CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2012-6113
https://notcve.org/view.php?id=CVE-2012-6113
19 Jan 2013 — The openssl_encrypt function in ext/openssl/openssl.c in PHP 5.3.9 through 5.3.13 does not initialize a certain variable, which allows remote attackers to obtain sensitive information from process memory by providing zero bytes of input data. La función openssl_encrypt en ext/openssl/openssl.c en PHP v5.3.9 hasta v5.3.13 no inicia una cierta variable, que permite ataques para obtener información de procesos en memoria proporcionando cero bytes de entrada. • http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=270a406ac94b5fc5cc9ef59fc61e3b4b95648a3e • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 2CVE-2012-5381 – IKE and AuthIP IPsec Keyring Modules Service (IKEEXT) - Missing DLL
https://notcve.org/view.php?id=CVE-2012-5381
11 Oct 2012 — Untrusted search path vulnerability in the installation functionality in PHP 5.3.17, when installed in the top-level C:\ directory, might allow local users to gain privileges via a Trojan horse DLL in the C:\PHP directory, which may be added to the PATH system environment variable by an administrator, as demonstrated by a Trojan horse wlbsctrl.dll file used by the "IKE and AuthIP IPsec Keying Modules" system service in Windows Vista SP1, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 Release Preview.... • https://www.exploit-db.com/exploits/28130 •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 1CVE-2012-4388
https://notcve.org/view.php?id=CVE-2012-4388
07 Sep 2012 — The sapi_header_op function in main/SAPI.c in PHP 5.4.0RC2 through 5.4.0 does not properly determine a pointer during checks for %0D sequences (aka carriage return characters), which allows remote attackers to bypass an HTTP response-splitting protection mechanism via a crafted URL, related to improper interaction between the PHP header function and certain browsers, as demonstrated by Internet Explorer and Google Chrome. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-1398. La func... • http://article.gmane.org/gmane.comp.php.devel/70584 • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 1%CPEs: 11EXPL: 1CVE-2011-1398 – PHP 5.3.11/5.4.0RC2 - 'header()' HTTP Header Injection
https://notcve.org/view.php?id=CVE-2011-1398
30 Aug 2012 — The sapi_header_op function in main/SAPI.c in PHP before 5.3.11 and 5.4.x before 5.4.0RC2 does not check for %0D sequences (aka carriage return characters), which allows remote attackers to bypass an HTTP response-splitting protection mechanism via a crafted URL, related to improper interaction between the PHP header function and certain browsers, as demonstrated by Internet Explorer and Google Chrome. La función sapi_header_op en el archivo main/SAPI.c en PHP anterior a versión 5.3.11 y versiones 5.4.x ant... • https://www.exploit-db.com/exploits/37688 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 6%CPEs: 18EXPL: 1CVE-2012-3450 – PHP 5.4.3 - PDO Memory Access Violation Denial of Service
https://notcve.org/view.php?id=CVE-2012-3450
06 Aug 2012 — pdo_sql_parser.re in the PDO extension in PHP before 5.3.14 and 5.4.x before 5.4.4 does not properly determine the end of the query string during parsing of prepared statements, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted parameter value. pdo_sql_parser.re en la extensión PDO en PHP anteriores a v5.3.14 y v5.4.x anterior a v5.4.4 no determina de forma adecuada el final de la cadena en la petición durante un análisis sintáctico de estruc... • https://www.exploit-db.com/exploits/37566 •
CVSS: 7.3EPSS: 0%CPEs: 117EXPL: 0CVE-2012-3365
https://notcve.org/view.php?id=CVE-2012-3365
20 Jul 2012 — The SQLite functionality in PHP before 5.3.15 allows remote attackers to bypass the open_basedir protection mechanism via unspecified vectors. La funcionalidad de SQLite en PHP antes de v5.3.15 permite a atacantes remotos eludir el mecanismo de protección open_basedir a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00021.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 16%CPEs: 122EXPL: 1CVE-2012-2688 – php: Integer Signedness issues in _php_stream_scandir
https://notcve.org/view.php?id=CVE-2012-2688
20 Jul 2012 — Unspecified vulnerability in the _php_stream_scandir function in the stream implementation in PHP before 5.3.15 and 5.4.x before 5.4.5 has unknown impact and remote attack vectors, related to an "overflow." Vulnerabilidad no especificada,relacionado con un "desbordamiento", en la función _php_stream_scandir en la implementación de los flujos (streams) en PHP antes de v5.3.15 y v5.4.x antes de v5.4.5 tiene un impacto desconocido y vectores de ataque a remotos. PHP is an HTML-embedded scripting language commo... • https://github.com/shelld3v/CVE-2012-2688 •
CVSS: 9.8EPSS: 15%CPEs: 2EXPL: 2CVE-2012-2386 – PHP 'phar' Extension 1.1.1 - Heap Overflow
https://notcve.org/view.php?id=CVE-2012-2386
07 Jul 2012 — Integer overflow in the phar_parse_tarfile function in tar.c in the phar extension in PHP before 5.3.14 and 5.4.x before 5.4.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted tar file that triggers a heap-based buffer overflow. Desbordamiento de entero en la función phar_parse_tarfile en tar.c en la extensión en PHP v5.4.x anterior a v5.3.14 y v5.4.4 permite a atacantes remotos causar una denegación de servicio (caída de aplicación) o... • https://www.exploit-db.com/exploits/17201 • CWE-122: Heap-based Buffer Overflow CWE-189: Numeric Errors •
CVSS: 10.0EPSS: 0%CPEs: 66EXPL: 0CVE-2012-2143 – crypt(): DES encrypted password weakness
https://notcve.org/view.php?id=CVE-2012-2143
05 Jul 2012 — The crypt_des (aka DES-based crypt) function in FreeBSD before 9.0-RELEASE-p2, as used in PHP, PostgreSQL, and other products, does not process the complete cleartext password if this password contains a 0x80 character, which makes it easier for context-dependent attackers to obtain access via an authentication attempt with an initial substring of the intended password, as demonstrated by a Unicode password. La función crypt_des (también conocido como crypt basado en DES), en FreeBSD v9.0-RELEASE-p2, tal y ... • http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=aab49e934de1fff046e659cbec46e3d053b41c34 • CWE-310: Cryptographic Issues •
CVSS: 9.1EPSS: 2%CPEs: 49EXPL: 5CVE-2012-1172 – php: $_FILES array indexes corruption
https://notcve.org/view.php?id=CVE-2012-1172
24 May 2012 — The file-upload implementation in rfc1867.c in PHP before 5.4.0 does not properly handle invalid [ (open square bracket) characters in name values, which makes it easier for remote attackers to cause a denial of service (malformed $_FILES indexes) or conduct directory traversal attacks during multi-file uploads by leveraging a script that lacks its own filename restrictions. La aplicación de carga de archivos en rfc1867.c en PHP anterior a v5.4.0 no maneja correctamente caracteres válidos [(corchete abierto... • http://isisblogs.poly.edu/2011/08/11/php-not-properly-checking-params • CWE-20: Improper Input Validation •