Vulnerabilities > Zend > Zend Platform
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-03-09 | CVE-2007-1370 | Unspecified vulnerability in Zend Platform 2.2.1A Zend Platform 2.2.3 and earlier has incorrect ownership for scd.sh and certain other files, which allows local users to gain root privileges by modifying the files. | 6.2 |
| 2007-03-09 | CVE-2007-1369 | Unspecified vulnerability in Zend Platform ini_modifier (sgid-zendtech) in Zend Platform 2.2.3 and earlier allows local users to modify the system php.ini file by editing a copy of php.ini file using the -f parameter, and then performing a symlink attack using the directory that contains the attacker-controlled php.ini file, and linking this directory to /usr/local/Zend/etc. local zend | 4.4 |
| 2006-08-29 | CVE-2006-4432 | Directory Traversal vulnerability in Zend Platform Directory traversal vulnerability in Zend Platform 2.2.1 and earlier allows remote attackers to overwrite arbitrary files via a .. | 7.5 |
| 2006-08-29 | CVE-2006-4431 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Zend Platform Multiple buffer overflows in the (a) Session Clustering Daemon and the (b) mod_cluster module in the Zend Platform 2.2.1 and earlier allow remote attackers to cause a denial of service (crash) or execute arbitrary code via a (1) empty or (2) crafted PHP session identifier (PHPSESSID). | 7.5 |