CVSS: 9.8EPSS: 0%CPEs: 16EXPL: 1CVE-2010-1868
https://notcve.org/view.php?id=CVE-2010-1868
07 May 2010 — The (1) sqlite_single_query and (2) sqlite_array_query functions in ext/sqlite/sqlite.c in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allow context-dependent attackers to execute arbitrary code by calling these functions with an empty SQL query, which triggers access of uninitialized memory. Las funciones (1) sqlite_single_query y (2) sqlite_array_query en ext/sqlite/sqlite.c en PHP v5.2 hasta v5.2.13 y 5.3 hasta v5.3.2 permiten a atacantes, dependiendo del contexto, ejecutar código de su elección mediant... • http://php-security.org/2010/05/07/mops-2010-012-php-sqlite_single_query-uninitialized-memory-usage-vulnerability/index.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.1EPSS: 0%CPEs: 16EXPL: 1CVE-2010-1860
https://notcve.org/view.php?id=CVE-2010-1860
07 May 2010 — The html_entity_decode function in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to obtain sensitive information (memory contents) or trigger memory corruption by causing a userspace interruption of an internal call, related to the call time pass by reference feature. La función html_entity_decode en PHP v5.2 hasta v5.2.13 y v5.3 hasta v5.3.2 permite a atacantes dependiendo del contexto obtener información sensible (contenido de memoria) o provocar una corrupción de memoria... • http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 16EXPL: 1CVE-2010-1862
https://notcve.org/view.php?id=CVE-2010-1862
07 May 2010 — The chunk_split function in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to obtain sensitive information (memory contents) by causing a userspace interruption of an internal function, related to the call time pass by reference feature. La función chunk_split en PHP v5.2 hasta v5.2.13 y v5.3 hasta v5.3.2 permite a atacantes dependiendo del contexto obtener información sensible (contenido de memoria) provocando una interrupción del espacio de usuario de una función interna, ... • http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 16EXPL: 1CVE-2010-1864
https://notcve.org/view.php?id=CVE-2010-1864
07 May 2010 — The addcslashes function in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to obtain sensitive information (memory contents) by causing a userspace interruption of an internal function, related to the call time pass by reference feature. La función addcslashes en PHP v5.2 hasta v5.2.13 y v5.3 hasta v5.3.2 permite a atacantes dependiendo del contexto obtener información sensible (contenido de memoria) provocando una interrupción de espacio de usuario en una función interna, r... • http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 3%CPEs: 7EXPL: 2CVE-2010-1866 – PHP 5.3 - 'PHP_dechunk()' HTTP Chunked Encoding Integer Overflow
https://notcve.org/view.php?id=CVE-2010-1866
07 May 2010 — The dechunk filter in PHP 5.3 through 5.3.2, when decoding an HTTP chunked encoding stream, allows context-dependent attackers to cause a denial of service (crash) and possibly trigger memory corruption via a negative chunk size, which bypasses a signed comparison, related to an integer overflow in the chunk size decoder. El filtro dechunk en PHP 5.3 hasta v.5.3.2, cuando se decodifica un cadena HTTP fragmentada, permite a atacantes depediendo del contexto provocar una denegación de servicio (caída) y posib... • https://www.exploit-db.com/exploits/33920 • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.1EPSS: 0%CPEs: 16EXPL: 1CVE-2010-1861
https://notcve.org/view.php?id=CVE-2010-1861
07 May 2010 — The sysvshm extension for PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to write to arbitrary memory addresses by using an object's __sleep function to interrupt an internal call to the shm_put_var function, which triggers access of a freed resource. La extensión sysvshm para PHP v5.2 hasta v5.2.13 y v5.3 hasta v5.3.2 permite a atacantes dependiendo del contexto escribir sobre direcciones de memoria de su elección utilizando un objeto función _sleep para interrumpir una lla... • http://php-security.org/2010/05/05/mops-2010-009-php-shm_put_var-already-freed-resource-access-vulnerability/index.html • CWE-399: Resource Management Errors •
CVSS: 9.1EPSS: 1%CPEs: 35EXPL: 2CVE-2010-1130 – PHP 5.3.1 - 'session_save_path() Safe_mode()' Restriction Bypass Exploiot
https://notcve.org/view.php?id=CVE-2010-1130
26 Mar 2010 — session.c in the session extension in PHP before 5.2.13, and 5.3.1, does not properly interpret ; (semicolon) characters in the argument to the session_save_path function, which allows context-dependent attackers to bypass open_basedir and safe_mode restrictions via an argument that contains multiple ; characters in conjunction with a .. (dot dot). session.c en la extesión session en PHP anteriores a v5.2.13, y v5.3.1, no interpreta de forma adecuada los carácteres ";" en el argumento sobre la función sessi... • https://www.exploit-db.com/exploits/33625 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.3EPSS: 3%CPEs: 1EXPL: 4CVE-2010-0397 – PHP 5.3.2 'xmlrpc' Extension - Multiple Remote Denial of Service Vulnerabilities
https://notcve.org/view.php?id=CVE-2010-0397
16 Mar 2010 — The xmlrpc extension in PHP 5.3.1 does not properly handle a missing methodName element in the first argument to the xmlrpc_decode_request function, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) and possibly have unspecified other impact via a crafted argument. La extensión xmlrpc en PHP v5.3.1 no maneja adecuadamente el elemento methodName perdido en el primer argumento de la función xmlrpc_decode, lo que permite a atacantes dependien... • https://www.exploit-db.com/exploits/33755 • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 38EXPL: 0CVE-2009-4418
https://notcve.org/view.php?id=CVE-2009-4418
24 Dec 2009 — The unserialize function in PHP 5.3.0 and earlier allows context-dependent attackers to cause a denial of service (resource consumption) via a deeply nested serialized variable, as demonstrated by a string beginning with a:1: followed by many {a:1: sequences. La función deserializada (unserialize) en PHP 5.3.0 y anteriores permite a atacantes dependientes del contexto causar una denegación de servicio (consumo de recursos) a través una variables anidadas profundamente, como queda demostrada con una cadena i... • http://www.suspekt.org/2009/11/28/shocking-news-in-php-exploitation • CWE-189: Numeric Errors •
CVSS: 7.5EPSS: 1%CPEs: 110EXPL: 4CVE-2009-2626 – PHP 5.2.10/5.3.0 - 'ini_restore()' Memory Information Disclosure
https://notcve.org/view.php?id=CVE-2009-2626
01 Dec 2009 — The zend_restore_ini_entry_cb function in zend_ini.c in PHP 5.3.0, 5.2.10, and earlier versions allows context-specific attackers to obtain sensitive information (memory contents) and cause a PHP crash by using the ini_set function to declare a variable, then using the ini_restore function to restore the variable. La función zend_restore_ini_entry_cb en zend_ini.c en PHP v5.3.0, v5.2.10, y anteriores permite a atacantes dependientes del contexto conseguir información sensible (contenidos de memoria) y produ... • https://www.exploit-db.com/exploits/10296 •