CVE-2008-7068
https://notcve.org/view.php?id=CVE-2008-7068
The dba_replace function in PHP 5.2.6 and 4.x allows context-dependent attackers to cause a denial of service (file truncation) via a key with the NULL byte. NOTE: this might only be a vulnerability in limited circumstances in which the attacker can modify or add database entries but does not have permissions to truncate the file. La función dba_replace en PHP v5.2.6 y 4.x permite a atacantes dependientes de contexto producir una denegación de servicio (corte de fichero) a través de una clave con un byte NULL. NOTA: Esto solo se produce en unas circunstancias muy concretas en la cual el atacante puede modificar o añadir las entradas de la base de datos pero no tiene permisos para cortar el fichero. • http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.1313&r2=1.2027.2.547.2.1314& http://securityreason.com/achievement_securityalert/58 http://www.osvdb.org/52206 http://www.securityfocus.com/archive/1/498746/100/0/threaded http://www.securityfocus.com/archive/1/498981/100/0/threaded http://www.securityfocus.com/archive/1/498982/100/0/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/47316 • CWE-20: Improper Input Validation •
CVE-2009-2687 – php: exif_read_data crash on corrupted JPEG files
https://notcve.org/view.php?id=CVE-2009-2687
The exif_read_data function in the Exif module in PHP before 5.2.10 allows remote attackers to cause a denial of service (crash) via a malformed JPEG image with invalid offset fields, a different issue than CVE-2005-3353. La función exif_read_data en el módulo Exif en PHP anteriores v5.2.10 permite a atacantes remotos causar una denegación de servicio (caída) a través de una imagen JPEG mal formada con campos inválidos en offset, siendo un asunto diferente a CVE-2005-3353. • http://bugs.php.net/bug.php?id=48378 http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.html http://marc.info/?l=bugtraq&m=127680701405735&w=2 http://osvdb.org/55222 http://secunia.com/advisories/35441 http://secunia.com/advisories/36462 http://secunia.com/advisories/37482 http://secunia.com/advisories/40262 http://www.debian.org/security/2009/dsa-1940 http://www.mandriva.com/security/advisories?name=MDVSA-2009:145 http://www.mandriva.com/security • CWE-20: Improper Input Validation •
CVE-2009-1272
https://notcve.org/view.php?id=CVE-2009-1272
The php_zip_make_relative_path function in php_zip.c in PHP 5.2.x before 5.2.9 allows context-dependent attackers to cause a denial of service (crash) via a ZIP file that contains filenames with relative paths, which is not properly handled during extraction. La función php_zip_make_relative_path en php_zip.c en PHP v5.2.x anteriores a v5.2.9 permite a atacantes, dependiendo del contexto, provocar una denegación de servicio (caída) a través de una fichero ZIP que contiene nombres de ficheros con las rutas relativas, lo que no está bien manejado durante la extracción. • http://cvs.php.net/viewvc.cgi/php-src/ext/zip/php_zip.c?r1=1.1.2.48&r2=1.1.2.49 http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html http://marc.info/?l=bugtraq&m=125017764422557&w=2 http://secunia.com/advisories/35685 http://secunia.com/advisories/36701 http://support.apple.com/kb/HT3865 http://www.openwall.com/lists/oss-security/2009/04/01/9 http://www& • CWE-20: Improper Input Validation •
CVE-2009-1271 – php: crash on malformed input in json_decode()
https://notcve.org/view.php?id=CVE-2009-1271
The JSON_parser function (ext/json/JSON_parser.c) in PHP 5.2.x before 5.2.9 allows remote attackers to cause a denial of service (segmentation fault) via a malformed string to the json_decode API function. La función JSON_parser (ext/json/JSON_parser.c) en PHP v5.2.x anteriores a v5.2.9 permite a atacantes remotos provocar una denegación de servicio (falta de segmentación) a través de una cadena formada de forma incorrecta a la función API json_decode. • http://cvs.php.net/viewvc.cgi/php-src/ext/json/JSON_parser.c?r1=1.1.2.14&r2=1.1.2.15 http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html http://secunia.com/advisories/34770 http://secunia.com/advisories/34830 http://secunia.com/advisories/34933 http://secunia.com/advisories/35003 http://secunia.com/advisories/35007 http://secunia.com/advisories/35306 http://secunia.com •
CVE-2008-5814 – php: XSS via PHP error messages
https://notcve.org/view.php?id=CVE-2008-5814
Cross-site scripting (XSS) vulnerability in PHP, possibly 5.2.7 and earlier, when display_errors is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: because of the lack of details, it is unclear whether this is related to CVE-2006-0208. Vulnerabilidad de Secuencias de Comandos en Sitios Cruzados (XSS) en PHP, posiblemente v5.2.7 y anteriores, cuando display_error está activada, permite a atacantes remotos inyectar secuencias de comandos Web o HTML a través de vectores no especificados. NOTA: debido a la falta de detalles, no está claro si esto está relacionado con CVE-2006-0208. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444 http://jvn.jp/en/jp/JVN50327700/index.html http://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000084.html http://marc.info/?l=bugtraq&m=124277349419254&w=2 http://secunia.com/advisories/34830 http://secunia.com/advisories/34933 http://secunia.com/advisories/35003 http://secunia.com/advisories/35007 http://secunia.com/advisories/35108 http://www.debian.org/security/2009/dsa-1789 http://www • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •