CVSS: 6.8EPSS: 35%CPEs: 17EXPL: 1CVE-2007-2872 – PHP 5.1.6 - 'Chunk_Split()' Integer Overflow
https://notcve.org/view.php?id=CVE-2007-2872
Multiple integer overflows in the chunk_split function in PHP 5 before 5.2.3 and PHP 4 before 4.4.8 allow remote attackers to cause a denial of service (crash) or execute arbitrary code via the (1) chunks, (2) srclen, and (3) chunklen arguments. Los múltiples desbordamientos de enteros en la función chunk_split en PHP versión 5 anterior a 5.2.3 y PHP versión 4 anterior a 4.4.8, permiten a los atacantes remotos causar una denegación de servicio (bloqueo) o ejecutar código arbitrario por medio de los argumentos (1) chunks, (2) srclen, y (3) chunklen. • https://www.exploit-db.com/exploits/30117 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01345501 http://lists.opensuse.org/opensuse-security-announce/2007-07/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html http://osvdb.org/36083 http://rhn.redhat.com/errata/RHSA-2007-0889.html http://secunia.com/advisories/25456 http://secunia.com/advisories/25535 • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2007-2748
https://notcve.org/view.php?id=CVE-2007-2748
The substr_count function in PHP 5.2.1 and earlier allows context-dependent attackers to obtain sensitive information via unspecified vectors, a different affected function than CVE-2007-1375. La función substr_count en PHP 5.2.1 y versiones anteriores permite a atacantes locales o remotos dependientes del contexto obtener información confidencial mediante vectores no especificados, una función afectada distinta de CVE-2007-1375. • http://osvdb.org/34730 http://secunia.com/advisories/26895 http://us2.php.net/releases/5_2_2.php http://www.attrition.org/pipermail/vim/2007-May/001621.html http://www.mandriva.com/security/advisories?name=MDKSA-2007:187 http://www.novell.com/linux/security/advisories/2007_15_sr.html http://www.securityfocus.com/bid/24012 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0CVE-2007-1864 – php libxmlrpc library overflow
https://notcve.org/view.php?id=CVE-2007-1864
Buffer overflow in the bundled libxmlrpc library in PHP before 4.4.7, and 5.x before 5.2.2, has unknown impact and remote attack vectors. Desbordamiento de búfer en la librería libxmlrpc incluida en PHP anterior a 4.4.7, y 5.x anterior a 5.2.2, tiene impacto y vectores de ataque remotos desconocidos. • http://lists.opensuse.org/opensuse-security-announce/2007-07/msg00006.html http://osvdb.org/34674 http://secunia.com/advisories/25187 http://secunia.com/advisories/25191 http://secunia.com/advisories/25255 http://secunia.com/advisories/25445 http://secunia.com/advisories/25660 http://secunia.com/advisories/25938 http://secunia.com/advisories/25945 http://secunia.com/advisories/26048 http://secunia.com/advisories/26102 http://secunia.com/advisories/27377 http://security.gent • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 1CVE-2007-2369 – WebSPELL 4.01.02 - 'picture.php' File Disclosure
https://notcve.org/view.php?id=CVE-2007-2369
Directory traversal vulnerability in picture.php in WebSPELL 4.01.02 and earlier, when PHP before 4.3.0 is used, allows remote attackers to read arbitrary files via a .. (dot dot) in the id parameter. Vulnerabilidad de salto de directorio en picture.php de WebSPELL 4.01.02 y anteriores, cuando se está utilizando PHP anterior a 4.3.0, permite a atacantes remotos leer ficheros de su elección mediante secuencias .. (punto punto) en el parámetro id. • https://www.exploit-db.com/exploits/3673 http://osvdb.org/34638 http://www.vupen.com/english/advisories/2007/1274 •
CVSS: 7.5EPSS: 22%CPEs: 59EXPL: 3CVE-2007-1777 – PHP 4.4.4 - 'Zip_Entry_Read()' Integer Overflow
https://notcve.org/view.php?id=CVE-2007-1777
Integer overflow in the zip_read_entry function in PHP 4 before 4.4.5 allows remote attackers to execute arbitrary code via a ZIP archive that contains an entry with a length value of 0xffffffff, which is incremented before use in an emalloc call, triggering a heap overflow. Desbordamiento de entero en la función zip_read_entry en PHP 4 versiones anteriores a 4.4.5 permite a atacantes remotos ejecutar código de su elección mediante un fichero ZIP que contiene una entrada con un valor de longitud 0xffffffff, que se incrementa antes de ser usado en la llamada a emalloc, disparando un desbordamiento de montón. • https://www.exploit-db.com/exploits/29788 http://secunia.com/advisories/25025 http://secunia.com/advisories/25062 http://www.debian.org/security/2007/dsa-1282 http://www.debian.org/security/2007/dsa-1283 http://www.mandriva.com/security/advisories?name=MDVSA-2008:130 http://www.php-security.org/MOPB/MOPB-35-2007.html http://www.securityfocus.com/bid/23169 https://exchange.xforce.ibmcloud.com/vulnerabilities/33652 •