CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0CVE-2007-1864 – php libxmlrpc library overflow
https://notcve.org/view.php?id=CVE-2007-1864
Buffer overflow in the bundled libxmlrpc library in PHP before 4.4.7, and 5.x before 5.2.2, has unknown impact and remote attack vectors. Desbordamiento de búfer en la librería libxmlrpc incluida en PHP anterior a 4.4.7, y 5.x anterior a 5.2.2, tiene impacto y vectores de ataque remotos desconocidos. • http://lists.opensuse.org/opensuse-security-announce/2007-07/msg00006.html http://osvdb.org/34674 http://secunia.com/advisories/25187 http://secunia.com/advisories/25191 http://secunia.com/advisories/25255 http://secunia.com/advisories/25445 http://secunia.com/advisories/25660 http://secunia.com/advisories/25938 http://secunia.com/advisories/25945 http://secunia.com/advisories/26048 http://secunia.com/advisories/26102 http://secunia.com/advisories/27377 http://security.gent • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 1CVE-2007-2369 – WebSPELL 4.01.02 - 'picture.php' File Disclosure
https://notcve.org/view.php?id=CVE-2007-2369
Directory traversal vulnerability in picture.php in WebSPELL 4.01.02 and earlier, when PHP before 4.3.0 is used, allows remote attackers to read arbitrary files via a .. (dot dot) in the id parameter. Vulnerabilidad de salto de directorio en picture.php de WebSPELL 4.01.02 y anteriores, cuando se está utilizando PHP anterior a 4.3.0, permite a atacantes remotos leer ficheros de su elección mediante secuencias .. (punto punto) en el parámetro id. • https://www.exploit-db.com/exploits/3673 http://osvdb.org/34638 http://www.vupen.com/english/advisories/2007/1274 •
CVSS: 7.5EPSS: 22%CPEs: 59EXPL: 3CVE-2007-1777 – PHP 4.4.4 - 'Zip_Entry_Read()' Integer Overflow
https://notcve.org/view.php?id=CVE-2007-1777
Integer overflow in the zip_read_entry function in PHP 4 before 4.4.5 allows remote attackers to execute arbitrary code via a ZIP archive that contains an entry with a length value of 0xffffffff, which is incremented before use in an emalloc call, triggering a heap overflow. Desbordamiento de entero en la función zip_read_entry en PHP 4 versiones anteriores a 4.4.5 permite a atacantes remotos ejecutar código de su elección mediante un fichero ZIP que contiene una entrada con un valor de longitud 0xffffffff, que se incrementa antes de ser usado en la llamada a emalloc, disparando un desbordamiento de montón. • https://www.exploit-db.com/exploits/29788 http://secunia.com/advisories/25025 http://secunia.com/advisories/25062 http://www.debian.org/security/2007/dsa-1282 http://www.debian.org/security/2007/dsa-1283 http://www.mandriva.com/security/advisories?name=MDVSA-2008:130 http://www.php-security.org/MOPB/MOPB-35-2007.html http://www.securityfocus.com/bid/23169 https://exchange.xforce.ibmcloud.com/vulnerabilities/33652 •
CVSS: 6.8EPSS: 2%CPEs: 1EXPL: 2CVE-2007-1521 – PHP 5.2.1 - 'session_regenerate_id()' Double-Free
https://notcve.org/view.php?id=CVE-2007-1521
Double free vulnerability in PHP before 4.4.7, and 5.x before 5.2.2, allows context-dependent attackers to execute arbitrary code by interrupting the session_regenerate_id function, as demonstrated by calling a userspace error handler or triggering a memory limit violation. Una vulnerabilidad de doble liberación en PHP versiones anteriores a 4.4.7, y versiones 5.x anteriores a 5.2.2, permite a atacantes dependiendo del contexto ejecutar código arbitrario mediante la interrupción de la función session_regenerate_id, como es demostrado mediante la llamada de un manejador de errores de espacio de usuario o desencadenando una violación de límite de memoria. • https://www.exploit-db.com/exploits/3479 http://docs.info.apple.com/article.html?artnum=306172 http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html http://secunia.com/advisories/24505 http://secunia.com/advisories/25025 http://secunia.com/advisories/25056 http://secunia.com/advisories/25057 http://secunia.com/advisories/25062 http://secunia.com/advisories/25445 http://secunia.com/advisories/26235 http://security.gentoo.org/glsa/glsa-200705-19.xml http& •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 2CVE-2007-1475 – PHP 4.4.6 - 'ibase_connect()' Local Buffer Overflow
https://notcve.org/view.php?id=CVE-2007-1475
Multiple buffer overflows in the (1) ibase_connect and (2) ibase_pconnect functions in the interbase extension in PHP 4.4.6 and earlier allow context-dependent attackers to execute arbitrary code via a long argument. Múltiples desbordamientos de búfer en las funciones (1) ibase_connect y (2) ibase_pconnect en la extensión iterbase en PHP 4.4.6 y anteriores permite a atacantes dependientes del contexto ejecutar código de su elección a través de un argumento. • https://www.exploit-db.com/exploits/3488 http://retrogod.altervista.org/php_446_ibase_connect_bof.html http://secunia.com/advisories/24529 http://securityreason.com/securityalert/2439 http://www.securityfocus.com/archive/1/462931/100/0/threaded http://www.securityfocus.com/bid/22976 https://exchange.xforce.ibmcloud.com/vulnerabilities/33019 •