CVSS: 9.8EPSS: 4%CPEs: 11EXPL: 1CVE-2008-2371
https://notcve.org/view.php?id=CVE-2008-2371
07 Jul 2008 — Heap-based buffer overflow in pcre_compile.c in the Perl-Compatible Regular Expression (PCRE) library 7.7 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a regular expression that begins with an option and contains multiple branches. Desbordamiento de búfer basado en montículo en pcre_compile.c en la biblioteca Perl-Compatible Regular Expression (PCRE) 7.7, permite a atacantes dependientes del contexto provocar una denegación de servicio (caída)... • http://bugs.gentoo.org/show_bug.cgi?id=228091 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 13%CPEs: 7EXPL: 0CVE-2008-2829
https://notcve.org/view.php?id=CVE-2008-2829
23 Jun 2008 — php_imap.c in PHP 5.2.5, 5.2.6, 4.x, and other versions, uses obsolete API calls that allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long IMAP request, which triggers an "rfc822.c legacy routine buffer overflow" error message, related to the rfc822_write_address function. El archivo php_imap.c en PHP versiones 5.2.5, 5.2.6, 4.x y otras versiones, utiliza llamadas API obsoletas que permiten a los atacantes dependiendo del contexto causar una d... • http://bugs.php.net/bug.php?id=42862 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.1EPSS: 0%CPEs: 23EXPL: 1CVE-2008-2666 – PHP 5.2.6 - 'chdir()' Function http URL Argument Safe_mode Restriction Bypass
https://notcve.org/view.php?id=CVE-2008-2666
20 Jun 2008 — Multiple directory traversal vulnerabilities in PHP 5.2.6 and earlier allow context-dependent attackers to bypass safe_mode restrictions by creating a subdirectory named http: and then placing ../ (dot dot slash) sequences in an http URL argument to the (1) chdir or (2) ftok function. Múltiples vulnerabilidades de Salto de Directorio en PHP 5.2.6 permiten a los atacantes según contexto saltarse las restricciones safe_mode creando un subdirectorio denominado http: y colocando después secuencias ../ (punto pu... • https://www.exploit-db.com/exploits/31937 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 1CVE-2008-2665
https://notcve.org/view.php?id=CVE-2008-2665
20 Jun 2008 — Directory traversal vulnerability in the posix_access function in PHP 5.2.6 and earlier allows remote attackers to bypass safe_mode restrictions via a .. (dot dot) in an http URL, which results in the URL being canonicalized to a local filename after the safe_mode check has successfully run. Vulnerabilidad de Salto de Directorio en la función posix_access de PHP 5.2.6 y versiones anteriores permite a atacantes remotos saltarse la restricciones safe_mode mediante un .. (punto punto) en una URL hhtp, lo que p... • http://lists.apple.com/archives/security-announce/2009/May/msg00002.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.1EPSS: 1%CPEs: 25EXPL: 2CVE-2008-2107 – PHP 32 bit weak random seed
https://notcve.org/view.php?id=CVE-2008-2107
07 May 2008 — The GENERATE_SEED macro in PHP 4.x before 4.4.8 and 5.x before 5.2.5, when running on 32-bit systems, performs a multiplication using values that can produce a zero seed in rare circumstances, which allows context-dependent attackers to predict subsequent values of the rand and mt_rand functions and possibly bypass protection mechanisms that rely on an unknown initial seed. La macro GENERATE_SEED de PHP 4.x versiones anteriores a la 4.4.8 y 5.x versiones anteriores a la 5.2.5, cuando se ejecuta en sistemas ... • http://archives.neohapsis.com/archives/fulldisclosure/2008-05/0103.html • CWE-189: Numeric Errors •
CVSS: 9.8EPSS: 0%CPEs: 9EXPL: 2CVE-2008-2108 – PHP weak 64 bit random seed
https://notcve.org/view.php?id=CVE-2008-2108
07 May 2008 — The GENERATE_SEED macro in PHP 4.x before 4.4.8 and 5.x before 5.2.5, when running on 64-bit systems, performs a multiplication that generates a portion of zero bits during conversion due to insufficient precision, which produces 24 bits of entropy and simplifies brute force attacks against protection mechanisms that use the rand and mt_rand functions. La macro GENERATE_SEED de PHP 4.x versiones anteriores a la 4.4.8 y 5.x versiones anteriores a la 5.2.5, cuando se ejecuta en sistemas de 64 bits, realiza un... • http://archives.neohapsis.com/archives/fulldisclosure/2008-05/0103.html • CWE-331: Insufficient Entropy •
CVSS: 10.0EPSS: 70%CPEs: 9EXPL: 1CVE-2008-0599 – php: buffer overflow in a CGI path translation
https://notcve.org/view.php?id=CVE-2008-0599
05 May 2008 — The init_request_info function in sapi/cgi/cgi_main.c in PHP before 5.2.6 does not properly consider operator precedence when calculating the length of PATH_TRANSLATED, which might allow remote attackers to execute arbitrary code via a crafted URI. La función init_request_info en sapi/cgi/cgi_main.c en PHP en versiones anteriores a 5.2.6 no considera correctamente la precedencia del operador cuando calcula la longitud de PATH_TRANSLATED, lo que podrían permitir a atacantes remotos ejecutar código arbitrario... • http://cvs.php.net/viewvc.cgi/php-src/sapi/cgi/cgi_main.c?r1=1.267.2.15.2.50.2.12&r2=1.267.2.15.2.50.2.13&diff_format=u • CWE-131: Incorrect Calculation of Buffer Size •
CVSS: 10.0EPSS: 3%CPEs: 25EXPL: 1CVE-2008-2050
https://notcve.org/view.php?id=CVE-2008-2050
05 May 2008 — Stack-based buffer overflow in the FastCGI SAPI (fastcgi.c) in PHP before 5.2.6 has unknown impact and attack vectors. Desbordamiento de búfer basado en pila en el FastCGI SAPI (fastcgi.c) en PHP en versiones anteriores a 5.2.6 tiene impacto y vectores de ataque desconocidos. • http://cvs.php.net/viewvc.cgi/php-src/sapi/cgi/fastcgi.c?r1=1.44&r2=1.45&diff_format=u • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 2%CPEs: 25EXPL: 0CVE-2008-2051 – PHP multibyte shell escape flaw
https://notcve.org/view.php?id=CVE-2008-2051
05 May 2008 — The escapeshellcmd API function in PHP before 5.2.6 has unknown impact and context-dependent attack vectors related to "incomplete multibyte chars." La función escapeshellcmd API en PHP anterior a 5.2.6 tiene impacto desconocido y vectores de ataque dependientes del contexto relacionados con "caracteres multibyte incompletos". • http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html •
CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 1CVE-2008-1384
https://notcve.org/view.php?id=CVE-2008-1384
27 Mar 2008 — Integer overflow in PHP 5.2.5 and earlier allows context-dependent attackers to cause a denial of service and possibly have unspecified other impact via a printf format parameter with a large width specifier, related to the php_sprintf_appendstring function in formatted_print.c and probably other functions for formatted strings (aka *printf functions). Desbordamiento de entero en PHP 5.2.5 y versiones anteriores permite a atacantes dependientes del contexto provocar una denegación de servicio y posiblemente... • http://cvs.php.net/viewvc.cgi/php-src/NEWS?revision=1.2027.2.547.2.1120&view=markup • CWE-189: Numeric Errors •