CVSS: 7.5EPSS: 2%CPEs: 14EXPL: 1CVE-2007-1824
https://notcve.org/view.php?id=CVE-2007-1824
02 Apr 2007 — Buffer overflow in the php_stream_filter_create function in PHP 5 before 5.2.1 allows remote attackers to cause a denial of service (application crash) via a php://filter/ URL that has a name ending in the '.' character. Desbordamiento de búfer en la función php_stream_filter_create de PHP 5 anterior a 5.2.1 permite a atacantes remotos provocar una denegación de servicio (cierre de aplicación) mediante un URL php://filter/ que tiene un nombre terminado con el carácter '.'. • http://secunia.com/advisories/25056 •
CVSS: 5.0EPSS: 12%CPEs: 75EXPL: 3CVE-2007-1717 – PHP 5.2.1 - Folded Mail Headers Email Header Injection
https://notcve.org/view.php?id=CVE-2007-1717
28 Mar 2007 — The mail function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 truncates e-mail messages at the first ASCIIZ ('\0') byte, which might allow context-dependent attackers to prevent intended information from being delivered in e-mail messages. NOTE: this issue might be security-relevant in cases when the trailing contents of e-mail messages are important, such as logging information or if the message is expected to be well-formed. La función mail en PHP 4.0.0 hasta 4.4.6 y 5.0.0 hasta 5.2.1 trunca los me... • https://www.exploit-db.com/exploits/29784 •
CVSS: 9.1EPSS: 16%CPEs: 75EXPL: 3CVE-2007-1718 – PHP 5.2.1 - Folded Mail Headers Email Header Injection
https://notcve.org/view.php?id=CVE-2007-1718
28 Mar 2007 — CRLF injection vulnerability in the mail function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows remote attackers to inject arbitrary e-mail headers and possibly conduct spam attacks via a control character immediately following folding of the (1) Subject or (2) To parameter, as demonstrated by a parameter containing a "\r\n\t\n" sequence, related to an increment bug in the SKIP_LONG_HEADER_SEP macro. Vulnerabilidad de inyección de retorno de carro y salto de línea (CRLF) en PHP 4.0.0 hasta 4.4.6... • https://www.exploit-db.com/exploits/29784 •
CVSS: 9.8EPSS: 5%CPEs: 72EXPL: 2CVE-2007-1700 – PHP < 4.4.5/5.2.1 - '_SESSION unset()' Local Overflow
https://notcve.org/view.php?id=CVE-2007-1700
27 Mar 2007 — The session extension in PHP 4 before 4.4.5, and PHP 5 before 5.2.1, calculates the reference count for the session variables without considering the internal pointer from the session globals, which allows context-dependent attackers to execute arbitrary code via a crafted string in the session_register after unsetting HTTP_SESSION_VARS and _SESSION, which destroys the session data Hashtable. La extensión session de PHP 4 anterior a 4.4.5, y PHP 5 anterior a 5.2.1, calcula la cuenta de referencia para las v... • https://www.exploit-db.com/exploits/3571 •
CVSS: 9.8EPSS: 9%CPEs: 2EXPL: 1CVE-2007-1701 – PHP < 4.4.5/5.2.1 - '_SESSION' Deserialization Overwrite
https://notcve.org/view.php?id=CVE-2007-1701
27 Mar 2007 — PHP 4 before 4.4.5, and PHP 5 before 5.2.1, when register_globals is enabled, allows context-dependent attackers to execute arbitrary code via deserialization of session data, which overwrites arbitrary global variables, as demonstrated by calling session_decode on a string beginning with "_SESSION|s:39:". PHP 4 anterior a 4.4.5, y PHP 5 anterior a 5.2.1, cuando register_globals está activado, permiten a atacantes locales o remotos dependiendo del contexto ejecutar código de su elección mediante una deseria... • https://www.exploit-db.com/exploits/3572 • CWE-502: Deserialization of Untrusted Data •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2007-1709 – PHP 5.2.1 with PECL PHPDOC - Local Buffer Overflow
https://notcve.org/view.php?id=CVE-2007-1709
27 Mar 2007 — Buffer overflow in the confirm_phpdoc_compiled function in the phpDOC extension (PECL phpDOC) in PHP 5.2.1 allows context-dependent attackers to execute arbitrary code via a long argument string. Desbordamiento de búfer en la función confirm_phpdoc_compiled de la extensión phpDOC (PECL phpDOC) de PHP 5.2.1 permite a atacantes locales o remotos dependiendo del contexto ejecutar código de su elección mediante una cadena larga como argumento. • https://www.exploit-db.com/exploits/3576 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 1CVE-2007-1710
https://notcve.org/view.php?id=CVE-2007-1710
27 Mar 2007 — The readfile function in PHP 4.4.4, 5.1.6, and 5.2.1 allows context-dependent attackers to bypass safe_mode restrictions and read arbitrary files by referring to local files with a certain URL syntax instead of a pathname syntax, as demonstrated by a filename preceded a "php://../../" sequence. La función readfile de PHP 4.4.4, 5.1.6, Y 5.2.1 permite a usuarios locales o remotos dependiendo del contexto evitar las restricciones del modo seguro (safe_mode) y leer archivos de su elección haciendo referencia a... • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506 •
CVSS: 7.8EPSS: 6%CPEs: 1EXPL: 2CVE-2007-1649 – PHP 5.2.1 - 'Unserialize()' Local Information Leak
https://notcve.org/view.php?id=CVE-2007-1649
24 Mar 2007 — PHP 5.2.1 allows context-dependent attackers to read portions of heap memory by executing certain scripts with a serialized data input string beginning with S:, which does not properly track the number of input bytes being processed. PHP 5.2.1 permite a atacantes depedientes del contexto leer porciones de la cabecera de memoria a través de la ejecución de ciertos scripts con datos de entrada serializados que comienzan con S:, lo cual no sigue adecuadamente el número de entradas de bytes que han sido procesa... • https://www.exploit-db.com/exploits/3559 •
CVSS: 9.8EPSS: 7%CPEs: 33EXPL: 4CVE-2007-1581 – PHP 5.2.1 - 'hash_update_file()' Freed Resource Usage
https://notcve.org/view.php?id=CVE-2007-1581
21 Mar 2007 — The resource system in PHP 5.0.0 through 5.2.1 allows context-dependent attackers to execute arbitrary code by interrupting the hash_update_file function via a userspace (1) error or (2) stream handler, which can then be used to destroy and modify internal resources. NOTE: it was later reported that PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 are also affected. El sistema de recursos de PHP versión 5.0.0 hasta 5.2.1 permite a los atacantes dependiendo del contexto ejecutar código arbitrario mediante la int... • https://www.exploit-db.com/exploits/3529 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 2%CPEs: 75EXPL: 1CVE-2007-1582 – PHP 4.4.6/5.2.1 - ext/gd Already Freed Resources Usage
https://notcve.org/view.php?id=CVE-2007-1582
21 Mar 2007 — The resource system in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows context-dependent attackers to execute arbitrary code by interrupting certain functions in the GD (ext/gd) extension and unspecified other extensions via a userspace error handler, which can be used to destroy and modify internal resources. El sistema de recursos en PHP 4.0.0 hasta 4.4.6 y 5.0.0 hasta 5.2.1 permite a atacante dependientes del contexto ejecutar código de su elección mediante interrupciones en ciertas funciones de l... • https://www.exploit-db.com/exploits/3525 •