CVSS: 7.5EPSS: 1%CPEs: 28EXPL: 0CVE-2011-4078
https://notcve.org/view.php?id=CVE-2011-4078
03 Nov 2011 — include/iniset.php in Roundcube Webmail 0.5.4 and earlier, when PHP 5.3.7 or 5.3.8 is used, allows remote attackers to trigger a GET request for an arbitrary URL, and cause a denial of service (resource consumption and inbox outage), via a Subject header containing only a URL, a related issue to CVE-2011-3379. inclinclude/iniset.php en Roundcube Webmail v0.5.4 y anteriores, cuando PHP v5.3.7 o v5.3.8 se utiliza, permite a atacantes remotos provocar una solicitud GET para una dirección arbitraria, y provocar... • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041 • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 1%CPEs: 105EXPL: 0CVE-2011-3267
https://notcve.org/view.php?id=CVE-2011-3267
25 Aug 2011 — PHP before 5.3.7 does not properly implement the error_log function, which allows context-dependent attackers to cause a denial of service (application crash) via unspecified vectors. PHP antes de v5.3.7 no aplica correctamente la función error_log, lo que permite a atacantes dependientes del contexto provocar una denegación de servicio (caída de aplicación) a través de vectores no especificados. • http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html • CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 1%CPEs: 105EXPL: 0CVE-2011-3268
https://notcve.org/view.php?id=CVE-2011-3268
25 Aug 2011 — Buffer overflow in the crypt function in PHP before 5.3.7 allows context-dependent attackers to have an unspecified impact via a long salt argument, a different vulnerability than CVE-2011-2483. Desbordamiento de búfer en la función de cifrado en PHP antes de v5.3.7, permite a atacantes dependientes de contexto tener un impacto no especificado a través de un argumento "long salt", una vulnerabilidad diferente a CVE-2011-2483. • http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 1%CPEs: 6EXPL: 0CVE-2011-2483 – crypt_blowfish: 8-bit character mishandling allows different password pairs to produce the same hash
https://notcve.org/view.php?id=CVE-2011-2483
25 Aug 2011 — crypt_blowfish before 1.1, as used in PHP before 5.3.7 on certain platforms, PostgreSQL before 8.4.9, and other products, does not properly handle 8-bit characters, which makes it easier for context-dependent attackers to determine a cleartext password by leveraging knowledge of a password hash. crypt_blowfish en versiones anteriores a 1.1, como se utiliza en PHP en versiones anteriores a 5.3.7 en ciertas plataformas, PostgreSQL en versiones anteriores a 8.4.9 y otros productos, no maneja adecuadamente cara... • http://freshmeat.net/projects/crypt_blowfish • CWE-310: Cryptographic Issues •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2011-3189
https://notcve.org/view.php?id=CVE-2011-3189
25 Aug 2011 — The crypt function in PHP 5.3.7, when the MD5 hash type is used, returns the value of the salt argument instead of the hashed string, which might allow remote attackers to bypass authentication via an arbitrary password, a different vulnerability than CVE-2011-2483. La función de cifrado en PHP v5.3.7, cuando el tipo de hash MD5 se utiliza, se devuelve el valor del argumento en vez de la cadena hash, lo que podría permitir a atacantes remotos evitar la autenticación a través de una contraseña arbitraria, un... • http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html • CWE-310: Cryptographic Issues •
CVSS: 7.5EPSS: 1%CPEs: 105EXPL: 5CVE-2011-3182 – PHP < 5.3.7 - Multiple Null Pointer Dereference Denial of Service Vulnerabilities
https://notcve.org/view.php?id=CVE-2011-3182
25 Aug 2011 — PHP before 5.3.7 does not properly check the return values of the malloc, calloc, and realloc library functions, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) or trigger a buffer overflow by leveraging the ability to provide an arbitrary value for a function argument, related to (1) ext/curl/interface.c, (2) ext/date/lib/parse_date.c, (3) ext/date/lib/parse_iso_intervals.c, (4) ext/date/lib/parse_tz.c, (5) ext/date/lib/timelib.c, (6) e... • https://www.exploit-db.com/exploits/36070 •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 2CVE-2011-1657
https://notcve.org/view.php?id=CVE-2011-1657
25 Aug 2011 — The (1) ZipArchive::addGlob and (2) ZipArchive::addPattern functions in ext/zip/php_zip.c in PHP 5.3.6 allow context-dependent attackers to cause a denial of service (application crash) via certain flags arguments, as demonstrated by (a) GLOB_ALTDIRFUNC and (b) GLOB_APPEND. Las funciones (1) ZipArchive::addGlob y (2) ZipArchive::addPattern en ext/zip/php_zip.c en PHP v5.3.6 permite a atacantes dependientes del contexto provocar una denegación de servicio (caída de la aplicación) a través de ciertos argument... • http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 8%CPEs: 72EXPL: 2CVE-2011-2202 – PHP 5.3.6 - Security Bypass
https://notcve.org/view.php?id=CVE-2011-2202
16 Jun 2011 — The rfc1867_post_handler function in main/rfc1867.c in PHP before 5.3.7 does not properly restrict filenames in multipart/form-data POST requests, which allows remote attackers to conduct absolute path traversal attacks, and possibly create or overwrite arbitrary files, via a crafted upload request, related to a "file path injection vulnerability." La función rfc1867_post_handler en main/rfc1867.c en PHP anterior a v5.3.7 no restringe correctamente los nombres de archivo en solicitudes POST multipart/form-d... • https://www.exploit-db.com/exploits/35855 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 1%CPEs: 4EXPL: 3CVE-2011-1938 – PHP 5.3.5 - 'socket_connect()' Local Buffer Overflow
https://notcve.org/view.php?id=CVE-2011-1938
31 May 2011 — Stack-based buffer overflow in the socket_connect function in ext/sockets/sockets.c in PHP 5.3.3 through 5.3.6 might allow context-dependent attackers to execute arbitrary code via a long pathname for a UNIX socket. Desbordamiento de búfer basado en pila en la función socket_connect en ext/sockets/sockets.c en PHP v5.3.3 a v5.3.6 podría permitir a atacantes dependientes de contexto ejecutar código de su elección a través de una ruta larga para un socket UNIX. • https://www.exploit-db.com/exploits/17318 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0CVE-2011-0441
https://notcve.org/view.php?id=CVE-2011-0441
29 Mar 2011 — The Debian GNU/Linux /etc/cron.d/php5 cron job for PHP 5.3.5 allows local users to delete arbitrary files via a symlink attack on a directory under /var/lib/php5/. La tarea de cron /etc/cron.d/php5 de Debian GNU/Linux para PHP 5.3.5 permite a usuarios locales eliminar ficheros de su elección a través de un ataque symlink en un directorio bajo /var/lib/php5/. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=618489 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •