CVSS: 9.1EPSS: 1%CPEs: 64EXPL: 0CVE-2008-4107 – WordPress Core < 2.6.2 - Cryptographic Weakness
https://notcve.org/view.php?id=CVE-2008-4107
08 Sep 2008 — The (1) rand and (2) mt_rand functions in PHP 5.2.6 do not produce cryptographically strong random numbers, which allows attackers to leverage exposures in products that rely on these functions for security-relevant functionality, as demonstrated by the password-reset functionality in Joomla! 1.5.x and WordPress before 2.6.2, a different vulnerability than CVE-2008-2107, CVE-2008-2108, and CVE-2008-4102. Las funciones (1) rand y (2) mt_rand en PHP 5.2.6 no producen criptográficamente fuertes números aleator... • http://marc.info/?l=oss-security&m=122152830017099&w=2 • CWE-189: Numeric Errors CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 9.8EPSS: 14%CPEs: 16EXPL: 1CVE-2008-3658 – php: buffer overflow in the imageloadfont function in gd extension
https://notcve.org/view.php?id=CVE-2008-3658
15 Aug 2008 — Buffer overflow in the imageloadfont function in ext/gd/gd.c in PHP 4.4.x before 4.4.9 and PHP 5.2 before 5.2.6-r6 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted font file. Un desbordamiento de búfer en la función imageloadfont en el archivo ext/gd/gd.c en PHP versiones 4.4.x anteriores a 4.4.9 y PHP versiones 5.2 anteriores a 5.2.6-r6, permite a los atacantes dependiendo del contexto causar una denegación de servicio (bloqueo) y pos... • http://bugs.gentoo.org/show_bug.cgi?id=234102 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 16%CPEs: 16EXPL: 0CVE-2008-3659
https://notcve.org/view.php?id=CVE-2008-3659
15 Aug 2008 — Buffer overflow in the memnstr function in PHP 4.4.x before 4.4.9 and PHP 5.6 through 5.2.6 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via the delimiter argument to the explode function. NOTE: the scope of this issue is limited since most applications would not use an attacker-controlled delimiter, but local attacks against safe_mode are feasible. Un desbordamiento de búfer en la función memnstr en versiones de PHP 4.4.x anteriores a 4.4.9 y e... • http://bugs.gentoo.org/show_bug.cgi?id=234102 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 5%CPEs: 16EXPL: 0CVE-2008-3660 – php: FastCGI module DoS via multiple dots preceding the extension
https://notcve.org/view.php?id=CVE-2008-3660
15 Aug 2008 — PHP 4.4.x before 4.4.9, and 5.x through 5.2.6, when used as a FastCGI module, allows remote attackers to cause a denial of service (crash) via a request with multiple dots preceding the extension, as demonstrated using foo..php. PHP 4.4.x en versiones anteriores a PHP 4.4.9 y 5.2.6 a través de 5.6, cuando se utiliza como un módulo FastCGI, permite a atacantes remotos provocar una denegación de servicio (con caida de la aplicación) a través de una solicitud con varios puntos precediendo a la extensión, como ... • http://bugs.gentoo.org/show_bug.cgi?id=234102 • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 4%CPEs: 11EXPL: 1CVE-2008-2371
https://notcve.org/view.php?id=CVE-2008-2371
07 Jul 2008 — Heap-based buffer overflow in pcre_compile.c in the Perl-Compatible Regular Expression (PCRE) library 7.7 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a regular expression that begins with an option and contains multiple branches. Desbordamiento de búfer basado en montículo en pcre_compile.c en la biblioteca Perl-Compatible Regular Expression (PCRE) 7.7, permite a atacantes dependientes del contexto provocar una denegación de servicio (caída)... • http://bugs.gentoo.org/show_bug.cgi?id=228091 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 13%CPEs: 7EXPL: 0CVE-2008-2829
https://notcve.org/view.php?id=CVE-2008-2829
23 Jun 2008 — php_imap.c in PHP 5.2.5, 5.2.6, 4.x, and other versions, uses obsolete API calls that allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long IMAP request, which triggers an "rfc822.c legacy routine buffer overflow" error message, related to the rfc822_write_address function. El archivo php_imap.c en PHP versiones 5.2.5, 5.2.6, 4.x y otras versiones, utiliza llamadas API obsoletas que permiten a los atacantes dependiendo del contexto causar una d... • http://bugs.php.net/bug.php?id=42862 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.1EPSS: 0%CPEs: 23EXPL: 1CVE-2008-2666 – PHP 5.2.6 - 'chdir()' Function http URL Argument Safe_mode Restriction Bypass
https://notcve.org/view.php?id=CVE-2008-2666
20 Jun 2008 — Multiple directory traversal vulnerabilities in PHP 5.2.6 and earlier allow context-dependent attackers to bypass safe_mode restrictions by creating a subdirectory named http: and then placing ../ (dot dot slash) sequences in an http URL argument to the (1) chdir or (2) ftok function. Múltiples vulnerabilidades de Salto de Directorio en PHP 5.2.6 permiten a los atacantes según contexto saltarse las restricciones safe_mode creando un subdirectorio denominado http: y colocando después secuencias ../ (punto pu... • https://www.exploit-db.com/exploits/31937 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.1EPSS: 1%CPEs: 25EXPL: 2CVE-2008-2107 – PHP 32 bit weak random seed
https://notcve.org/view.php?id=CVE-2008-2107
07 May 2008 — The GENERATE_SEED macro in PHP 4.x before 4.4.8 and 5.x before 5.2.5, when running on 32-bit systems, performs a multiplication using values that can produce a zero seed in rare circumstances, which allows context-dependent attackers to predict subsequent values of the rand and mt_rand functions and possibly bypass protection mechanisms that rely on an unknown initial seed. La macro GENERATE_SEED de PHP 4.x versiones anteriores a la 4.4.8 y 5.x versiones anteriores a la 5.2.5, cuando se ejecuta en sistemas ... • http://archives.neohapsis.com/archives/fulldisclosure/2008-05/0103.html • CWE-189: Numeric Errors •
CVSS: 9.8EPSS: 0%CPEs: 9EXPL: 2CVE-2008-2108 – PHP weak 64 bit random seed
https://notcve.org/view.php?id=CVE-2008-2108
07 May 2008 — The GENERATE_SEED macro in PHP 4.x before 4.4.8 and 5.x before 5.2.5, when running on 64-bit systems, performs a multiplication that generates a portion of zero bits during conversion due to insufficient precision, which produces 24 bits of entropy and simplifies brute force attacks against protection mechanisms that use the rand and mt_rand functions. La macro GENERATE_SEED de PHP 4.x versiones anteriores a la 4.4.8 y 5.x versiones anteriores a la 5.2.5, cuando se ejecuta en sistemas de 64 bits, realiza un... • http://archives.neohapsis.com/archives/fulldisclosure/2008-05/0103.html • CWE-331: Insufficient Entropy •
CVSS: 10.0EPSS: 70%CPEs: 9EXPL: 1CVE-2008-0599 – php: buffer overflow in a CGI path translation
https://notcve.org/view.php?id=CVE-2008-0599
05 May 2008 — The init_request_info function in sapi/cgi/cgi_main.c in PHP before 5.2.6 does not properly consider operator precedence when calculating the length of PATH_TRANSLATED, which might allow remote attackers to execute arbitrary code via a crafted URI. La función init_request_info en sapi/cgi/cgi_main.c en PHP en versiones anteriores a 5.2.6 no considera correctamente la precedencia del operador cuando calcula la longitud de PATH_TRANSLATED, lo que podrían permitir a atacantes remotos ejecutar código arbitrario... • http://cvs.php.net/viewvc.cgi/php-src/sapi/cgi/cgi_main.c?r1=1.267.2.15.2.50.2.12&r2=1.267.2.15.2.50.2.13&diff_format=u • CWE-131: Incorrect Calculation of Buffer Size •