CVSS: 9.8EPSS: 15%CPEs: 1EXPL: 1CVE-2012-0831 – php: PG(magic_quote_gpc) was not restored on shutdown
https://notcve.org/view.php?id=CVE-2012-0831
10 Feb 2012 — PHP before 5.3.10 does not properly perform a temporary change to the magic_quotes_gpc directive during the importing of environment variables, which makes it easier for remote attackers to conduct SQL injection attacks via a crafted request, related to main/php_variables.c, sapi/cgi/cgi_main.c, and sapi/fpm/fpm/fpm_main.c. PHP anterior a v5.3.10 no realizan de forma adecuada un cambio temporal a la directiva magic_quotes_gpc durante la importación de variables de entorno, lo que simplifica a atacantes remo... • http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html • CWE-20: Improper Input Validation •
CVSS: 9.1EPSS: 2%CPEs: 47EXPL: 0CVE-2012-0057 – php: XSLT file writing vulnerability
https://notcve.org/view.php?id=CVE-2012-0057
02 Feb 2012 — PHP before 5.3.9 has improper libxslt security settings, which allows remote attackers to create arbitrary files via a crafted XSLT stylesheet that uses the libxslt output extension. PHP en versiones anteriores a la 5.3.9 tiene configuraciones de seguridad libxslt inapropiadas, lo que permite a atacantes remotos crear ficheros arbitrarios a través de hojas de estilo XSLT que utilizan una extensión libxslt. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 89%CPEs: 45EXPL: 6CVE-2011-4885 – PHP 5.3.8 - Hashtables Denial of Service
https://notcve.org/view.php?id=CVE-2011-4885
30 Dec 2011 — PHP before 5.3.9 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters. PHP anterior a v5.3.9 calcula los valores hash de los parámetros de forma, sin restringir la capacidad de desencadenar colisiones hash predecible, lo que permite a atacantes remotos provocar una denegación de servicio (consumo de CPU) mediante el envío de gran cantidad... • https://packetstorm.news/files/id/180523 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 4%CPEs: 105EXPL: 0CVE-2011-3267
https://notcve.org/view.php?id=CVE-2011-3267
25 Aug 2011 — PHP before 5.3.7 does not properly implement the error_log function, which allows context-dependent attackers to cause a denial of service (application crash) via unspecified vectors. PHP antes de v5.3.7 no aplica correctamente la función error_log, lo que permite a atacantes dependientes del contexto provocar una denegación de servicio (caída de aplicación) a través de vectores no especificados. • http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html • CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 19%CPEs: 105EXPL: 0CVE-2011-3268
https://notcve.org/view.php?id=CVE-2011-3268
25 Aug 2011 — Buffer overflow in the crypt function in PHP before 5.3.7 allows context-dependent attackers to have an unspecified impact via a long salt argument, a different vulnerability than CVE-2011-2483. Desbordamiento de búfer en la función de cifrado en PHP antes de v5.3.7, permite a atacantes dependientes de contexto tener un impacto no especificado a través de un argumento "long salt", una vulnerabilidad diferente a CVE-2011-2483. • http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 6%CPEs: 6EXPL: 0CVE-2011-2483 – crypt_blowfish: 8-bit character mishandling allows different password pairs to produce the same hash
https://notcve.org/view.php?id=CVE-2011-2483
25 Aug 2011 — crypt_blowfish before 1.1, as used in PHP before 5.3.7 on certain platforms, PostgreSQL before 8.4.9, and other products, does not properly handle 8-bit characters, which makes it easier for context-dependent attackers to determine a cleartext password by leveraging knowledge of a password hash. crypt_blowfish en versiones anteriores a 1.1, como se utiliza en PHP en versiones anteriores a 5.3.7 en ciertas plataformas, PostgreSQL en versiones anteriores a 8.4.9 y otros productos, no maneja adecuadamente cara... • http://freshmeat.net/projects/crypt_blowfish • CWE-310: Cryptographic Issues •
CVSS: 7.5EPSS: 1%CPEs: 105EXPL: 5CVE-2011-3182 – PHP < 5.3.7 - Multiple Null Pointer Dereference Denial of Service Vulnerabilities
https://notcve.org/view.php?id=CVE-2011-3182
25 Aug 2011 — PHP before 5.3.7 does not properly check the return values of the malloc, calloc, and realloc library functions, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) or trigger a buffer overflow by leveraging the ability to provide an arbitrary value for a function argument, related to (1) ext/curl/interface.c, (2) ext/date/lib/parse_date.c, (3) ext/date/lib/parse_iso_intervals.c, (4) ext/date/lib/parse_tz.c, (5) ext/date/lib/timelib.c, (6) e... • https://www.exploit-db.com/exploits/36070 •
CVSS: 7.5EPSS: 9%CPEs: 72EXPL: 2CVE-2011-2202 – PHP 5.3.6 - Security Bypass
https://notcve.org/view.php?id=CVE-2011-2202
16 Jun 2011 — The rfc1867_post_handler function in main/rfc1867.c in PHP before 5.3.7 does not properly restrict filenames in multipart/form-data POST requests, which allows remote attackers to conduct absolute path traversal attacks, and possibly create or overwrite arbitrary files, via a crafted upload request, related to a "file path injection vulnerability." La función rfc1867_post_handler en main/rfc1867.c en PHP anterior a v5.3.7 no restringe correctamente los nombres de archivo en solicitudes POST multipart/form-d... • https://www.exploit-db.com/exploits/35855 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 11%CPEs: 110EXPL: 4CVE-2011-1468 – PHP < 5.3.6 'OpenSSL' Extension - 'openssl_decrypt' Ciphertext Data Memory Leak Denial of Service
https://notcve.org/view.php?id=CVE-2011-1468
20 Mar 2011 — Multiple memory leaks in the OpenSSL extension in PHP before 5.3.6 might allow remote attackers to cause a denial of service (memory consumption) via (1) plaintext data to the openssl_encrypt function or (2) ciphertext data to the openssl_decrypt function. Múltiples fugas de memoria en la extensión OpenSSL de PHP anteriores a v5.3.6 podría permitir a atacantes remotos provocar una denegación de servicio (consumo de memoria) a través de (1) datos en texto plano sobre la función openssl_encrypt o (2) Los dato... • https://www.exploit-db.com/exploits/35487 • CWE-399: Resource Management Errors CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.5EPSS: 8%CPEs: 2EXPL: 2CVE-2011-1471 – PHP < 5.3.6 'Zip' Extension - 'zip_fread()' Denial of Service
https://notcve.org/view.php?id=CVE-2011-1471
20 Mar 2011 — Integer signedness error in zip_stream.c in the Zip extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (CPU consumption) via a malformed archive file that triggers errors in zip_fread function calls. Error de entero sin signo en zip_stream.c en la extensión Zip en PHP anteriores a v5.3.6 permite a atacantes dependientes de contexto para provocar una denegación de servicio (consumo de CPU) a través de un archivo con formato incorrecto que provoca un error en la llam... • https://www.exploit-db.com/exploits/35485 • CWE-189: Numeric Errors •