CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 0CVE-2007-5900
https://notcve.org/view.php?id=CVE-2007-5900
20 Nov 2007 — PHP before 5.2.5 allows local users to bypass protection mechanisms configured through php_admin_value or php_admin_flag in httpd.conf by using ini_set to modify arbitrary configuration variables, a different issue than CVE-2006-4625. PHP anterior a 5.2.5 permite a usuarios locales evitar mecanismos de protección configurados a través de php_admin_value o php_admin_flag en httpd.conf con la utilización de ini_set para modificar variables de configuración de su elección, un asunto diferente que CVE-2006-4625... • http://bugs.php.net/bug.php?id=41561 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2007-5898 – php htmlentities/htmlspecialchars multibyte sequences
https://notcve.org/view.php?id=CVE-2007-5898
20 Nov 2007 — The (1) htmlentities and (2) htmlspecialchars functions in PHP before 5.2.5 accept partial multibyte sequences, which has unknown impact and attack vectors, a different issue than CVE-2006-5465. Las funciones (1) htmlentities y (2) htmlspecialchars en PHP anterior a 5.2.5 acepta secuencias multibyte parciales, lo cual tiene un impacto desconocido y vectores de ataque, un asunto diferente que CVE-2006-5465. • http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 1CVE-2007-5653 – PHP 5.x COM - Safe Mode / disable_functions Bypass
https://notcve.org/view.php?id=CVE-2007-5653
23 Oct 2007 — The Component Object Model (COM) functions in PHP 5.x on Windows do not follow safe_mode and disable_functions restrictions, which allows context-dependent attackers to bypass intended limitations, as demonstrated by executing objects with the kill bit set in the corresponding ActiveX control Compatibility Flags, executing programs via a function in compatUI.dll, invoking wscript.shell via wscript.exe, invoking Scripting.FileSystemObject via wshom.ocx, and adding users via a function in shgina.dll, related ... • https://www.exploit-db.com/exploits/4553 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 1CVE-2007-5447 – PHP 5.2.4 ionCube - 'ioncube_read_file' Safe Mode / disable_functions Bypass
https://notcve.org/view.php?id=CVE-2007-5447
14 Oct 2007 — ioncube_loader_win_5.2.dll in the ionCube Loader 6.5 extension for PHP 5.2.4 does not follow safe_mode and disable_functions restrictions, which allows context-dependent attackers to bypass intended limitations, as demonstrated by reading arbitrary files via the ioncube_read_file function. ioncube_loader_win_5.2.dll en la extensión ionCube Loader 6.5 para PHP 5.2.4 no sigue las restricciones safe_mode y disable_functions, lo cual permite a atacantes locales o remotos (dependiendo del contexto) evitar las li... • https://www.exploit-db.com/exploits/4517 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.1EPSS: 1%CPEs: 2EXPL: 0CVE-2007-4889
https://notcve.org/view.php?id=CVE-2007-4889
14 Sep 2007 — The MySQL extension in PHP 5.2.4 and earlier allows remote attackers to bypass safe_mode and open_basedir restrictions via the MySQL (1) LOAD_FILE, (2) INTO DUMPFILE, and (3) INTO OUTFILE functions, a different issue than CVE-2007-3997. La extensión MySQL de PHP 5.2.4 y versiones anteriores permite a atacantes remotos evitar las restricciones safe_mode y open_basedir mediante las funciones MySQL (1) LOAD_FILE, (2) INTO DUMPFILE, y (3) INTO OUTFILE, asunto diferente de CVE-2007-3997. • http://securityreason.com/securityalert/3134 •
CVSS: 7.5EPSS: 4%CPEs: 1EXPL: 0CVE-2007-4887
https://notcve.org/view.php?id=CVE-2007-4887
14 Sep 2007 — The dl function in PHP 5.2.4 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long string in the library parameter. NOTE: there are limited usage scenarios under which this would be a vulnerability. La función dl en PHP 5.2.4 y versiones anteriores permite a atacantes locales o remotos dependientes del contexto provocar una denegación de servicio (caída de aplicación) mediante una cadena larga en el parámetro library. NOTA. Existen escenarios de uso limit... • http://docs.info.apple.com/article.html?artnum=307562 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 5%CPEs: 1EXPL: 0CVE-2007-4840
https://notcve.org/view.php?id=CVE-2007-4840
12 Sep 2007 — PHP 5.2.4 and earlier allows context-dependent attackers to cause a denial of service (application crash) via (1) a long string in the out_charset parameter to the iconv function; or a long string in the charset parameter to the (2) iconv_mime_decode_headers, (3) iconv_mime_decode, or (4) iconv_strlen function. NOTE: this might not be a vulnerability in most web server environments that support multiple threads, unless these issues can be demonstrated for code execution. PHP 5.2.4 y anteriores permite a usu... • http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2007-4825
https://notcve.org/view.php?id=CVE-2007-4825
12 Sep 2007 — Directory traversal vulnerability in PHP 5.2.4 and earlier allows attackers to bypass open_basedir restrictions and possibly execute arbitrary code via a .. (dot dot) in the dl function. Vulnerabilidad de salto de directorio en PHP 5.2.4 y anteriores permite a los atacantes evitar restricciones open_basedir y posiblemente ejecutar código de su elección mediante un .. (punto punto) en la función dl. • http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 2%CPEs: 1EXPL: 0CVE-2007-4784
https://notcve.org/view.php?id=CVE-2007-4784
10 Sep 2007 — The setlocale function in PHP before 5.2.4 allows context-dependent attackers to cause a denial of service (application crash) via a long string in the locale parameter. NOTE: this might not be a vulnerability in most web server environments that support multiple threads, unless this issue can be demonstrated for code execution. La función setlocale en PHP anterior 5.2.4 permite a atacantes dependientes del contexto provocar denegación de servicio (caida de aplicación) a través de una cadena larga en el par... • http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 2%CPEs: 1EXPL: 1CVE-2007-4782 – php crash in glob() and fnmatch() functions
https://notcve.org/view.php?id=CVE-2007-4782
10 Sep 2007 — PHP before 5.2.3 allows context-dependent attackers to cause a denial of service (application crash) via (1) a long string in the pattern parameter to the glob function; or (2) a long string in the string parameter to the fnmatch function, accompanied by a pattern parameter value with undefined characteristics, as demonstrated by a "*[1]e" value. NOTE: this might not be a vulnerability in most web server environments that support multiple threads, unless these issues can be demonstrated for code execution. ... • http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •