Vulnerabilities > PHP > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-02 | CVE-2005-0525 | Unspecified vulnerability in PHP The php_next_marker function in image.c for PHP 4.2.2, 4.3.9, 4.3.10 and 5.0.3, as reachable by the getimagesize PHP function, allows remote attackers to cause a denial of service (infinite loop) via a JPEG image with an invalid marker value, which causes a negative length value to be passed to php_stream_seek. | 5.0 |
| 2005-05-02 | CVE-2005-0524 | Unspecified vulnerability in PHP The php_handle_iff function in image.c for PHP 4.2.2, 4.3.9, 4.3.10 and 5.0.3, as reachable by the getimagesize PHP function, allows remote attackers to cause a denial of service (infinite loop) via a -8 size value. | 5.0 |
| 2005-04-14 | CVE-2005-1043 | exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion. | 5.0 |
| 2005-01-10 | CVE-2004-1020 | Remote vulnerability in PHP The addslashes function in PHP 4.3.9 does not properly escape a NULL (/0) character, which may allow remote attackers to read arbitrary files in PHP applications that contain a directory traversal vulnerability in require or include statements, but are otherwise protected by the magic_quotes_gpc mechanism. | 5.0 |
| 2004-12-31 | CVE-2004-1392 | Unspecified vulnerability in PHP PHP 4.0 with cURL functions allows remote attackers to bypass the open_basedir setting and read arbitrary files via a file: URL argument to the curl_init function. | 5.0 |
| 2004-11-03 | CVE-2004-0958 | Unspecified vulnerability in PHP php_variables.c in PHP before 5.0.2 allows remote attackers to read sensitive memory contents via (1) GET, (2) POST, or (3) COOKIE GPC variables that end in an open bracket character, which causes PHP to calculate an incorrect string length. | 5.0 |
| 2004-07-27 | CVE-2004-0595 | The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\0) characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web browsers such as Internet Explorer and Safari, which ignore null characters and facilitate the exploitation of cross-site scripting (XSS) vulnerabilities. | 6.8 |
| 2003-12-31 | CVE-2003-1303 | Denial-Of-Service vulnerability in PHP 4.3.0/4.3.1/4.3.2 Buffer overflow in the imap_fetch_overview function in the IMAP functionality (php_imap.c) in PHP before 4.3.3 allows remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a long e-mail address in a (1) To or (2) From header. | 5.0 |
| 2003-12-31 | CVE-2003-1302 | Denial-Of-Service vulnerability in PHP The IMAP functionality in PHP before 4.3.1 allows remote attackers to cause a denial of service via an e-mail message with a (1) To or (2) From header with an address that contains a large number of "\" (backslash) characters. | 5.0 |
| 2003-07-24 | CVE-2003-0442 | Cross-Site Scripting vulnerability in PHP Transparent Session ID Cross-site scripting (XSS) vulnerability in the transparent SID support capability for PHP before 4.3.2 (session.use_trans_sid) allows remote attackers to insert arbitrary script via the PHPSESSID parameter. | 4.3 |