CVSS: 9.8EPSS: 6%CPEs: 11EXPL: 0CVE-2005-1042
https://notcve.org/view.php?id=CVE-2005-1042
12 Apr 2005 — Integer overflow in the exif_process_IFD_TAG function in exif.c in PHP before 4.3.11 may allow remote attackers to execute arbitrary code via an IFD tag that leads to a negative byte count. • http://cvs.php.net/diff.php/php-src/ext/exif/exif.c?r1=1.118.2.33&r2=1.118.2.34&ty=u •
CVSS: 7.5EPSS: 1%CPEs: 71EXPL: 0CVE-2005-1043
https://notcve.org/view.php?id=CVE-2005-1043
12 Apr 2005 — exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion. • http://cvs.php.net/diff.php/php-src/ext/exif/exif.c?r1=1.118.2.29&r2=1.118.2.30&ty=u •
CVSS: 7.5EPSS: 4%CPEs: 4EXPL: 0CVE-2005-0524
https://notcve.org/view.php?id=CVE-2005-0524
03 Apr 2005 — The php_handle_iff function in image.c for PHP 4.2.2, 4.3.9, 4.3.10 and 5.0.3, as reachable by the getimagesize PHP function, allows remote attackers to cause a denial of service (infinite loop) via a -8 size value. • http://lists.apple.com/archives/security-announce/2005/Jun/msg00000.html •
CVSS: 6.5EPSS: 6%CPEs: 4EXPL: 1CVE-2005-0525
https://notcve.org/view.php?id=CVE-2005-0525
03 Apr 2005 — The php_next_marker function in image.c for PHP 4.2.2, 4.3.9, 4.3.10 and 5.0.3, as reachable by the getimagesize PHP function, allows remote attackers to cause a denial of service (infinite loop) via a JPEG image with an invalid marker value, which causes a negative length value to be passed to php_stream_seek. • http://lists.apple.com/archives/security-announce/2005/Jun/msg00000.html •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2005-0596
https://notcve.org/view.php?id=CVE-2005-0596
01 Mar 2005 — PHP 4 (PHP4) allows attackers to cause a denial of service (daemon crash) by using the readfile function on a file whose size is a multiple of the page size. • http://www.linuxcompatible.org/story42495.html •
CVSS: 7.5EPSS: 5%CPEs: 14EXPL: 3CVE-2004-1392 – PHP 4.x/5 - cURL 'open_basedir' Restriction Bypass
https://notcve.org/view.php?id=CVE-2004-1392
31 Dec 2004 — PHP 4.0 with cURL functions allows remote attackers to bypass the open_basedir setting and read arbitrary files via a file: URL argument to the curl_init function. • https://www.exploit-db.com/exploits/24711 •
CVSS: 10.0EPSS: 7%CPEs: 65EXPL: 0CVE-2004-1019
https://notcve.org/view.php?id=CVE-2004-1019
22 Dec 2004 — The deserialization code in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to cause a denial of service and execute arbitrary code via untrusted data to the unserialize function that may trigger "information disclosure, double-free and negative reference index array underflow" results. El código de deserialización en PHP anteriores a 4.3.10 y PHP 5.x hasta 5.0.2 permite a atacantes remotos causar una denegación de servicio y ejecutar código de su elección mediante datos "no de confianza" ... • http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00029.html • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 8%CPEs: 65EXPL: 0CVE-2004-1065
https://notcve.org/view.php?id=CVE-2004-1065
22 Dec 2004 — Buffer overflow in the exif_read_data function in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to execute arbitrary code via a long section name in an image file. Desbordamiento de búfer en la función exif_read_data de PHP anteriores a 4.3.10 y PHP 5.x hasta 5.0.2 permite a atacantes remotos ejecutar código arbitrario mediante un nombre de sección largo en un fichero de imagen. • http://msgs.securepoint.com/cgi-bin/get/bugtraq0412/157.html •
CVSS: 10.0EPSS: 24%CPEs: 2EXPL: 2CVE-2004-1018 – PHP 3/4/5 - Multiple Local/Remote Vulnerabilities
https://notcve.org/view.php?id=CVE-2004-1018
08 Dec 2004 — Multiple integer handling errors in PHP before 4.3.10 allow attackers to bypass safe mode restrictions, cause a denial of service, or execute arbitrary code via (1) a negative offset value to the shmop_write function, (2) an "integer overflow/underflow" in the pack function, or (3) an "integer overflow/underflow" in the unpack function. NOTE: this issue was originally REJECTed by its CNA before publication, but that decision is in active dispute. This candidate may change significantly in the future as a re... • https://www.exploit-db.com/exploits/24854 •
CVSS: 7.5EPSS: 8%CPEs: 10EXPL: 3CVE-2004-1020 – PHP 4/5 - 'addslashes()' Null Byte Bypass
https://notcve.org/view.php?id=CVE-2004-1020
08 Dec 2004 — The addslashes function in PHP 4.3.9 does not properly escape a NULL (/0) character, which may allow remote attackers to read arbitrary files in PHP applications that contain a directory traversal vulnerability in require or include statements, but are otherwise protected by the magic_quotes_gpc mechanism. NOTE: this issue was originally REJECTed by its CNA before publication, but that decision is in active dispute. This candidate may change significantly in the future as a result of further discussion. ** ... • https://www.exploit-db.com/exploits/24985 •