CVSS: 7.8EPSS: 1%CPEs: 76EXPL: 0CVE-2007-1461
https://notcve.org/view.php?id=CVE-2007-1461
14 Mar 2007 — The compress.bzip2:// URL wrapper provided by the bz2 extension in PHP before 4.4.7, and 5.x before 5.2.2, does not implement safemode or open_basedir checks, which allows remote attackers to read bzip2 archives located outside of the intended directories. La URL encapsulada compress.bzip2:// proporcionada por la extensión bz2 en PHP versiones anteriores a 4.4.7, y versiones 5.x anteriores a 5.2.2, no implementa comprobaciones de safemode o open_basedir, lo que permite a atacantes remotos leer archivos bzip... • http://docs.info.apple.com/article.html?artnum=306172 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.1EPSS: 1%CPEs: 1EXPL: 0CVE-2007-1454
https://notcve.org/view.php?id=CVE-2007-1454
14 Mar 2007 — ext/filter in PHP 5.2.0, when FILTER_SANITIZE_STRING is used with the FILTER_FLAG_STRIP_LOW flag, does not properly strip HTML tags, which allows remote attackers to conduct cross-site scripting (XSS) attacks via HTML with a '<' character followed by certain whitespace characters, which passes one filter but is collapsed into a valid tag, as demonstrated using %0b. ext/filter del PHP 5.2.0, cuando el FILTER_SANITIZE_STRING es utilizado con el flag FILTER_FLAG_STRIP_LOW, no deshace convenientemente las etiqu... • http://secunia.com/advisories/25056 •
CVSS: 9.1EPSS: 1%CPEs: 17EXPL: 1CVE-2007-1452 – PHP 5.2.0 - EXT/Filter FDF Post Filter Bypass
https://notcve.org/view.php?id=CVE-2007-1452
14 Mar 2007 — The FDF support (ext/fdf) in PHP 5.2.0 and earlier does not implement the input filtering hooks for ext/filter, which allows remote attackers to bypass web site filters via an application/vnd.fdf formatted POST. El soporte FDF (ext/fdf) del PHP 5.2.0 y versiones anteriores no implementa enlaces para el filtrado de la entrada para el ext/filter, lo que permite a atacantes remotos evitar los filtros del sitio web mediante un POST application/vnd.fdf formateado. • https://www.exploit-db.com/exploits/3452 •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 2CVE-2007-1453 – PHP 5.2 - EXT/Filter Function Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2007-1453
14 Mar 2007 — Buffer underflow in the PHP_FILTER_TRIM_DEFAULT macro in the filtering extension (ext/filter) in PHP 5.2.0 allows context-dependent attackers to execute arbitrary code by calling filter_var with certain modes such as FILTER_VALIDATE_INT, which causes filter to write a null byte in whitespace that precedes the buffer. Desbordamiento de búfer en la macro HP_FILTER_TRIM_DEFAULT en el filtro de extensiones (ext/filter) del PHP 5.2.0 permite a atacantes dependientes del contexto ejecutar código de su elección ll... • https://www.exploit-db.com/exploits/29732 •
CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 4CVE-2007-1413 – PHP 4.4.6 - 'snmpget()' Object id Local Buffer Overflow
https://notcve.org/view.php?id=CVE-2007-1413
12 Mar 2007 — Buffer overflow in the snmpget function in the snmp extension in PHP 5.2.3 and earlier, including PHP 4.4.6 and probably other PHP 4 versions, allows context-dependent attackers to execute arbitrary code via a long value in the third argument (object id). Un desbordamiento de búfer en la función snmpget en la extensión snmp en PHP versión 5.2.3 y anteriores, incluyendo a PHP versión 4.4.6 y probablemente otras versiones 4 de PHP, permite a atacantes dependiendo del contexto ejecutar código arbitrario por me... • https://www.exploit-db.com/exploits/3439 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.1EPSS: 6%CPEs: 42EXPL: 0CVE-2007-1396
https://notcve.org/view.php?id=CVE-2007-1396
10 Mar 2007 — The import_request_variables function in PHP 4.0.7 through 4.4.6, and 5.x before 5.2.2, when called without a prefix, does not prevent the (1) GET, (2) POST, (3) COOKIE, (4) FILES, (5) SERVER, (6) SESSION, and other superglobals from being overwritten, which allows remote attackers to spoof source IP address and Referer data, and have other unspecified impact. NOTE: it could be argued that this is a design limitation of PHP and that only the misuse of this feature, i.e. implementation bugs in applications, ... • http://lists.opensuse.org/opensuse-security-announce/2007-07/msg00006.html •
CVSS: 10.0EPSS: 86%CPEs: 3EXPL: 2CVE-2007-1399 – PHP 5.2.0 / PHP with PECL ZIP 1.8.3 - 'zip://' URL Wrapper Buffer Overflow
https://notcve.org/view.php?id=CVE-2007-1399
10 Mar 2007 — Stack-based buffer overflow in the zip:// URL wrapper in PECL ZIP 1.8.3 and earlier, as bundled with PHP 5.2.0 and 5.2.1, allows remote attackers to execute arbitrary code via a long zip:// URL, as demonstrated by actively triggering URL access from a remote PHP interpreter via avatar upload or blog pingback. Desbordamiento de búfer basado en pila en el envoltorio (wrapper) de URL zip:// en PECL ZIP 1.8.3 y anteriores, como ha sido incluido en PHP 5.2.0 y 5.2.1, permite a atacantes remotos ejecutar código d... • https://www.exploit-db.com/exploits/3440 •
CVSS: 9.1EPSS: 4%CPEs: 1EXPL: 2CVE-2007-1375 – PHP 5.2.1 - 'substr_compare()' Information Leak
https://notcve.org/view.php?id=CVE-2007-1375
10 Mar 2007 — Integer overflow in the substr_compare function in PHP 5.2.1 and earlier allows context-dependent attackers to read sensitive memory via a large value in the length argument, a different vulnerability than CVE-2006-1991. Desbordamiento de enteros en la función substr_compare en PHP 5.2.1 y anteriores permite a atacantes dependientes del contexto leer memoria sensible a través de un valor en el argumento length, un vulnerabilidad diferente que CVE-2006-1991. • https://www.exploit-db.com/exploits/3424 •
CVSS: 9.8EPSS: 5%CPEs: 73EXPL: 4CVE-2007-1376 – PHP < 4.4.5/5.2.1 - 'shmop' SSL RSA Private-Key Disclosure
https://notcve.org/view.php?id=CVE-2007-1376
10 Mar 2007 — The shmop functions in PHP before 4.4.5, and before 5.2.1 in the 5.x series, do not verify that their arguments correspond to a shmop resource, which allows context-dependent attackers to read and write arbitrary memory locations via arguments associated with an inappropriate resource, as demonstrated by a GD Image resource. Las funciones shomp en PHP anterior a 4.4.5, y anterior a 5.2.1 en las series 5.x, no verifica que sus argumentos corresponden a un recurso shmop, lo caul permite a atacantes dependient... • https://www.exploit-db.com/exploits/3427 •
CVSS: 7.5EPSS: 1%CPEs: 72EXPL: 2CVE-2007-1380 – PHP < 4.4.5/5.2.1 - PHP_binary Session Deserialization Information Leak
https://notcve.org/view.php?id=CVE-2007-1380
10 Mar 2007 — The php_binary serialization handler in the session extension in PHP before 4.4.5, and 5.x before 5.2.1, allows context-dependent attackers to obtain sensitive information (memory contents) via a serialized variable entry with a large length value, which triggers a buffer over-read. El manejador de serialización php_binary en la extensión de sesión de PHP anterior a 4.4.5, y 5.x anterior a 5.2.1, permite a atacantes dependientes del contexto obtener información sensible (contenidos de memoria) a través de e... • https://www.exploit-db.com/exploits/3413 •