CVSS: 7.5EPSS: 1%CPEs: 13EXPL: 0CVE-2010-1129
https://notcve.org/view.php?id=CVE-2010-1129
The safe_mode implementation in PHP before 5.2.13 does not properly handle directory pathnames that lack a trailing / (slash) character, which allows context-dependent attackers to bypass intended access restrictions via vectors related to use of the tempnam function. La implementación de safe_mode en PHP anteriores a v5.2.13 no manejan de forma adecuada las rutas de los nombres de directorios que no tienen un carácter "/" (barra), lo que permite a usuarios dependiendo del contexto saltarse las restricciones de intentos de acceso a través de vectores relativos al uso de la función tempsam. • http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02286083 http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html http://secunia.com/advisories/38708 http://secunia.com/advisories/40551 http://securitytracker.com/id?1023661 http://support.apple.com/kb/HT4312 http://www.php.net/ChangeLog-5.php http://www.php.net/releases/5_2_13.php http://www.securityfocus.com/bid/38431 http://www.vupen.com/english/advisories/2010/0479 http://www& • CWE-20: Improper Input Validation •
CVSS: 5.0EPSS: 2%CPEs: 1EXPL: 4CVE-2010-0397 – PHP 5.3.2 'xmlrpc' Extension - Multiple Remote Denial of Service Vulnerabilities
https://notcve.org/view.php?id=CVE-2010-0397
The xmlrpc extension in PHP 5.3.1 does not properly handle a missing methodName element in the first argument to the xmlrpc_decode_request function, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) and possibly have unspecified other impact via a crafted argument. La extensión xmlrpc en PHP v5.3.1 no maneja adecuadamente el elemento methodName perdido en el primer argumento de la función xmlrpc_decode, lo que permite a atacantes dependientes del contexto causar una denegación de servicio (puntero de dereferencia nulo y caída de aplicación) y probablemente tener otro impacto no especificado a través de un argumento manipulado. • https://www.exploit-db.com/exploits/33755 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=573573 http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html http://secunia.com&# • CWE-476: NULL Pointer Dereference •
CVSS: 5.0EPSS: 0%CPEs: 38EXPL: 0CVE-2009-4418
https://notcve.org/view.php?id=CVE-2009-4418
The unserialize function in PHP 5.3.0 and earlier allows context-dependent attackers to cause a denial of service (resource consumption) via a deeply nested serialized variable, as demonstrated by a string beginning with a:1: followed by many {a:1: sequences. La función deserializada (unserialize) en PHP 5.3.0 y anteriores permite a atacantes dependientes del contexto causar una denegación de servicio (consumo de recursos) a través una variables anidadas profundamente, como queda demostrada con una cadena inicializada con a:1: seguida de una larga secuencia {a:1: . • http://www.suspekt.org/2009/11/28/shocking-news-in-php-exploitation http://www.suspekt.org/downloads/POC2009-ShockingNewsInPHPExploitation.pdf • CWE-189: Numeric Errors •
CVSS: 10.0EPSS: 1%CPEs: 108EXPL: 0CVE-2009-4143
https://notcve.org/view.php?id=CVE-2009-4143
PHP before 5.2.12 does not properly handle session data, which has unspecified impact and attack vectors related to (1) interrupt corruption of the SESSION superglobal array and (2) the session.save_path directive. PHP versiones anteriores a v5.2.12 no maneja adecuadamente los datos de sesión, teniendo un impacto no especificado y vectores de ataque relacionado con (1) la interrupción de corrupción de la selección SESSION superglobal y (2) la directiva session.save_path. • http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html http://marc.info/?l=bugtraq&m=127680701405735&w=2 http://secunia.com/advisories/37821 http://secunia.com/advisories/38648 http://secunia.com/advisories/40262 http://secunia.com/advisories/41480 http://secunia.com/advisories/41490 http://support.apple.com/kb/HT4077 http://www.debian.org/security/2010/dsa-2001 http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995 http://ww •
CVSS: 4.3EPSS: 2%CPEs: 111EXPL: 4CVE-2009-4142 – PHP 5.2.11 - 'htmlspecialCharacters()' Malformed Multibyte Character Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2009-4142
The htmlspecialchars function in PHP before 5.2.12 does not properly handle (1) overlong UTF-8 sequences, (2) invalid Shift_JIS sequences, and (3) invalid EUC-JP sequences, which allows remote attackers to conduct cross-site scripting (XSS) attacks by placing a crafted byte sequence before a special character. La función htmlspecialchars en PHP versiones anteriores a v5.2.12 no maneja adecuadamente (1) secuencias UTF-8 demasiado largas, (2) secuencias inválidas Shift_JIS, y (39 secuencias inválidas EUC-JP, permitiendo a atacantes remotos dirigir ataques de secuencias de comandos en sitios cruzados (XSS) poniendo secuencias de bytes modificados antes de un carácter especial. • https://www.exploit-db.com/exploits/33414 https://www.exploit-db.com/exploits/33415 http://bugs.php.net/bug.php?id=49785 http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html http://marc.info/?l=bugtraq&m=127680701405735&w=2 http://secunia.com/advisories/37821 http://secunia.com/advisories/38648 http://secunia.com/advisories/40262 http://securitytracker.com/id?1023372 http://support.apple.com/kb/HT4077 http://www.debian.org/security/2010/ • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •