CVSS: 7.5EPSS: 0%CPEs: 20EXPL: 0CVE-2014-2020 – Ubuntu Security Notice USN-2126-1
https://notcve.org/view.php?id=CVE-2014-2020
18 Feb 2014 — ext/gd/gd.c in PHP 5.5.x before 5.5.9 does not check data types, which might allow remote attackers to obtain sensitive information by using a (1) string or (2) array data type in place of a numeric data type, as demonstrated by an imagecrop function call with a string for the x dimension value, a different vulnerability than CVE-2013-7226. ext/gd/gd.c en PHP 5.5.x anterior a 5.5.9 no comprueba tipos de datos, lo que podría permitir a atacantes remotos obtener información sensible mediante el uso de (1) una... • http://www.ubuntu.com/usn/USN-2126-1 • CWE-189: Numeric Errors •
CVSS: 9.1EPSS: 0%CPEs: 21EXPL: 0CVE-2013-7328 – Ubuntu Security Notice USN-2126-1
https://notcve.org/view.php?id=CVE-2013-7328
18 Feb 2014 — Multiple integer signedness errors in the gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 allow remote attackers to cause a denial of service (application crash) or obtain sensitive information via an imagecrop function call with a negative value for the (1) x or (2) y dimension, a different vulnerability than CVE-2013-7226. Múltiples errores de signo de enteros en la función gdImageCrop en ext/gd/gd.c en PHP 5.5.x anterior a 5.5.9 permiten a atacantes remotos causar una denegación de servicio... • http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=8f4a5373bb71590352fd934028d6dde5bc18530b • CWE-189: Numeric Errors •
CVSS: 5.5EPSS: 3%CPEs: 9EXPL: 0CVE-2014-1943 – file: unrestricted recursion in handling of indirect type rules
https://notcve.org/view.php?id=CVE-2014-1943
18 Feb 2014 — Fine Free file before 5.17 allows context-dependent attackers to cause a denial of service (infinite recursion, CPU consumption, and crash) via a crafted indirect offset value in the magic of a file. Fine Free File anterior a 5.17 permite a atacantes dependientes de contexto causar una denegación de servicio (recursión infinita, consumo de CPU y caída) a través de un valor manipulado de desplazamiento indirecto en el "magic" de un archivo. A denial of service flaw was found in the way the File Information (... • http://lists.opensuse.org/opensuse-updates/2014-03/msg00034.html • CWE-755: Improper Handling of Exceptional Conditions CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 9.1EPSS: 0%CPEs: 112EXPL: 0CVE-2012-1171
https://notcve.org/view.php?id=CVE-2012-1171
15 Feb 2014 — The libxml RSHUTDOWN function in PHP 5.x allows remote attackers to bypass the open_basedir protection mechanism and read arbitrary files via vectors involving a stream_close method call during use of a custom stream wrapper. La función libxml RSHUTDOWN en PHP 5.x permite a atacantes remotos evadir el mecanismo de protección de open_basedir y leer archivos arbitrarios a través de vectores que incolucran la llamada del método stream_close durante el uso de un "wrapper" de transmisión personalizado. • https://bugs.php.net/bug.php?id=61367 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 4%CPEs: 20EXPL: 0CVE-2013-7226 – Ubuntu Security Notice USN-2126-1
https://notcve.org/view.php?id=CVE-2013-7226
13 Feb 2014 — Integer overflow in the gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an imagecrop function call with a large x dimension value, leading to a heap-based buffer overflow. Desbordamiento de enteros en la función gdImageCrop en ext/gd/gd.c en PHP 5.5.x anterior a 5.5.9 permite a atacantes remotos causar una denegación de servicio (caída de aplicación) o posiblemente tener otro ... • http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=8f4a5373bb71590352fd934028d6dde5bc18530b • CWE-189: Numeric Errors •
CVSS: 7.5EPSS: 95%CPEs: 81EXPL: 3CVE-2013-6420 – PHP - 'openssl_x509_parse()' Memory Corruption
https://notcve.org/view.php?id=CVE-2013-6420
11 Dec 2013 — The asn1_time_to_time_t function in ext/openssl/openssl.c in PHP before 5.3.28, 5.4.x before 5.4.23, and 5.5.x before 5.5.7 does not properly parse (1) notBefore and (2) notAfter timestamps in X.509 certificates, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate that is not properly handled by the openssl_x509_parse function. La función asn1_time_to_time_t en ext / openssl / openssl.c en PHP anterior a 5.3.28, 5.4.x aterior a 5... • https://packetstorm.news/files/id/124436 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.1EPSS: 6%CPEs: 15EXPL: 0CVE-2013-6712 – php: heap-based buffer over-read in DateInterval
https://notcve.org/view.php?id=CVE-2013-6712
28 Nov 2013 — The scan function in ext/date/lib/parse_iso_intervals.c in PHP through 5.5.6 does not properly restrict creation of DateInterval objects, which might allow remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted interval specification. La función de análisis en ext/date/lib/parse_iso_intervals.c de PHP hasta la versión 5.5.6 no restringe adecuadamente la creación de objetos DateInterval, lo que podría permitir a atacantes remotos provocar una denegación de servicio (desbord... • http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=12fe4e90be7bfa2a763197079f68f5568a14e071 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 6.1EPSS: 1%CPEs: 4EXPL: 2CVE-2007-1287 – PHP 4.4.3 < 4.4.6 - 'PHPinfo()' Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2007-1287
06 Mar 2007 — A regression error in the phpinfo function in PHP 4.4.3 to 4.4.6, and PHP 6.0 in CVS, allows remote attackers to conduct cross-site scripting (XSS) attacks via GET, POST, or COOKIE array values, which are not escaped in the phpinfo output, as originally fixed for CVE-2005-3388. Un error de regresión en la función phpinfo de PHP 4.4.3 a 4.4.6, y PHP 6.0 en CVS, permite a atacantes remotos llevar a cabo ataques de secuencias de comandos en sitios cruzados (XSS) mediante valores en los vectores GET, POST, o CO... • https://www.exploit-db.com/exploits/3405 •
CVSS: 9.3EPSS: 2%CPEs: 85EXPL: 0CVE-2006-3017
https://notcve.org/view.php?id=CVE-2006-3017
14 Jun 2006 — zend_hash_del_key_or_index in zend_hash.c in PHP before 4.4.3 and 5.x before 5.1.3 can cause zend_hash_del to delete the wrong element, which prevents a variable from being unset even when the PHP unset function is called, which might cause the variable's value to be used in security-relevant operations. • ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U •