CVSS: 6.8EPSS: 1%CPEs: 7EXPL: 7CVE-2010-3870 – PHP 5.3.2 - 'xml_utf8_decode()' UTF-8 Input Validation
https://notcve.org/view.php?id=CVE-2010-3870
12 Nov 2010 — The utf8_decode function in PHP before 5.3.4 does not properly handle non-shortest form UTF-8 encoding and ill-formed subsequences in UTF-8 data, which makes it easier for remote attackers to bypass cross-site scripting (XSS) and SQL injection protection mechanisms via a crafted string. La función utf8_decode en PHP anterior v5.3.4 no maneja adecuadamente la codificación UTF-8 corta y las secuencias malformadas en los datos UTF-8, lo que hace fácil para los atacantes remotos superar los mecanismos de protec... • https://www.exploit-db.com/exploits/34950 • CWE-20: Improper Input Validation CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.3EPSS: 1%CPEs: 5EXPL: 4CVE-2010-4156 – PHP 5.3.x - 'mb_strcut()' Information Disclosure
https://notcve.org/view.php?id=CVE-2010-4156
10 Nov 2010 — The mb_strcut function in Libmbfl 1.1.0, as used in PHP 5.3.x through 5.3.3, allows context-dependent attackers to obtain potentially sensitive information via a large value of the third parameter (aka the length parameter). La función mb_strcut en Libmbfl v1.1.0, como el usado en PHP v5.3.x hasta v5.3.3, permite a atacantes dependientes del contexto obtener información potencialmente sensible a través de un valor largo del tercer parámetro (también conocido como parametro length. • https://www.exploit-db.com/exploits/34979 • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 2CVE-2010-3709 – PHP 5.3.3/5.2.14 - ZipArchive::getArchiveComment Null Pointer Dereference
https://notcve.org/view.php?id=CVE-2010-3709
08 Nov 2010 — The ZipArchive::getArchiveComment function in PHP 5.2.x through 5.2.14 and 5.3.x through 5.3.3 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ZIP archive. La función ZipArchive::getArchiveCommen en PHP v5.2.x hasta v5.2.14 y v5.3.3 hasta v5.3.x permite a atacantes dependientes de contexto para provocar una denegación de servicio (desreferencia a puntero NULL y caída de la aplicación) a través de un archivo ZIP manipulado. • https://www.exploit-db.com/exploits/15431 • CWE-20: Improper Input Validation CWE-476: NULL Pointer Dereference •
CVSS: 9.1EPSS: 2%CPEs: 7EXPL: 0CVE-2010-3436
https://notcve.org/view.php?id=CVE-2010-3436
08 Nov 2010 — fopen_wrappers.c in PHP 5.3.x through 5.3.3 might allow remote attackers to bypass open_basedir restrictions via vectors related to the length of a filename. fopen_wrappers.c en PHP v5.3.x hasta v5.3.3 podría permitir a atacantes remotos evitar las restricciones open_basedir a través de vectores relativos a la longitud del nombre de usuario. • http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 7%CPEs: 19EXPL: 1CVE-2010-3710 – php: DoS in filter_var() via long email string
https://notcve.org/view.php?id=CVE-2010-3710
25 Oct 2010 — Stack consumption vulnerability in the filter_var function in PHP 5.2.x through 5.2.14 and 5.3.x through 5.3.3, when FILTER_VALIDATE_EMAIL mode is used, allows remote attackers to cause a denial of service (memory consumption and application crash) via a long e-mail address string. Vulnerabilidad de consumo de pila en la función filter_var en PHP v5.2.x hasta v5.2.14 y v5.3.x hasta v5.3.3, cuando está activado el modo FILTER_VALIDATE_EMAIL, permite a atacantes remotos provocar una denegación de servicio (co... • http://bugs.php.net/bug.php?id=52929 • CWE-399: Resource Management Errors •
CVSS: 9.1EPSS: 0%CPEs: 4EXPL: 1CVE-2010-2950 – php: Format string flaw in phar extension via phar_stream_flush() (MOPS-2010-024)
https://notcve.org/view.php?id=CVE-2010-2950
28 Sep 2010 — Format string vulnerability in stream.c in the phar extension in PHP 5.3.x through 5.3.3 allows context-dependent attackers to obtain sensitive information (memory contents) and possibly execute arbitrary code via a crafted phar:// URI that is not properly handled by the phar_stream_flush function, leading to errors in the php_stream_wrapper_log_error function. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-2094. Vulnerabilidad de formato de cadena en stream.c en la extensión phar... • http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html • CWE-134: Use of Externally-Controlled Format String •
CVSS: 9.8EPSS: 1%CPEs: 4EXPL: 0CVE-2010-2531 – php: information leak vulnerability in var_export()
https://notcve.org/view.php?id=CVE-2010-2531
20 Aug 2010 — The var_export function in PHP 5.2 before 5.2.14 and 5.3 before 5.3.3 flushes the output buffer to the user when certain fatal errors occur, even if display_errors is off, which allows remote attackers to obtain sensitive information by causing the application to exceed limits for memory, execution time, or recursion. La función var_export en PHP v5.2 anterior a v5.2.14 y v5.3 anterior a v5.3.3 vacía el búfer de salida para el usuario cuando se producen ciertos errores graves, incluso cuando display_errors ... • http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.1EPSS: 0%CPEs: 3EXPL: 0CVE-2010-3062
https://notcve.org/view.php?id=CVE-2010-3062
20 Aug 2010 — mysqlnd_wireprotocol.c in the Mysqlnd extension in PHP 5.3 through 5.3.2 allows remote attackers to (1) read sensitive memory via a modified length value, which is not properly handled by the php_mysqlnd_ok_read function; or (2) trigger a heap-based buffer overflow via a modified length value, which is not properly handled by the php_mysqlnd_rset_header_read function. mysqlnd_wireprotocol.c en la extensión Mysqlnd en PHP v5.3 hasta v5.3.2 permite a atacantes remotos (1)leer memoria sensible a através de un ... • http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2010-3063
https://notcve.org/view.php?id=CVE-2010-3063
20 Aug 2010 — The php_mysqlnd_read_error_from_line function in the Mysqlnd extension in PHP 5.3 through 5.3.2 does not properly calculate a buffer length, which allows context-dependent attackers to trigger a heap-based buffer overflow via crafted inputs that cause a negative length value to be used. La función php_mysqlnd_read_error_from_line en la extensión Mysqlnd en PHP v5.3 hasta v5.3.2 no calcula adecuadamente la longitud del búfer, lo que permite a atacantes dependiendo del contexto desencadenar un desbordamiento ... • http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2010-3064
https://notcve.org/view.php?id=CVE-2010-3064
20 Aug 2010 — Stack-based buffer overflow in the php_mysqlnd_auth_write function in the Mysqlnd extension in PHP 5.3 through 5.3.2 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long (1) username or (2) database name argument to the (a) mysql_connect or (b) mysqli_connect function. Desbordamiento de búfer basado en pila en la función php_mysqlnd_auth_write en la extensión Mysqlnd en PHP v5.3 hasta v5.3.2 permite dependiendo del contexto a atacantes provoc... • http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •