnerabilities > PHP > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-11-09 | CVE-2010-3436 | Permissions, Privileges, and Access Controls vulnerability in multiple products fopen_wrappers.c in PHP 5.3.x through 5.3.3 might allow remote attackers to bypass open_basedir restrictions via vectors related to the length of a filename. | 5.0 |
2010-10-25 | CVE-2010-3710 | Resource Management Errors vulnerability in PHP Stack consumption vulnerability in the filter_var function in PHP 5.2.x through 5.2.14 and 5.3.x through 5.3.3, when FILTER_VALIDATE_EMAIL mode is used, allows remote attackers to cause a denial of service (memory consumption and application crash) via a long e-mail address string. | 4.3 |
2010-09-28 | CVE-2010-2950 | USE of Externally-Controlled Format String vulnerability in PHP Format string vulnerability in stream.c in the phar extension in PHP 5.3.x through 5.3.3 allows context-dependent attackers to obtain sensitive information (memory contents) and possibly execute arbitrary code via a crafted phar:// URI that is not properly handled by the phar_stream_flush function, leading to errors in the php_stream_wrapper_log_error function. | 6.8 |
2010-08-20 | CVE-2010-2484 | Information Exposure vulnerability in PHP The strrchr function in PHP 5.2 before 5.2.14 allows context-dependent attackers to obtain sensitive information (memory contents) or trigger memory corruption by causing a userspace interruption of an internal function or handler. | 5.0 |
2010-08-20 | CVE-2010-3065 | Permissions, Privileges, and Access Controls vulnerability in PHP The default session serializer in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 does not properly handle the PS_UNDEF_MARKER marker, which allows context-dependent attackers to modify arbitrary session variables via a crafted session variable name. | 5.0 |
2010-08-20 | CVE-2010-3064 | Buffer Errors vulnerability in PHP 5.3.0/5.3.1/5.3.2 Stack-based buffer overflow in the php_mysqlnd_auth_write function in the Mysqlnd extension in PHP 5.3 through 5.3.2 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long (1) username or (2) database name argument to the (a) mysql_connect or (b) mysqli_connect function. | 6.8 |
2010-08-20 | CVE-2010-3063 | Buffer Errors vulnerability in PHP 5.3.0/5.3.1/5.3.2 The php_mysqlnd_read_error_from_line function in the Mysqlnd extension in PHP 5.3 through 5.3.2 does not properly calculate a buffer length, which allows context-dependent attackers to trigger a heap-based buffer overflow via crafted inputs that cause a negative length value to be used. | 5.0 |
2010-08-20 | CVE-2010-3062 | Information Exposure vulnerability in PHP 5.3.0/5.3.1/5.3.2 mysqlnd_wireprotocol.c in the Mysqlnd extension in PHP 5.3 through 5.3.2 allows remote attackers to (1) read sensitive memory via a modified length value, which is not properly handled by the php_mysqlnd_ok_read function; or (2) trigger a heap-based buffer overflow via a modified length value, which is not properly handled by the php_mysqlnd_rset_header_read function. | 5.0 |
2010-06-08 | CVE-2010-2191 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in PHP The (1) parse_str, (2) preg_match, (3) unpack, and (4) pack functions; the (5) ZEND_FETCH_RW, (6) ZEND_CONCAT, and (7) ZEND_ASSIGN_CONCAT opcodes; and the (8) ArrayObject::uasort method in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allow context-dependent attackers to obtain sensitive information (memory contents) or trigger memory corruption by causing a userspace interruption of an internal function or handler. | 6.4 |
2010-06-08 | CVE-2010-2190 | Information Exposure vulnerability in PHP The (1) trim, (2) ltrim, (3) rtrim, and (4) substr_replace functions in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allow context-dependent attackers to obtain sensitive information (memory contents) by causing a userspace interruption of an internal function, related to the call time pass by reference feature. | 5.0 |