CVSS: 9.8EPSS: 48%CPEs: 10EXPL: 1CVE-2011-4566 – php: integer overflow in exif_process_IFD_TAG() may lead to DoS or arbitrary memory disclosure
https://notcve.org/view.php?id=CVE-2011-4566
29 Nov 2011 — Integer overflow in the exif_process_IFD_TAG function in exif.c in the exif extension in PHP 5.4.0beta2 on 32-bit platforms allows remote attackers to read the contents of arbitrary memory locations or cause a denial of service via a crafted offset_val value in an EXIF header in a JPEG file, a different vulnerability than CVE-2011-0708. Un desbordamiento de entero en la función exif_process_IFD_TAG en el fichero exif.c de la extensión exif de PHP v5.4.0 beta2 en las plataformas de 32 bits permite a atacante... • http://lists.apple.com/archives/security-announce/2012/May/msg00001.html • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 1%CPEs: 105EXPL: 0CVE-2011-3267
https://notcve.org/view.php?id=CVE-2011-3267
25 Aug 2011 — PHP before 5.3.7 does not properly implement the error_log function, which allows context-dependent attackers to cause a denial of service (application crash) via unspecified vectors. PHP antes de v5.3.7 no aplica correctamente la función error_log, lo que permite a atacantes dependientes del contexto provocar una denegación de servicio (caída de aplicación) a través de vectores no especificados. • http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html • CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 1%CPEs: 105EXPL: 0CVE-2011-3268
https://notcve.org/view.php?id=CVE-2011-3268
25 Aug 2011 — Buffer overflow in the crypt function in PHP before 5.3.7 allows context-dependent attackers to have an unspecified impact via a long salt argument, a different vulnerability than CVE-2011-2483. Desbordamiento de búfer en la función de cifrado en PHP antes de v5.3.7, permite a atacantes dependientes de contexto tener un impacto no especificado a través de un argumento "long salt", una vulnerabilidad diferente a CVE-2011-2483. • http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 1%CPEs: 6EXPL: 0CVE-2011-2483 – crypt_blowfish: 8-bit character mishandling allows different password pairs to produce the same hash
https://notcve.org/view.php?id=CVE-2011-2483
25 Aug 2011 — crypt_blowfish before 1.1, as used in PHP before 5.3.7 on certain platforms, PostgreSQL before 8.4.9, and other products, does not properly handle 8-bit characters, which makes it easier for context-dependent attackers to determine a cleartext password by leveraging knowledge of a password hash. crypt_blowfish en versiones anteriores a 1.1, como se utiliza en PHP en versiones anteriores a 5.3.7 en ciertas plataformas, PostgreSQL en versiones anteriores a 8.4.9 y otros productos, no maneja adecuadamente cara... • http://freshmeat.net/projects/crypt_blowfish • CWE-310: Cryptographic Issues •
CVSS: 7.5EPSS: 1%CPEs: 105EXPL: 5CVE-2011-3182 – PHP < 5.3.7 - Multiple Null Pointer Dereference Denial of Service Vulnerabilities
https://notcve.org/view.php?id=CVE-2011-3182
25 Aug 2011 — PHP before 5.3.7 does not properly check the return values of the malloc, calloc, and realloc library functions, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) or trigger a buffer overflow by leveraging the ability to provide an arbitrary value for a function argument, related to (1) ext/curl/interface.c, (2) ext/date/lib/parse_date.c, (3) ext/date/lib/parse_iso_intervals.c, (4) ext/date/lib/parse_tz.c, (5) ext/date/lib/timelib.c, (6) e... • https://www.exploit-db.com/exploits/36070 •
CVSS: 7.5EPSS: 8%CPEs: 72EXPL: 2CVE-2011-2202 – PHP 5.3.6 - Security Bypass
https://notcve.org/view.php?id=CVE-2011-2202
16 Jun 2011 — The rfc1867_post_handler function in main/rfc1867.c in PHP before 5.3.7 does not properly restrict filenames in multipart/form-data POST requests, which allows remote attackers to conduct absolute path traversal attacks, and possibly create or overwrite arbitrary files, via a crafted upload request, related to a "file path injection vulnerability." La función rfc1867_post_handler en main/rfc1867.c en PHP anterior a v5.3.7 no restringe correctamente los nombres de archivo en solicitudes POST multipart/form-d... • https://www.exploit-db.com/exploits/35855 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 1%CPEs: 4EXPL: 3CVE-2011-1938 – PHP 5.3.5 - 'socket_connect()' Local Buffer Overflow
https://notcve.org/view.php?id=CVE-2011-1938
31 May 2011 — Stack-based buffer overflow in the socket_connect function in ext/sockets/sockets.c in PHP 5.3.3 through 5.3.6 might allow context-dependent attackers to execute arbitrary code via a long pathname for a UNIX socket. Desbordamiento de búfer basado en pila en la función socket_connect en ext/sockets/sockets.c en PHP v5.3.3 a v5.3.6 podría permitir a atacantes dependientes de contexto ejecutar código de su elección a través de una ruta larga para un socket UNIX. • https://www.exploit-db.com/exploits/17318 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVSS: 7.5EPSS: 2%CPEs: 110EXPL: 1CVE-2011-1464
https://notcve.org/view.php?id=CVE-2011-1464
20 Mar 2011 — Buffer overflow in the strval function in PHP before 5.3.6, when the precision configuration option has a large value, might allow context-dependent attackers to cause a denial of service (application crash) via a small numerical value in the argument. Desbordamiento de búfer en la función strval en PHP anterior a v5.3.6, cuando la opción de configuración de precisión tiene un valor grande, podría permitir a atacantes dependiendo del contexto provocar una denegación de servicio (caída de la aplicación) a tr... • http://bugs.php.net/bug.php?id=54055 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 2%CPEs: 110EXPL: 1CVE-2011-1466 – php: Crash by converting serial day numbers (SDN) into Julian calendar
https://notcve.org/view.php?id=CVE-2011-1466
20 Mar 2011 — Integer overflow in the SdnToJulian function in the Calendar extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (application crash) via a large integer in the first argument to the cal_from_jd function. Desbordamiento de enteros en la función SdnToJulian en la extensión CAlendar en PHP anterior a v5.3.6 permite a atacantes dependientes de contexto provocar una denegación de servicio (caída de la aplicación) a través de un entero largo en el primer argumento a la fu... • http://bugs.php.net/bug.php?id=53574 • CWE-189: Numeric Errors •
CVSS: 7.5EPSS: 14%CPEs: 110EXPL: 4CVE-2011-0708 – PHP 'Exif' Extension - 'exif_read_data()' Remote Denial of Service
https://notcve.org/view.php?id=CVE-2011-0708
20 Mar 2011 — exif.c in the Exif extension in PHP before 5.3.6 on 64-bit platforms performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) via an image with a crafted Image File Directory (IFD) that triggers a buffer over-read. exif.c en la extensión Exif en PHP anterior a v5.3.6 en plataformas de 64 bits realiza una asociación incorrecta, lo que permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación) a través de una imagen con una Image ... • https://www.exploit-db.com/exploits/16261 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •