Multiple vulnerabilities in PHP
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 78 |
| CVE-ID | CVE-2010-4409 CVE-2009-5016 CVE-2009-4142 CVE-2009-4143 CVE-2009-2626 CVE-2009-4018 CVE-2009-3557 CVE-2009-3558 CVE-2009-3291 CVE-2009-3292 CVE-2009-3293 CVE-2008-7068 CVE-2008-5814 CVE-2008-4107 CVE-2007-4658 CVE-2007-4652 CVE-2007-3799 CVE-2007-2844 CVE-2007-2727 CVE-2007-2509 CVE-2007-2510 CVE-2007-2511 CVE-2007-1883 CVE-2007-1884 CVE-2007-1885 CVE-2007-1888 CVE-2007-1890 CVE-2007-1001 CVE-2007-1835 CVE-2007-1825 CVE-2007-1777 CVE-2007-1717 CVE-2007-1718 CVE-2007-1700 CVE-2007-1582 CVE-2007-1583 CVE-2007-1460 CVE-2007-1461 CVE-2007-1396 CVE-2007-1376 CVE-2007-1378 CVE-2007-1379 CVE-2007-1380 CVE-2007-0905 CVE-2007-0906 CVE-2007-0907 CVE-2007-0909 CVE-2007-0910 CVE-2006-4812 CVE-2006-5178 CVE-2006-4625 CVE-2006-4433 CVE-2006-4020 CVE-2006-3011 CVE-2006-1494 CVE-2006-1608 CVE-2006-1490 CVE-2006-1015 CVE-2006-1017 CVE-2005-3883 CVE-2005-3388 CVE-2005-3389 CVE-2005-3390 CVE-2005-3391 CVE-2005-3392 CVE-2005-3319 CVE-2004-1019 CVE-2004-1065 CVE-2004-0595 CVE-2003-0860 CVE-2003-0861 CVE-2003-0166 CVE-2002-1396 CVE-2002-1783 CVE-2002-2215 CVE-2002-2309 CVE-2002-0986 CVE-2002-0484 |
| CWE-ID | CWE-20 CWE-79 CWE-264 CWE-59 CWE-119 CWE-122 CWE-94 CWE-362 CWE-22 CWE-399 |
| Exploitation vector | Network |
| Public exploit |
Public exploit code for vulnerability #1 is available. Public exploit code for vulnerability #3 is available. Public exploit code for vulnerability #5 is available. Public exploit code for vulnerability #6 is available. Public exploit code for vulnerability #16 is available. Public exploit code for vulnerability #17 is available. Public exploit code for vulnerability #27 is available. Public exploit code for vulnerability #28 is available. Public exploit code for vulnerability #29 is available. Public exploit code for vulnerability #30 is available. Public exploit code for vulnerability #31 is available. Public exploit code for vulnerability #33 is available. Public exploit code for vulnerability #34 is available. Public exploit code for vulnerability #35 is available. Public exploit code for vulnerability #36 is available. Public exploit code for vulnerability #40 is available. Public exploit code for vulnerability #43 is available. Public exploit code for vulnerability #49 is available. Public exploit code for vulnerability #51 is available. Public exploit code for vulnerability #53 is available. Public exploit code for vulnerability #55 is available. Public exploit code for vulnerability #56 is available. Public exploit code for vulnerability #57 is available. Public exploit code for vulnerability #58 is available. Public exploit code for vulnerability #61 is available. Public exploit code for vulnerability #63 is available. Public exploit code for vulnerability #69 is available. Public exploit code for vulnerability #72 is available. Public exploit code for vulnerability #76 is available. Public exploit code for vulnerability #78 is available. |
| Vulnerable software |
PHP Universal components / Libraries / Scripting languages |
| Vendor | PHP Group |
Security Bulletin
This security bulletin contains information about 78 vulnerabilities.
1) Input validation error
EUVDB-ID: #VU110280
Risk: Medium
CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2010-4409
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: Yes
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform service disruption.
Integer overflow in the NumberFormatter::getSymbol (aka numfmt_get_symbol) function in PHP 5.3.3 and earlier allows context-dependent attackers to cause a denial of service (application crash) via an invalid argument.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 1.0 - 5.3.2
CPE2.3- cpe:2.3:a:php_group:php:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:2.0b10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.6:*:*:*:*:*:*:*
https://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html
https://lists.fedoraproject.org/pipermail/package-announce/2011-January/052836.html
https://lists.fedoraproject.org/pipermail/package-announce/2011-January/052845.html
https://lists.opensuse.org/opensuse-updates/2012-01/msg00035.html
https://secunia.com/advisories/42812
https://secunia.com/advisories/47674
https://support.apple.com/kb/HT4581
https://svn.php.net/viewvc/php/php-src/trunk/ext/intl/formatter/formatter_attr.c?r1=305571&r2=305570&pathrev=305571
https://svn.php.net/viewvc?view=revision&revision=305571
https://www.exploit-db.com/exploits/15722
https://www.kb.cert.org/vuls/id/479900
https://www.mandriva.com/security/advisories?name=MDVSA-2010:254
https://www.mandriva.com/security/advisories?name=MDVSA-2010:255
https://www.php.net/ChangeLog-5.php
https://www.securityfocus.com/archive/1/515142/100/0/threaded
https://www.securityfocus.com/bid/45119
https://www.ubuntu.com/usn/USN-1042-1
https://www.vupen.com/english/advisories/2011/0020
https://www.vupen.com/english/advisories/2011/0021
https://www.vupen.com/english/advisories/2011/0077
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
2) Cross-site scripting
EUVDB-ID: #VU110281
Risk: Medium
CVSSv4.0: N/A
CVE-ID: CVE-2009-5016
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data when processing data passed via a crafted string that uses overlong UTF-8 encoding, a different vulnerability than CVE-2010-3870. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 1.0 - 5.2.1
CPE2.3- cpe:2.3:a:php_group:php:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:2.0b10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.7:*:*:*:*:*:*:*
https://bugs.php.net/bug.php?id=49687
https://lists.fedoraproject.org/pipermail/package-announce/2011-January/052836.html
https://lists.fedoraproject.org/pipermail/package-announce/2011-January/052845.html
https://secunia.com/advisories/42410
https://secunia.com/advisories/42812
https://sirdarckcat.blogspot.com/2009/10/couple-of-unicode-issues-on-php-and.html
https://www.blackhat.com/presentations/bh-usa-09/VELANAVA/BHUSA09-VelaNava-FavoriteXSS-SLIDES.pdf
https://www.redhat.com/support/errata/RHSA-2010-0919.html
https://www.redhat.com/support/errata/RHSA-2011-0195.html
https://www.securityfocus.com/bid/44889
https://www.ubuntu.com/usn/USN-1042-1
https://www.vupen.com/english/advisories/2010/3081
https://www.vupen.com/english/advisories/2011/0020
https://www.vupen.com/english/advisories/2011/0021
https://www.vupen.com/english/advisories/2011/0077
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Cross-site scripting
EUVDB-ID: #VU110314
Risk: Medium
CVSSv4.0: N/A
CVE-ID: CVE-2009-4142
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: Yes
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data. The vulnerability allows remote attackers to conduct cross-site scripting (XSS) attacks by placing a crafted byte sequence before a special character.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 1.0 - 5.2.10
CPE2.3- cpe:2.3:a:php_group:php:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:2.0b10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.8:*:*:*:*:*:*:*
https://bugs.php.net/bug.php?id=49785
https://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html
https://marc.info/?l=bugtraq&m=127680701405735&w=2
https://secunia.com/advisories/37821
https://secunia.com/advisories/38648
https://secunia.com/advisories/40262
https://securitytracker.com/id?1023372
https://support.apple.com/kb/HT4077
https://www.debian.org/security/2010/dsa-2001
https://www.php.net/ChangeLog-5.php
https://www.php.net/releases/5_2_12.php
https://www.securityfocus.com/bid/37389
https://www.vupen.com/english/advisories/2009/3593
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10005
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7085
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
4) Input validation error
EUVDB-ID: #VU110315
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2009-4143
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
PHP before 5.2.12 does not properly handle session data, which has unspecified impact and attack vectors related to (1) interrupt corruption of the SESSION superglobal array and (2) the session.save_path directive.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 1.0 - 5.2.10
CPE2.3- cpe:2.3:a:php_group:php:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:2.0b10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.9:*:*:*:*:*:*:*
https://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html
https://marc.info/?l=bugtraq&m=127680701405735&w=2
https://secunia.com/advisories/37821
https://secunia.com/advisories/38648
https://secunia.com/advisories/40262
https://secunia.com/advisories/41480
https://secunia.com/advisories/41490
https://support.apple.com/kb/HT4077
https://www.debian.org/security/2010/dsa-2001
https://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995
https://www.mandriva.com/security/advisories?name=MDVSA-2010:045
https://www.php.net/ChangeLog-5.php
https://www.php.net/releases/5_2_12.php
https://www.securityfocus.com/bid/37390
https://www.vupen.com/english/advisories/2009/3593
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7439
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Input validation error
EUVDB-ID: #VU110316
Risk: Medium
CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2009-2626
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: Yes
DescriptionThe vulnerability allows a remote non-authenticated attacker to read memory contents or crash the application.
The zend_restore_ini_entry_cb function in zend_ini.c in PHP 5.3.0, 5.2.10, and earlier versions allows context-specific attackers to obtain sensitive information (memory contents) and cause a PHP crash by using the ini_set function to declare a variable, then using the ini_restore function to restore the variable.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 1.0 - 5.3
CPE2.3- cpe:2.3:a:php_group:php:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:2.0b10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.10:*:*:*:*:*:*:*
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=540605
https://secunia.com/advisories/37482
https://securityreason.com/achievement_securityalert/65
https://svn.php.net/viewvc/php/php-src/branches/PHP_5_3/Zend/zend_ini.c?r1=272370&r2=284156
https://www.debian.org/security/2009/dsa-1940
https://www.securityfocus.com/bid/36009
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
6) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU110317
Risk: Medium
CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2009-4018
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: Yes
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
The proc_open function in ext/standard/proc_open.c in PHP before 5.2.11 and 5.3.x before 5.3.1 does not enforce the (1) safe_mode_allowed_env_vars and (2) safe_mode_protected_env_vars directives, which allows context-dependent attackers to execute programs with an arbitrary environment via the env parameter, as demonstrated by a crafted value of the LD_LIBRARY_PATH environment variable.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 1.0 - 5.3
CPE2.3- cpe:2.3:a:php_group:php:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:2.0b10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.11:*:*:*:*:*:*:*
https://bugs.php.net/bug.php?id=49026
https://marc.info/?l=bugtraq&m=127680701405735&w=2
https://marc.info/?l=oss-security&m=125886770008678&w=2
https://marc.info/?l=oss-security&m=125897935330618&w=2
https://secunia.com/advisories/40262
https://secunia.com/advisories/41480
https://secunia.com/advisories/41490
https://svn.php.net/viewvc/?view=revision&revision=286360
https://svn.php.net/viewvc/php/php-src/branches/PHP_5_2/ext/standard/proc_open.c?r1=286360&r2=286359&pathrev=286360
https://svn.php.net/viewvc/php/php-src/branches/PHP_5_3/ext/standard/proc_open.c?r1=286360&r2=286359&pathrev=286360
https://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995
https://www.mandriva.com/security/advisories?name=MDVSA-2009:303
https://www.openwall.com/lists/oss-security/2009/11/23/15
https://www.php.net/ChangeLog-5.php
https://www.securityfocus.com/bid/37138
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7256
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
7) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU110319
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2009-3557
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to corrupt data.
The tempnam function in ext/standard/file.c in PHP before 5.2.12 and 5.3.x before 5.3.1 allows context-dependent attackers to bypass safe_mode restrictions, and create files in group-writable or world-writable directories, via the dir and prefix arguments.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 1.0 - 5.3
CPE2.3- cpe:2.3:a:php_group:php:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:2.0b10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.12:*:*:*:*:*:*:*
https://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html
https://marc.info/?l=bugtraq&m=127680701405735&w=2
https://news.php.net/php.announce/79
https://secunia.com/advisories/37412
https://secunia.com/advisories/37821
https://secunia.com/advisories/40262
https://securityreason.com/securityalert/6601
https://support.apple.com/kb/HT4077
https://svn.php.net/viewvc/php/php-src/branches/PHP_5_2/ext/standard/file.c?view=log
https://svn.php.net/viewvc/php/php-src/branches/PHP_5_3/ext/standard/file.c?view=log
https://svn.php.net/viewvc?view=revision&revision=288945
https://www.mandriva.com/security/advisories?name=MDVSA-2009:285
https://www.mandriva.com/security/advisories?name=MDVSA-2009:302
https://www.mandriva.com/security/advisories?name=MDVSA-2009:303
https://www.openwall.com/lists/oss-security/2009/11/20/2
https://www.openwall.com/lists/oss-security/2009/11/20/3
https://www.openwall.com/lists/oss-security/2009/11/20/5
https://www.php.net/ChangeLog-5.php
https://www.php.net/releases/5_2_12.php
https://www.php.net/releases/5_3_1.php
https://www.vupen.com/english/advisories/2009/3593
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7396
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU110320
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2009-3558
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
The posix_mkfifo function in ext/posix/posix.c in PHP before 5.2.12 and 5.3.x before 5.3.1 allows context-dependent attackers to bypass open_basedir restrictions, and create FIFO files, via the pathname and mode arguments, as demonstrated by creating a .htaccess file. Access Complexity selected medium according to the information from X-force link regarding enabling "open_basedir" option. http://xforce.iss.net/xforce/xfdb/53568
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 1.0 - 5.3
CPE2.3- cpe:2.3:a:php_group:php:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:2.0b10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.13:*:*:*:*:*:*:*
https://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html
https://news.php.net/php.announce/79
https://secunia.com/advisories/37412
https://secunia.com/advisories/37821
https://securityreason.com/securityalert/6600
https://support.apple.com/kb/HT4077
https://svn.php.net/viewvc/php/php-src/branches/PHP_5_2/ext/posix/posix.c?view=log
https://svn.php.net/viewvc/php/php-src/branches/PHP_5_3/ext/posix/posix.c?view=log
https://svn.php.net/viewvc?view=revision&revision=288943
https://www.mandriva.com/security/advisories?name=MDVSA-2009:285
https://www.mandriva.com/security/advisories?name=MDVSA-2009:302
https://www.mandriva.com/security/advisories?name=MDVSA-2009:303
https://www.openwall.com/lists/oss-security/2009/11/20/2
https://www.openwall.com/lists/oss-security/2009/11/20/3
https://www.openwall.com/lists/oss-security/2009/11/20/5
https://www.php.net/ChangeLog-5.php
https://www.php.net/releases/5_2_12.php
https://www.php.net/releases/5_3_1.php
https://www.vupen.com/english/advisories/2009/3593
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Input validation error
EUVDB-ID: #VU110321
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2009-3291
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
The php_openssl_apply_verification_policy function in PHP before 5.2.11 does not properly perform certificate validation, which has unknown impact and attack vectors, probably related to an ability to spoof certificates.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 1.0 - 5.2.9
CPE2.3- cpe:2.3:a:php_group:php:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:2.0b10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.14:*:*:*:*:*:*:*
https://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html
https://lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.html
https://marc.info/?l=bugtraq&m=127680701405735&w=2
https://marc.info/?l=bugtraq&m=130497311408250&w=2
https://secunia.com/advisories/36791
https://secunia.com/advisories/37482
https://secunia.com/advisories/40262
https://support.apple.com/kb/HT3937
https://www.debian.org/security/2009/dsa-1940
https://www.osvdb.org/58185
https://www.php.net/ChangeLog-5.php#5.2.11
https://www.php.net/releases/5_2_11.php
https://www.securitytracker.com/id?1022914
https://www.vupen.com/english/advisories/2009/3184
https://exchange.xforce.ibmcloud.com/vulnerabilities/53334
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10438
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7394
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Input validation error
EUVDB-ID: #VU110322
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2009-3292
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Unspecified vulnerability in PHP before 5.2.11, and 5.3.x before 5.3.1, has unknown impact and attack vectors related to "missing sanity checks around exif processing."
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 1.0 - 5.2.9
CPE2.3- cpe:2.3:a:php_group:php:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:2.0b10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.15:*:*:*:*:*:*:*
https://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html
https://lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.html
https://marc.info/?l=bugtraq&m=127680701405735&w=2
https://marc.info/?l=bugtraq&m=130497311408250&w=2
https://news.php.net/php.announce/79
https://secunia.com/advisories/36791
https://secunia.com/advisories/37412
https://secunia.com/advisories/37482
https://secunia.com/advisories/40262
https://support.apple.com/kb/HT3937
https://www.debian.org/security/2009/dsa-1940
https://www.mandriva.com/security/advisories?name=MDVSA-2009:302
https://www.openwall.com/lists/oss-security/2009/11/20/2
https://www.openwall.com/lists/oss-security/2009/11/20/3
https://www.osvdb.org/58186
https://www.php.net/ChangeLog-5.php
https://www.php.net/ChangeLog-5.php#5.2.11
https://www.php.net/releases/5_2_11.php
https://www.php.net/releases/5_3_1.php
https://www.securitytracker.com/id?1022914
https://www.vupen.com/english/advisories/2009/3184
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7652
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9982
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Input validation error
EUVDB-ID: #VU110323
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2009-3293
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Unspecified vulnerability in the imagecolortransparent function in PHP before 5.2.11 has unknown impact and attack vectors related to an incorrect "sanity check for the color index."
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 1.0 - 5.2.9
CPE2.3- cpe:2.3:a:php_group:php:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:2.0b10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.16:*:*:*:*:*:*:*
https://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html
https://lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.html
https://marc.info/?l=bugtraq&m=127680701405735&w=2
https://marc.info/?l=bugtraq&m=130497311408250&w=2
https://secunia.com/advisories/36791
https://secunia.com/advisories/40262
https://support.apple.com/kb/HT3937
https://www.osvdb.org/58187
https://www.php.net/ChangeLog-5.php#5.2.11
https://www.php.net/releases/5_2_11.php
https://www.securitytracker.com/id?1022914
https://www.vupen.com/english/advisories/2009/3184
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7047
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Input validation error
EUVDB-ID: #VU110324
Risk: Medium
CVSSv4.0: N/A
CVE-ID: CVE-2008-7068
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows context-dependent attackers to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can cause a denial of service (file truncation) via a key with the NULL byte.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 4.0.0 - 5.2.6
CPE2.3- cpe:2.3:a:php_group:php:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
https://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.1313&r2=1.2027.2.547.2.1314&
https://securityreason.com/achievement_securityalert/58
https://www.osvdb.org/52206
https://www.securityfocus.com/archive/1/498746/100/0/threaded
https://www.securityfocus.com/archive/1/498981/100/0/threaded
https://www.securityfocus.com/archive/1/498982/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/47316
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Cross-site scripting
EUVDB-ID: #VU110330
Risk: Low
CVSSv4.0: N/A
CVE-ID: CVE-2008-5814
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionVulnerability allows a remote attacker to perform Cross-site scripting attacks.
An input validation error exists in PHP, possibly 5.2.7 and earlier, when display_errors is enabled,. A remote authenticated attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in victim's browser in security context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 1.0 - 5.2.6
CPE2.3- cpe:2.3:a:php_group:php:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:2.0b10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.16:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.17:*:*:*:*:*:*:*
https://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444
https://jvn.jp/en/jp/JVN50327700/index.html
https://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000084.html
https://marc.info/?l=bugtraq&m=124277349419254&w=2
https://secunia.com/advisories/34830
https://secunia.com/advisories/34933
https://secunia.com/advisories/35003
https://secunia.com/advisories/35007
https://secunia.com/advisories/35108
https://www.debian.org/security/2009/dsa-1789
https://www.redhat.com/support/errata/RHSA-2009-0350.html
https://www.ubuntu.com/usn/USN-761-2
https://www.vupen.com/english/advisories/2009/1338
https://exchange.xforce.ibmcloud.com/vulnerabilities/47496
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10501
https://usn.ubuntu.com/761-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Input validation error
EUVDB-ID: #VU110336
Risk: Medium
CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2008-4107
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
The (1) rand and (2) mt_rand functions in PHP 5.2.6 do not produce cryptographically strong random numbers, which allows attackers to leverage exposures in products that rely on these functions for security-relevant functionality, as demonstrated by the password-reset functionality in Joomla! 1.5.x and WordPress before 2.6.2, a different vulnerability than CVE-2008-2107, CVE-2008-2108, and CVE-2008-4102. Download the latest version of PHP to fix this vulnerability: http://www.php.net/downloads.php
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 4.0.0 - 5.2.4
CPE2.3- cpe:2.3:a:php_group:php:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
https://marc.info/?l=oss-security&m=122152830017099&w=2
https://osvdb.org/48700
https://secunia.com/advisories/31737
https://secunia.com/advisories/31870
https://securityreason.com/securityalert/4271
https://securitytracker.com/id?1020869
https://wordpress.org/development/2008/09/wordpress-262/
https://www.openwall.com/lists/oss-security/2008/09/11/6
https://www.securityfocus.com/archive/1/496237/100/0/threaded
https://www.securityfocus.com/archive/1/496287/100/0/threaded
https://www.securityfocus.com/bid/31115
https://www.sektioneins.de/advisories/SE-2008-02.txt
https://www.sektioneins.de/advisories/SE-2008-04.txt
https://www.sektioneins.de/advisories/SE-2008-05.txt
https://www.suspekt.org/2008/08/17/mt_srand-and-not-so-random-numbers/
https://www.vupen.com/english/advisories/2008/2553
https://exchange.xforce.ibmcloud.com/vulnerabilities/45956
https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00607.html
https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00629.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
15) Input validation error
EUVDB-ID: #VU110369
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2007-4658
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
The money_format function in PHP 5 before 5.2.4, and PHP 4 before 4.4.8, permits multiple (1) %i and (2) %n tokens, which has unknown impact and attack vectors, possibly related to a format string vulnerability.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 4.0.0 - 5.2.14
CPE2.3- cpe:2.3:a:php_group:php:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
https://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html
https://rhn.redhat.com/errata/RHSA-2007-0889.html
https://secunia.com/advisories/26642
https://secunia.com/advisories/26822
https://secunia.com/advisories/26838
https://secunia.com/advisories/26871
https://secunia.com/advisories/26895
https://secunia.com/advisories/26930
https://secunia.com/advisories/26967
https://secunia.com/advisories/27102
https://secunia.com/advisories/27377
https://secunia.com/advisories/27545
https://secunia.com/advisories/27864
https://secunia.com/advisories/28249
https://secunia.com/advisories/28658
https://secunia.com/advisories/28936
https://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.335136
https://support.avaya.com/elmodocs2/security/ASA-2007-449.htm
https://www.debian.org/security/2008/dsa-1444
https://www.gentoo.org/security/en/glsa/glsa-200710-02.xml
https://www.mandriva.com/security/advisories?name=MDKSA-2007:187
https://www.php.net/ChangeLog-4.php
https://www.php.net/ChangeLog-5.php#5.2.4
https://www.php.net/releases/4_4_8.php
https://www.php.net/releases/5_2_4.php
https://www.redhat.com/support/errata/RHSA-2007-0890.html
https://www.redhat.com/support/errata/RHSA-2007-0891.html
https://www.trustix.org/errata/2007/0026/
https://www.ubuntu.com/usn/usn-549-2
https://www.vupen.com/english/advisories/2007/3023
https://www.vupen.com/english/advisories/2008/0059
https://exchange.xforce.ibmcloud.com/vulnerabilities/36377
https://issues.rpath.com/browse/RPL-1693
https://issues.rpath.com/browse/RPL-1702
https://launchpad.net/bugs/173043
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10363
https://usn.ubuntu.com/549-1/
https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00354.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
16) Link following
EUVDB-ID: #VU110375
Risk: Low
CVSSv4.0: 1.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/U:Clear]
CVE-ID: CVE-2007-4652
CWE-ID:
CWE-59 - Improper Link Resolution Before File Access ('Link Following')
Exploit availability: Yes
DescriptionThe vulnerability allows a local user to read and manipulate data.
The session extension in PHP before 5.2.4 might allow local users to bypass open_basedir restrictions via a session file that is a symlink.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 1.0 - 5.2.2
CPE2.3- cpe:2.3:a:php_group:php:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:2.0b10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.16:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.17:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.18:*:*:*:*:*:*:*
https://secunia.com/advisories/26642
https://secunia.com/advisories/26822
https://secunia.com/advisories/26838
https://secunia.com/advisories/27102
https://secunia.com/advisories/27377
https://www.gentoo.org/security/en/glsa/glsa-200710-02.xml
https://www.php.net/ChangeLog-5.php#5.2.4
https://www.php.net/releases/5_2_4.php
https://www.trustix.org/errata/2007/0026/
https://www.vupen.com/english/advisories/2007/3023
https://exchange.xforce.ibmcloud.com/vulnerabilities/36387
https://issues.rpath.com/browse/RPL-1693
https://issues.rpath.com/browse/RPL-1702
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
17) Input validation error
EUVDB-ID: #VU110388
Risk: Medium
CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2007-3799
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: Yes
DescriptionThe vulnerability allows a remote non-authenticated attacker to corrupt data.
The session_start function in ext/session in PHP 4.x up to 4.4.7 and 5.x up to 5.2.3 allows remote attackers to insert arbitrary attributes into the session cookie via special characters in a cookie that is obtained from (1) PATH_INFO, (2) the session_id function, and (3) the session_start function, which are not encoded or filtered when the new session cookie is generated, a related issue to CVE-2006-0207.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 4.0.0 - 5.2.14
CPE2.3- cpe:2.3:a:php_group:php:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.1:*:*:*:*:*:*:*
https://docs.info.apple.com/article.html?artnum=307562
https://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html
https://osvdb.org/36855
https://rhn.redhat.com/errata/RHSA-2007-0889.html
https://secunia.com/advisories/26871
https://secunia.com/advisories/26895
https://secunia.com/advisories/26930
https://secunia.com/advisories/26967
https://secunia.com/advisories/27351
https://secunia.com/advisories/27377
https://secunia.com/advisories/27545
https://secunia.com/advisories/27864
https://secunia.com/advisories/28249
https://secunia.com/advisories/29420
https://secunia.com/advisories/30288
https://support.avaya.com/elmodocs2/security/ASA-2007-449.htm
https://www.debian.org/security/2008/dsa-1444
https://www.debian.org/security/2008/dsa-1578
https://www.mandriva.com/security/advisories?name=MDKSA-2007:187
https://www.novell.com/linux/security/advisories/2007_15_sr.html
https://www.php-security.org/MOPB/PMOPB-46-2007.html
https://www.redhat.com/support/errata/RHSA-2007-0888.html
https://www.redhat.com/support/errata/RHSA-2007-0890.html
https://www.redhat.com/support/errata/RHSA-2007-0891.html
https://www.securityfocus.com/bid/24268
https://www.ubuntu.com/usn/usn-549-2
https://www.vupen.com/english/advisories/2008/0924/references
https://issues.rpath.com/browse/RPL-1693
https://launchpad.net/bugs/173043
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9792
https://usn.ubuntu.com/549-1/
https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00354.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
18) Input validation error
EUVDB-ID: #VU110396
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2007-2844
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
PHP 4.x and 5.x before 5.2.1, when running on multi-threaded systems, does not ensure thread safety for libc crypt function calls using protection schemes such as a mutex, which creates race conditions that allow remote attackers to overwrite internal program memory and gain system access.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 4.0.0 - 5.2
CPE2.3- cpe:2.3:a:php_group:php:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.2:*:*:*:*:*:*:*
https://blog.php-security.org/archives/82-Suhosin-0.9.20-and-crypt-Thread-Safety-Vulnerability.html
https://osvdb.org/36088
https://secunia.com/advisories/25434
https://www.securityfocus.com/bid/24109
https://exchange.xforce.ibmcloud.com/vulnerabilities/34601
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
19) Input validation error
EUVDB-ID: #VU110399
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2007-2727
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
The mcrypt_create_iv function in ext/mcrypt/mcrypt.c in PHP before 4.4.7, 5.2.1, and possibly 5.0.x and other PHP 5 versions, calls php_rand_r with an uninitialized seed variable and therefore always generates the same initialization vector (IV), which might allow context-dependent attackers to decrypt certain data more easily because of the guessable encryption keys.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 4.0.1 - 4.3.11
CPE2.3- cpe:2.3:a:php_group:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.3:*:*:*:*:*:*:*
https://blog.php-security.org/archives/80-Watching-the-PHP-CVS.html
https://www.fortheloot.com/public/mcrypt.patch
https://bugs.php.net/bug.php?id=40999
https://cvs.php.net/viewvc.cgi/php-src/ext/mcrypt/mcrypt.c?r1=1.91.2.3.2.9&r2=1.91.2.3.2.10
https://www.php.net/ChangeLog-5.php
https://www.securityfocus.com/bid/23984
https://www.mandriva.com/security/advisories?name=MDKSA-2007:187
https://www.novell.com/linux/security/advisories/2007_15_sr.html
https://secunia.com/advisories/26895
https://osvdb.org/36087
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
20) Input validation error
EUVDB-ID: #VU110402
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2007-2509
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to corrupt data.
CRLF injection vulnerability in the ftp_putcmd function in PHP before 4.4.7, and 5.x before 5.2.2 allows remote attackers to inject arbitrary FTP commands via CRLF sequences in the parameters to earlier FTP commands.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 4.0.0 - 5.2.1
CPE2.3- cpe:2.3:a:php_group:php:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3:*:*:*:*:*:*:*
https://lists.opensuse.org/opensuse-security-announce/2007-07/msg00006.html
https://rhn.redhat.com/errata/RHSA-2007-0889.html
https://secunia.com/advisories/25187
https://secunia.com/advisories/25191
https://secunia.com/advisories/25255
https://secunia.com/advisories/25318
https://secunia.com/advisories/25365
https://secunia.com/advisories/25372
https://secunia.com/advisories/25445
https://secunia.com/advisories/25660
https://secunia.com/advisories/26048
https://secunia.com/advisories/26967
https://secunia.com/advisories/27351
https://security.gentoo.org/glsa/glsa-200705-19.xml
https://securityreason.com/securityalert/2672
https://support.avaya.com/elmodocs2/security/ASA-2007-231.htm
https://us2.php.net/releases/4_4_7.php
https://us2.php.net/releases/5_2_2.php
https://www.debian.org/security/2007/dsa-1295
https://www.debian.org/security/2007/dsa-1296
https://www.mandriva.com/security/advisories?name=MDKSA-2007:102
https://www.mandriva.com/security/advisories?name=MDKSA-2007:103
https://www.redhat.com/support/errata/RHSA-2007-0349.html
https://www.redhat.com/support/errata/RHSA-2007-0355.html
https://www.redhat.com/support/errata/RHSA-2007-0888.html
https://www.securityfocus.com/archive/1/463596/100/0/threaded
https://www.securityfocus.com/bid/23813
https://www.securityfocus.com/bid/23818
https://www.securitytracker.com/id?1018022
https://www.trustix.org/errata/2007/0017/
https://www.ubuntu.com/usn/usn-462-1
https://www.vupen.com/english/advisories/2007/2187
https://exchange.xforce.ibmcloud.com/vulnerabilities/34413
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10839
https://rhn.redhat.com/errata/RHSA-2007-0348.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
21) Buffer overflow
EUVDB-ID: #VU110403
Risk: Medium
CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2007-2510
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Buffer overflow in the make_http_soap_request function in PHP before 5.2.2 has unknown impact and remote attack vectors, possibly related to "/" (slash) characters.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 4.0.0 - 5.2.1
CPE2.3- cpe:2.3:a:php_group:php:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.1:*:*:*:*:*:*:*
https://lists.opensuse.org/opensuse-security-announce/2007-07/msg00006.html
https://osvdb.org/34675
https://secunia.com/advisories/25187
https://secunia.com/advisories/25191
https://secunia.com/advisories/25255
https://secunia.com/advisories/25318
https://secunia.com/advisories/25372
https://secunia.com/advisories/25445
https://secunia.com/advisories/26048
https://security.gentoo.org/glsa/glsa-200705-19.xml
https://us2.php.net/releases/5_2_2.php
https://viewcvs.php.net/viewvc.cgi/php-src/ext/soap/php_http.c?r1=1.77.2.11.2.5&r2=1.77.2.11.2.6
https://www.debian.org/security/2007/dsa-1295
https://www.mandriva.com/security/advisories?name=MDKSA-2007:102
https://www.redhat.com/support/errata/RHSA-2007-0355.html
https://www.securityfocus.com/bid/23813
https://www.securityfocus.com/bid/24034
https://www.securitytracker.com/id?1018023
https://www.trustix.org/errata/2007/0017/
https://www.ubuntu.com/usn/usn-462-1
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10715
https://rhn.redhat.com/errata/RHSA-2007-0348.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
22) Input validation error
EUVDB-ID: #VU110404
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2007-2511
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
Buffer overflow in the user_filter_factory_create function in PHP before 5.2.2 has unknown impact and local attack vectors.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 4.0.0 - 5.0.0
CPE2.3- cpe:2.3:a:php_group:php:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.2:*:*:*:*:*:*:*
https://lists.opensuse.org/opensuse-security-announce/2007-07/msg00006.html
https://osvdb.org/34676
https://secunia.com/advisories/25191
https://secunia.com/advisories/25255
https://secunia.com/advisories/25372
https://secunia.com/advisories/25445
https://secunia.com/advisories/26048
https://security.gentoo.org/glsa/glsa-200705-19.xml
https://us2.php.net/releases/5_2_2.php
https://viewcvs.php.net/viewvc.cgi/php-src/ext/standard/user_filters.c?r1=1.31.2.4.2.5&r2=1.31.2.4.2.6
https://www.mandriva.com/security/advisories?name=MDKSA-2007:102
https://www.trustix.org/errata/2007/0017/
https://www.ubuntu.com/usn/usn-462-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
23) Input validation error
EUVDB-ID: #VU110407
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2007-1883
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows context-dependent attackers to read arbitrary memory locations via an interruption that triggers a user space error handler that changes a parameter to an arbitrary pointer, as demonstrated via the iptcembed function, which calls certain convert_to_* functions with its input parameters.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 4.0.0 - 5.2.1
CPE2.3- cpe:2.3:a:php_group:php:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.3:*:*:*:*:*:*:*
https://secunia.com/advisories/24542
https://secunia.com/advisories/27102
https://www.gentoo.org/security/en/glsa/glsa-200710-02.xml
https://www.php-security.org/MOPB/MOPB-37-2007.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/33750
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
24) Input validation error
EUVDB-ID: #VU110408
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2007-1884
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Multiple integer signedness errors in the printf function family in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 on 64 bit machines allow context-dependent attackers to execute arbitrary code via (1) certain negative argument numbers that arise in the php_formatted_print function because of 64 to 32 bit truncation, and bypass a check for the maximum allowable value; and (2) a width and precision of -1, which make it possible for the php_sprintf_appendstring function to place an internal buffer at an arbitrary memory location.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 4.0.0 - 4.4.4
CPE2.3- cpe:2.3:a:php_group:php:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.4:*:*:*:*:*:*:*
https://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506
https://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137
https://secunia.com/advisories/25423
https://secunia.com/advisories/25850
https://www.osvdb.org/33955
https://www.osvdb.org/34767
https://www.php.net/releases/5_2_1.php
https://www.php-security.org/MOPB/MOPB-38-2007.html
https://www.securityfocus.com/bid/23219
https://www.vupen.com/english/advisories/2007/1991
https://www.vupen.com/english/advisories/2007/2374
https://exchange.xforce.ibmcloud.com/vulnerabilities/33755
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
25) Input validation error
EUVDB-ID: #VU110409
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2007-1885
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Integer overflow in the str_replace function in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 allows context-dependent attackers to execute arbitrary code via a single character search string in conjunction with a long replacement string, which overflows a 32 bit length counter. NOTE: this is probably the same issue as CVE-2007-0906.6.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 4.0.0 - 5.2
CPE2.3- cpe:2.3:a:php_group:php:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.5:*:*:*:*:*:*:*
https://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506
https://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137
https://secunia.com/advisories/25423
https://secunia.com/advisories/25850
https://www.php.net/releases/5_2_1.php
https://www.php-security.org/MOPB/MOPB-39-2007.html
https://www.securityfocus.com/bid/23233
https://www.vupen.com/english/advisories/2007/1991
https://www.vupen.com/english/advisories/2007/2374
https://exchange.xforce.ibmcloud.com/vulnerabilities/33767
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
26) Input validation error
EUVDB-ID: #VU110412
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2007-1888
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Buffer overflow in the sqlite_decode_binary function in src/encode.c in SQLite 2, as used by PHP 4.x through 5.x and other applications, allows context-dependent attackers to execute arbitrary code via an empty value of the in parameter. NOTE: some PHP installations use a bundled version of sqlite without this vulnerability. The SQLite developer has argued that this issue could be due to a misuse of the sqlite_decode_binary() API.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 4.0.0 - 5.4
CPE2.3- cpe:2.3:a:php_group:php:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.6:*:*:*:*:*:*:*
https://osvdb.org/39177
https://secunia.com/advisories/25057
https://www.attrition.org/pipermail/vim/2007-April/001540.html
https://www.mandriva.com/security/advisories?name=MDKSA-2007:091
https://www.php-security.org/MOPB/MOPB-41-2007.html
https://www.sqlite.org/cvstrac/rlog?f=sqlite/src/encode.c
https://www.ubuntu.com/usn/usn-455-1
https://exchange.xforce.ibmcloud.com/vulnerabilities/38518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
27) Input validation error
EUVDB-ID: #VU110414
Risk: Medium
CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2007-1890
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: Yes
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Integer overflow in the msg_receive function in PHP 4 before 4.4.5 and PHP 5 before 5.2.1, on FreeBSD and possibly other platforms, allows context-dependent attackers to execute arbitrary code via certain maxsize values, as demonstrated by 0xffffffff.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 4.0.0 - 5.2
CPE2.3- cpe:2.3:a:php_group:php:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.7:*:*:*:*:*:*:*
https://www.php-security.org/MOPB/MOPB-43-2007.html
https://www.securityfocus.com/bid/23236
https://exchange.xforce.ibmcloud.com/vulnerabilities/33775
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
28) Input validation error
EUVDB-ID: #VU110415
Risk: Medium
CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2007-1001
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: Yes
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Multiple integer overflows in the (1) createwbmp and (2) readwbmp functions in wbmp.c in the GD library (libgd) in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allow context-dependent attackers to execute arbitrary code via Wireless Bitmap (WBMP) images with large width or height values.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 4.0.0 - 5.2.1
CPE2.3- cpe:2.3:a:php_group:php:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.8:*:*:*:*:*:*:*
https://cvs.php.net/viewvc.cgi/php-src/ext/gd/libgd/wbmp.c?r1=1.2.4.1&r2=1.2.4.1.8.1
https://cvs.php.net/viewvc.cgi/php-src/ext/gd/libgd/wbmp.c?revision=1.2.4.1.8.1&view=markup
https://docs.info.apple.com/article.html?artnum=306172
https://ifsec.blogspot.com/2007/04/php-521-wbmp-file-handling-integer.html
https://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
https://rhn.redhat.com/errata/RHSA-2007-0155.html
https://secunia.com/advisories/24814
https://secunia.com/advisories/24909
https://secunia.com/advisories/24924
https://secunia.com/advisories/24945
https://secunia.com/advisories/24965
https://secunia.com/advisories/25056
https://secunia.com/advisories/25151
https://secunia.com/advisories/25445
https://secunia.com/advisories/26235
https://security.gentoo.org/glsa/glsa-200705-19.xml
https://us2.php.net/releases/4_4_7.php
https://us2.php.net/releases/5_2_2.php
https://www.mandriva.com/security/advisories?name=MDKSA-2007:087
https://www.mandriva.com/security/advisories?name=MDKSA-2007:088
https://www.mandriva.com/security/advisories?name=MDKSA-2007:089
https://www.mandriva.com/security/advisories?name=MDKSA-2007:090
https://www.novell.com/linux/security/advisories/2007_32_php.html
https://www.redhat.com/support/errata/RHSA-2007-0153.html
https://www.redhat.com/support/errata/RHSA-2007-0162.html
https://www.securityfocus.com/archive/1/464957/100/0/threaded
https://www.securityfocus.com/archive/1/466166/100/0/threaded
https://www.securityfocus.com/bid/23357
https://www.securityfocus.com/bid/25159
https://www.slackware.org/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.470053
https://www.vupen.com/english/advisories/2007/1269
https://www.vupen.com/english/advisories/2007/2732
https://exchange.xforce.ibmcloud.com/vulnerabilities/33453
https://issues.rpath.com/browse/RPL-1268
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10179
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
29) Input validation error
EUVDB-ID: #VU110416
Risk: Low
CVSSv4.0: 1.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/U:Clear]
CVE-ID: CVE-2007-1835
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: Yes
DescriptionThe vulnerability allows a local user to read and manipulate data.
PHP 4 before 4.4.5 and PHP 5 before 5.2.1, when using an empty session save path (session.save_path), uses the TMPDIR default after checking the restrictions, which allows local users to bypass open_basedir restrictions.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 4.0.0 - 5.2
CPE2.3- cpe:2.3:a:php_group:php:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.9:*:*:*:*:*:*:*
https://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506
https://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137
https://secunia.com/advisories/25423
https://secunia.com/advisories/25850
https://www.php-security.org/MOPB/MOPB-36-2007.html
https://www.securityfocus.com/bid/23183
https://www.vupen.com/english/advisories/2007/1991
https://www.vupen.com/english/advisories/2007/2374
https://exchange.xforce.ibmcloud.com/vulnerabilities/33550
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
30) Input validation error
EUVDB-ID: #VU110418
Risk: Medium
CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2007-1825
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: Yes
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Buffer overflow in the imap_mail_compose function in PHP 5 before 5.2.1, and PHP 4 before 4.4.5, allows remote attackers to execute arbitrary code via a long boundary string in a type.parameters field. NOTE: as of 20070411, it appears that this issue might be subsumed by CVE-2007-0906.3.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 4.0.0 - 5.1.6
CPE2.3- cpe:2.3:a:php_group:php:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.10:*:*:*:*:*:*:*
https://www.php-security.org/MOPB/MOPB-40-2007.html
https://www.securityfocus.com/bid/23234
https://exchange.xforce.ibmcloud.com/vulnerabilities/33534
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10377
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
31) Heap-based buffer overflow
EUVDB-ID: #VU110419
Risk: Medium
CVSSv4.0: N/A
CVE-ID: CVE-2007-1777
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in Integer overflow in the zip_read_entry function in PHP 4 before 4.4.5. A remote attacker can use a ZIP archive that contains an entry with a length value of 0xffffffff to trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 3.0 - 4.4.4
CPE2.3- cpe:2.3:a:php_group:php:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.16:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.17:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.18:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.11:*:*:*:*:*:*:*
https://secunia.com/advisories/25025
https://secunia.com/advisories/25062
https://www.debian.org/security/2007/dsa-1282
https://www.debian.org/security/2007/dsa-1283
https://www.mandriva.com/security/advisories?name=MDVSA-2008:130
https://www.php-security.org/MOPB/MOPB-35-2007.html
https://www.securityfocus.com/bid/23169
https://exchange.xforce.ibmcloud.com/vulnerabilities/33652
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
32) Input validation error
EUVDB-ID: #VU110420
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2007-1717
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to corrupt data.
The mail function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 truncates e-mail messages at the first ASCIIZ ('�') byte, which might allow context-dependent attackers to prevent intended information from being delivered in e-mail messages. NOTE: this issue might be security-relevant in cases when the trailing contents of e-mail messages are important, such as logging information or if the message is expected to be well-formed.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 4.0.0 - 5.2.1
CPE2.3- cpe:2.3:a:php_group:php:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4:*:*:*:*:*:*:*
https://docs.info.apple.com/article.html?artnum=306172
https://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
https://secunia.com/advisories/25056
https://secunia.com/advisories/25445
https://secunia.com/advisories/26235
https://security.gentoo.org/glsa/glsa-200705-19.xml
https://us2.php.net/releases/4_4_7.php
https://us2.php.net/releases/5_2_2.php
https://www.novell.com/linux/security/advisories/2007_32_php.html
https://www.php-security.org/MOPB/MOPB-33-2007.html
https://www.securityfocus.com/bid/23146
https://www.securityfocus.com/bid/25159
https://www.vupen.com/english/advisories/2007/2732
https://exchange.xforce.ibmcloud.com/vulnerabilities/33518
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
33) Input validation error
EUVDB-ID: #VU110421
Risk: Medium
CVSSv4.0: 7.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2007-1718
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: Yes
DescriptionThe vulnerability allows a remote non-authenticated attacker to manipulate data.
CRLF injection vulnerability in the mail function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows remote attackers to inject arbitrary e-mail headers and possibly conduct spam attacks via a control character immediately following folding of the (1) Subject or (2) To parameter, as demonstrated by a parameter containing a " " sequence, related to an increment bug in the SKIP_LONG_HEADER_SEP macro.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 4.0.0 - 5.2.1
CPE2.3- cpe:2.3:a:php_group:php:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.1:*:*:*:*:*:*:*
https://rhn.redhat.com/errata/RHSA-2007-0155.html
https://secunia.com/advisories/24909
https://secunia.com/advisories/24924
https://secunia.com/advisories/24965
https://secunia.com/advisories/25025
https://secunia.com/advisories/25056
https://secunia.com/advisories/25057
https://secunia.com/advisories/25062
https://secunia.com/advisories/25445
https://security.gentoo.org/glsa/glsa-200705-19.xml
https://us2.php.net/releases/5_2_2.php
https://www.debian.org/security/2007/dsa-1282
https://www.debian.org/security/2007/dsa-1283
https://www.mandriva.com/security/advisories?name=MDKSA-2007:087
https://www.mandriva.com/security/advisories?name=MDKSA-2007:088
https://www.mandriva.com/security/advisories?name=MDKSA-2007:089
https://www.mandriva.com/security/advisories?name=MDKSA-2007:090
https://www.novell.com/linux/security/advisories/2007_32_php.html
https://www.php-security.org/MOPB/MOPB-34-2007.html
https://www.redhat.com/support/errata/RHSA-2007-0153.html
https://www.redhat.com/support/errata/RHSA-2007-0162.html
https://www.securityfocus.com/bid/23145
https://www.securitytracker.com/id?1017946
https://www.ubuntu.com/usn/usn-455-1
https://exchange.xforce.ibmcloud.com/vulnerabilities/33516
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10951
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
34) Input validation error
EUVDB-ID: #VU110422
Risk: Medium
CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2007-1700
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: Yes
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
The session extension in PHP 4 before 4.4.5, and PHP 5 before 5.2.1, calculates the reference count for the session variables without considering the internal pointer from the session globals, which allows context-dependent attackers to execute arbitrary code via a crafted string in the session_register after unsetting HTTP_SESSION_VARS and _SESSION, which destroys the session data Hashtable.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 4.0.0 - 5.2
CPE2.3- cpe:2.3:a:php_group:php:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.2:*:*:*:*:*:*:*
https://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506
https://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137
https://secunia.com/advisories/25056
https://secunia.com/advisories/25057
https://secunia.com/advisories/25062
https://secunia.com/advisories/25423
https://secunia.com/advisories/25445
https://secunia.com/advisories/25850
https://security.gentoo.org/glsa/glsa-200705-19.xml
https://www.debian.org/security/2007/dsa-1283
https://www.novell.com/linux/security/advisories/2007_32_php.html
https://www.php-security.org/MOPB/MOPB-30-2007.html
https://www.securityfocus.com/bid/23119
https://www.ubuntu.com/usn/usn-455-1
https://www.vupen.com/english/advisories/2007/1991
https://www.vupen.com/english/advisories/2007/2374
https://exchange.xforce.ibmcloud.com/vulnerabilities/33520
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
35) Input validation error
EUVDB-ID: #VU110429
Risk: Medium
CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2007-1582
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: Yes
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
The resource system in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows context-dependent attackers to execute arbitrary code by interrupting certain functions in the GD (ext/gd) extension and unspecified other extensions via a userspace error handler, which can be used to destroy and modify internal resources.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 4.0.0 - 5.2.1
CPE2.3- cpe:2.3:a:php_group:php:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.3:*:*:*:*:*:*:*
https://secunia.com/advisories/24542
https://www.php-security.org/MOPB/MOPB-27-2007.html
https://www.securityfocus.com/bid/23046
https://www.exploit-db.com/exploits/3525
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
36) Input validation error
EUVDB-ID: #VU110430
Risk: Medium
CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2007-1583
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: Yes
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
The mb_parse_str function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 sets the internal register_globals flag and does not disable it in certain cases when a script terminates, which allows remote attackers to invoke available PHP scripts with register_globals functionality that is not detectable by these scripts, as demonstrated by forcing a memory_limit violation.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 4.0.0 - 5.2.1
CPE2.3- cpe:2.3:a:php_group:php:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.4:*:*:*:*:*:*:*
https://docs.info.apple.com/article.html?artnum=306172
https://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
https://rhn.redhat.com/errata/RHSA-2007-0155.html
https://secunia.com/advisories/24909
https://secunia.com/advisories/24924
https://secunia.com/advisories/24945
https://secunia.com/advisories/24965
https://secunia.com/advisories/25056
https://secunia.com/advisories/25057
https://secunia.com/advisories/25062
https://secunia.com/advisories/25445
https://secunia.com/advisories/26235
https://security.gentoo.org/glsa/glsa-200705-19.xml
https://us2.php.net/releases/4_4_7.php
https://us2.php.net/releases/5_2_2.php
https://www.debian.org/security/2007/dsa-1283
https://www.mandriva.com/security/advisories?name=MDKSA-2007:088
https://www.mandriva.com/security/advisories?name=MDKSA-2007:089
https://www.mandriva.com/security/advisories?name=MDKSA-2007:090
https://www.novell.com/linux/security/advisories/2007_32_php.html
https://www.php-security.org/MOPB/MOPB-26-2007.html
https://www.redhat.com/support/errata/RHSA-2007-0153.html
https://www.redhat.com/support/errata/RHSA-2007-0162.html
https://www.securityfocus.com/archive/1/466166/100/0/threaded
https://www.securityfocus.com/bid/23016
https://www.securityfocus.com/bid/25159
https://www.ubuntu.com/usn/usn-455-1
https://www.vupen.com/english/advisories/2007/2732
https://issues.rpath.com/browse/RPL-1268
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10245
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
37) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU110439
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2007-1460
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
The zip:// URL wrapper provided by the PECL zip extension in PHP before 4.4.7, and 5.2.0 and 5.2.1, does not implement safemode or open_basedir checks, which allows remote attackers to read ZIP archives located outside of the intended directories.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 1.0 - 5.2.1
CPE2.3- cpe:2.3:a:php_group:php:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:2.0b10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.16:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.17:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.18:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.5:*:*:*:*:*:*:*
https://docs.info.apple.com/article.html?artnum=306172
https://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
https://secunia.com/advisories/25056
https://secunia.com/advisories/26235
https://us2.php.net/releases/4_4_7.php
https://us2.php.net/releases/5_2_2.php
https://www.novell.com/linux/security/advisories/2007_32_php.html
https://www.php-security.org/MOPB/MOPB-20-2007.html
https://www.securityfocus.com/bid/22954
https://www.securityfocus.com/bid/25159
https://www.vupen.com/english/advisories/2007/2732
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
38) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU110440
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2007-1461
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
The compress.bzip2:// URL wrapper provided by the bz2 extension in PHP before 4.4.7, and 5.x before 5.2.2, does not implement safemode or open_basedir checks, which allows remote attackers to read bzip2 archives located outside of the intended directories.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 1.0 - 5.2.1
CPE2.3- cpe:2.3:a:php_group:php:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:2.0b10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.16:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.17:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.18:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.0:*:*:*:*:*:*:*
https://docs.info.apple.com/article.html?artnum=306172
https://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
https://secunia.com/advisories/25056
https://secunia.com/advisories/26235
https://us2.php.net/releases/4_4_7.php
https://us2.php.net/releases/5_2_2.php
https://www.novell.com/linux/security/advisories/2007_32_php.html
https://www.php-security.org/MOPB/MOPB-21-2007.html
https://www.securityfocus.com/bid/22954
https://www.securityfocus.com/bid/25159
https://www.vupen.com/english/advisories/2007/2732
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
39) Input validation error
EUVDB-ID: #VU110443
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2007-1396
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
The import_request_variables function in PHP 4.0.7 through 4.4.6, and 5.x before 5.2.2, when called without a prefix, does not prevent the (1) GET, (2) POST, (3) COOKIE, (4) FILES, (5) SERVER, (6) SESSION, and other superglobals from being overwritten, which allows remote attackers to spoof source IP address and Referer data, and have other unspecified impact. NOTE: it could be argued that this is a design limitation of PHP and that only the misuse of this feature, i.e. implementation bugs in applications, should be included in CVE. However, it has been fixed by the vendor.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 4.0.7 - 5.2.1
CPE2.3- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.6:*:*:*:*:*:*:*
https://lists.opensuse.org/opensuse-security-announce/2007-07/msg00006.html
https://secunia.com/advisories/26048
https://securityreason.com/securityalert/2406
https://us2.php.net/releases/4_4_7.php
https://us2.php.net/releases/5_2_2.php
https://www.securityfocus.com/archive/1/462263/100/0/threaded
https://www.securityfocus.com/archive/1/462457/100/0/threaded
https://www.securityfocus.com/archive/1/462658/100/0/threaded
https://www.securityfocus.com/archive/1/462800/100/0/threaded
https://www.securityfocus.com/bid/22886
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
40) Input validation error
EUVDB-ID: #VU110448
Risk: Medium
CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2007-1376
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: Yes
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
The shmop functions in PHP before 4.4.5, and before 5.2.1 in the 5.x series, do not verify that their arguments correspond to a shmop resource, which allows context-dependent attackers to read and write arbitrary memory locations via arguments associated with an inappropriate resource, as demonstrated by a GD Image resource.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 4.0.0 - 5.2
CPE2.3- cpe:2.3:a:php_group:php:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:*:*:*:*:*:*:*:*
https://secunia.com/advisories/24606
https://secunia.com/advisories/25056
https://secunia.com/advisories/25057
https://secunia.com/advisories/25062
https://security.gentoo.org/glsa/glsa-200703-21.xml
https://www.debian.org/security/2007/dsa-1283
https://www.novell.com/linux/security/advisories/2007_32_php.html
https://www.osvdb.org/32781
https://www.php-security.org/MOPB/MOPB-15-2007.html
https://www.securityfocus.com/bid/22862
https://www.ubuntu.com/usn/usn-455-1
https://www.exploit-db.com/exploits/3426
https://www.exploit-db.com/exploits/3427
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
41) Input validation error
EUVDB-ID: #VU110449
Risk: Medium
CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2007-1378
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
The ovrimos_longreadlen function in the Ovrimos extension for PHP before 4.4.5 allows context-dependent attackers to write to arbitrary memory locations via the result_id and length arguments.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 3.0 - 4.4.4
CPE2.3- cpe:2.3:a:php_group:php:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.16:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.17:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.18:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.4:*:*:*:*:*:*:*
https://www.osvdb.org/32779
https://www.php-security.org/MOPB/MOPB-13-2007.html
https://www.securityfocus.com/bid/22833
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
42) Input validation error
EUVDB-ID: #VU110450
Risk: Medium
CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2007-1379
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
The ovrimos_close function in the Ovrimos extension for PHP before 4.4.5 can trigger efree of an arbitrary address, which might allow context-dependent attackers to execute arbitrary code.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 3.0 - 4.4.4
CPE2.3- cpe:2.3:a:php_group:php:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.16:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.17:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.18:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.4:*:*:*:*:*:*:*
https://www.osvdb.org/34691
https://www.php-security.org/MOPB/MOPB-13-2007.html
https://www.securityfocus.com/bid/22833
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
43) Input validation error
EUVDB-ID: #VU110451
Risk: Medium
CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2007-1380
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: Yes
DescriptionThe vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
The php_binary serialization handler in the session extension in PHP before 4.4.5, and 5.x before 5.2.1, allows context-dependent attackers to obtain sensitive information (memory contents) via a serialized variable entry with a large length value, which triggers a buffer over-read.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 4.0.0 - 5.2
CPE2.3- cpe:2.3:a:php_group:php:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.1:*:*:*:*:*:*:*
https://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506
https://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137
https://lists.suse.com/archive/suse-security-announce/2007-Mar/0003.html
https://secunia.com/advisories/24514
https://secunia.com/advisories/24606
https://secunia.com/advisories/25025
https://secunia.com/advisories/25056
https://secunia.com/advisories/25057
https://secunia.com/advisories/25062
https://secunia.com/advisories/25423
https://secunia.com/advisories/25850
https://security.gentoo.org/glsa/glsa-200703-21.xml
https://www.debian.org/security/2007/dsa-1282
https://www.debian.org/security/2007/dsa-1283
https://www.novell.com/linux/security/advisories/2007_32_php.html
https://www.php-security.org/MOPB/MOPB-10-2007.html
https://www.securityfocus.com/bid/22805
https://www.ubuntu.com/usn/usn-455-1
https://www.vupen.com/english/advisories/2007/1991
https://www.vupen.com/english/advisories/2007/2374
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10792
https://www.exploit-db.com/exploits/3413
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
44) Input validation error
EUVDB-ID: #VU110458
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2007-0905
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
PHP before 5.2.1 allows attackers to bypass safe_mode and open_basedir restrictions via unspecified vectors in the session extension. NOTE: it is possible that this issue is a duplicate of CVE-2006-6383.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 3.0 - 5.2
CPE2.3- cpe:2.3:a:php_group:php:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.16:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.17:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.18:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.2:*:*:*:*:*:*:*
https://osvdb.org/32768
https://secunia.com/advisories/24089
https://secunia.com/advisories/24419
https://www.openpkg.com/security/advisories/OpenPKG-SA-2007.010.html
https://www.php.net/ChangeLog-5.php#5.2.1
https://www.php.net/releases/5_2_1.php
https://www.securityfocus.com/bid/22496
https://www.trustix.org/errata/2007/0009/
https://www.vupen.com/english/advisories/2007/0546
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
45) Input validation error
EUVDB-ID: #VU110459
Risk: Medium
CVSSv4.0: N/A
CVE-ID: CVE-2007-0906
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows attackers to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can cause a denial of service and possibly execute arbitrary code via unspecified vectors in the (1) session, (2) zip, (3) imap, and (4) sqlite extensions; (5) stream filters; and the (6) str_replace, (7) mail, (8) ibase_delete_user, (9) ibase_add_user, and (10) ibase_modify_user functions. NOTE: vector 6 might actually be an integer overflow (CVE-2007-1885).
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 3.0 - 5.2
CPE2.3- cpe:2.3:a:php_group:php:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.16:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.17:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.18:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.3:*:*:*:*:*:*:*
https:ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc
https://lists.opensuse.org/opensuse-security-announce/2007-07/msg00006.html
https://lists.suse.com/archive/suse-security-announce/2007-Mar/0003.html
https://osvdb.org/34706
https://osvdb.org/34707
https://osvdb.org/34708
https://osvdb.org/34709
https://osvdb.org/34710
https://osvdb.org/34711
https://osvdb.org/34712
https://osvdb.org/34713
https://osvdb.org/34714
https://osvdb.org/34715
https://rhn.redhat.com/errata/RHSA-2007-0089.html
https://secunia.com/advisories/24089
https://secunia.com/advisories/24195
https://secunia.com/advisories/24217
https://secunia.com/advisories/24236
https://secunia.com/advisories/24248
https://secunia.com/advisories/24284
https://secunia.com/advisories/24295
https://secunia.com/advisories/24322
https://secunia.com/advisories/24419
https://secunia.com/advisories/24421
https://secunia.com/advisories/24432
https://secunia.com/advisories/24514
https://secunia.com/advisories/24606
https://secunia.com/advisories/24642
https://secunia.com/advisories/24945
https://secunia.com/advisories/26048
https://security.gentoo.org/glsa/glsa-200703-21.xml
https://support.avaya.com/elmodocs2/security/ASA-2007-101.htm
https://support.avaya.com/elmodocs2/security/ASA-2007-136.htm
https://www.mandriva.com/security/advisories?name=MDKSA-2007:048
https://www.openpkg.com/security/advisories/OpenPKG-SA-2007.010.html
https://www.osvdb.org/32776
https://www.php.net/ChangeLog-5.php#5.2.1
https://www.php.net/releases/5_2_1.php
https://www.redhat.com/support/errata/RHSA-2007-0076.html
https://www.redhat.com/support/errata/RHSA-2007-0081.html
https://www.redhat.com/support/errata/RHSA-2007-0082.html
https://www.redhat.com/support/errata/RHSA-2007-0088.html
https://www.securityfocus.com/archive/1/461462/100/0/threaded
https://www.securityfocus.com/archive/1/466166/100/0/threaded
https://www.securityfocus.com/bid/22496
https://www.securitytracker.com/id?1017671
https://www.trustix.org/errata/2007/0009/
https://www.ubuntu.com/usn/usn-424-1
https://www.ubuntu.com/usn/usn-424-2
https://www.us.debian.org/security/2007/dsa-1264
https://www.vupen.com/english/advisories/2007/0546
https://issues.rpath.com/browse/RPL-1088
https://issues.rpath.com/browse/RPL-1268
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8992
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
46) Input validation error
EUVDB-ID: #VU110460
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2007-0907
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform service disruption.
Buffer underflow in PHP before 5.2.1 allows attackers to cause a denial of service via unspecified vectors involving the sapi_header_op function.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 3.0 - 5.2
CPE2.3- cpe:2.3:a:php_group:php:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.16:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.17:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.18:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.4:*:*:*:*:*:*:*
https:ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc
https://lists.suse.com/archive/suse-security-announce/2007-Mar/0003.html
https://osvdb.org/32767
https://rhn.redhat.com/errata/RHSA-2007-0089.html
https://secunia.com/advisories/24089
https://secunia.com/advisories/24195
https://secunia.com/advisories/24217
https://secunia.com/advisories/24236
https://secunia.com/advisories/24248
https://secunia.com/advisories/24284
https://secunia.com/advisories/24295
https://secunia.com/advisories/24322
https://secunia.com/advisories/24419
https://secunia.com/advisories/24421
https://secunia.com/advisories/24432
https://secunia.com/advisories/24514
https://secunia.com/advisories/24606
https://secunia.com/advisories/24642
https://security.gentoo.org/glsa/glsa-200703-21.xml
https://support.avaya.com/elmodocs2/security/ASA-2007-101.htm
https://support.avaya.com/elmodocs2/security/ASA-2007-136.htm
https://www.mandriva.com/security/advisories?name=MDKSA-2007:048
https://www.openpkg.com/security/advisories/OpenPKG-SA-2007.010.html
https://www.php.net/ChangeLog-5.php#5.2.1
https://www.php.net/releases/5_2_1.php
https://www.redhat.com/support/errata/RHSA-2007-0076.html
https://www.redhat.com/support/errata/RHSA-2007-0081.html
https://www.redhat.com/support/errata/RHSA-2007-0082.html
https://www.redhat.com/support/errata/RHSA-2007-0088.html
https://www.securityfocus.com/archive/1/461462/100/0/threaded
https://www.securityfocus.com/bid/22496
https://www.securitytracker.com/id?1017671
https://www.trustix.org/errata/2007/0009/
https://www.ubuntu.com/usn/usn-424-1
https://www.ubuntu.com/usn/usn-424-2
https://www.us.debian.org/security/2007/dsa-1264
https://www.vupen.com/english/advisories/2007/0546
https://issues.rpath.com/browse/RPL-1088
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11321
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
47) Input validation error
EUVDB-ID: #VU110462
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2007-0909
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Multiple format string vulnerabilities in PHP before 5.2.1 might allow attackers to execute arbitrary code via format string specifiers to (1) all of the *print functions on 64-bit systems, and (2) the odbc_result_all function.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 3.0 - 5.2
CPE2.3- cpe:2.3:a:php_group:php:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.16:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.17:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.18:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.5:*:*:*:*:*:*:*
https:ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc
https://lists.suse.com/archive/suse-security-announce/2007-Mar/0003.html
https://osvdb.org/32764
https://osvdb.org/32765
https://rhn.redhat.com/errata/RHSA-2007-0089.html
https://secunia.com/advisories/24089
https://secunia.com/advisories/24195
https://secunia.com/advisories/24217
https://secunia.com/advisories/24236
https://secunia.com/advisories/24248
https://secunia.com/advisories/24284
https://secunia.com/advisories/24295
https://secunia.com/advisories/24322
https://secunia.com/advisories/24419
https://secunia.com/advisories/24421
https://secunia.com/advisories/24432
https://secunia.com/advisories/24514
https://secunia.com/advisories/24606
https://secunia.com/advisories/24642
https://security.gentoo.org/glsa/glsa-200703-21.xml
https://support.avaya.com/elmodocs2/security/ASA-2007-101.htm
https://support.avaya.com/elmodocs2/security/ASA-2007-136.htm
https://www.mandriva.com/security/advisories?name=MDKSA-2007:048
https://www.openpkg.com/security/advisories/OpenPKG-SA-2007.010.html
https://www.php.net/ChangeLog-5.php#5.2.1
https://www.php.net/releases/5_2_1.php
https://www.redhat.com/support/errata/RHSA-2007-0076.html
https://www.redhat.com/support/errata/RHSA-2007-0081.html
https://www.redhat.com/support/errata/RHSA-2007-0082.html
https://www.redhat.com/support/errata/RHSA-2007-0088.html
https://www.securityfocus.com/archive/1/461462/100/0/threaded
https://www.securityfocus.com/bid/22496
https://www.securitytracker.com/id?1017671
https://www.trustix.org/errata/2007/0009/
https://www.ubuntu.com/usn/usn-424-1
https://www.ubuntu.com/usn/usn-424-2
https://www.us.debian.org/security/2007/dsa-1264
https://www.vupen.com/english/advisories/2007/0546
https://issues.rpath.com/browse/RPL-1088
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9722
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
48) Input validation error
EUVDB-ID: #VU110463
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2007-0910
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
Unspecified vulnerability in PHP before 5.2.1 allows attackers to "clobber" certain super-global variables via unspecified vectors.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 3.0 - 5.1.6
CPE2.3- cpe:2.3:a:php_group:php:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.16:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.17:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.18:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.1.0:*:*:*:*:*:*:*
https:ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc
https://lists.suse.com/archive/suse-security-announce/2007-Mar/0003.html
https://osvdb.org/32763
https://rhn.redhat.com/errata/RHSA-2007-0089.html
https://secunia.com/advisories/24089
https://secunia.com/advisories/24195
https://secunia.com/advisories/24217
https://secunia.com/advisories/24236
https://secunia.com/advisories/24248
https://secunia.com/advisories/24284
https://secunia.com/advisories/24295
https://secunia.com/advisories/24322
https://secunia.com/advisories/24419
https://secunia.com/advisories/24421
https://secunia.com/advisories/24432
https://secunia.com/advisories/24514
https://secunia.com/advisories/24606
https://secunia.com/advisories/24642
https://secunia.com/advisories/24945
https://security.gentoo.org/glsa/glsa-200703-21.xml
https://support.avaya.com/elmodocs2/security/ASA-2007-101.htm
https://support.avaya.com/elmodocs2/security/ASA-2007-136.htm
https://www.mandriva.com/security/advisories?name=MDKSA-2007:048
https://www.openpkg.com/security/advisories/OpenPKG-SA-2007.010.html
https://www.php.net/ChangeLog-5.php#5.2.1
https://www.php.net/releases/5_2_1.php
https://www.redhat.com/support/errata/RHSA-2007-0076.html
https://www.redhat.com/support/errata/RHSA-2007-0081.html
https://www.redhat.com/support/errata/RHSA-2007-0082.html
https://www.redhat.com/support/errata/RHSA-2007-0088.html
https://www.securityfocus.com/archive/1/461462/100/0/threaded
https://www.securityfocus.com/archive/1/466166/100/0/threaded
https://www.securityfocus.com/bid/22496
https://www.securitytracker.com/id?1017671
https://www.trustix.org/errata/2007/0009/
https://www.ubuntu.com/usn/usn-424-1
https://www.ubuntu.com/usn/usn-424-2
https://www.us.debian.org/security/2007/dsa-1264
https://www.vupen.com/english/advisories/2007/0546
https://issues.rpath.com/browse/RPL-1088
https://issues.rpath.com/browse/RPL-1268
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9514
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
49) Code Injection
EUVDB-ID: #VU110468
Risk: High
CVSSv4.0: 8.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Amber]
CVE-ID: CVE-2006-4812
CWE-ID:
CWE-94 - Improper Control of Generation of Code ('Code Injection')
Exploit availability: Yes
DescriptionThe vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
Integer overflow in PHP 5 up to 5.1.6 and 4 before 4.3.0 allows remote attackers to execute arbitrary code via an argument to the unserialize PHP function with a large value for the number of array elements, which triggers the overflow in the Zend Engine ecalloc function (Zend/zend_alloc.c).
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 4.0.0 - 5.1.6
CPE2.3- cpe:2.3:a:php_group:php:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.1.1:*:*:*:*:*:*:*
https://cvs.php.net/viewvc.cgi/ZendEngine2/zend_alloc.c?r1=1.161&r2=1.162
https://lists.suse.com/archive/suse-security-announce/2006-Oct/0002.html
https://rhn.redhat.com/errata/RHSA-2006-0688.html
https://rhn.redhat.com/errata/RHSA-2006-0708.html
https://secunia.com/advisories/22280
https://secunia.com/advisories/22281
https://secunia.com/advisories/22300
https://secunia.com/advisories/22331
https://secunia.com/advisories/22338
https://secunia.com/advisories/22533
https://secunia.com/advisories/22538
https://secunia.com/advisories/22650
https://securityreason.com/securityalert/1691
https://securitytracker.com/id?1016984
https://support.avaya.com/elmodocs2/security/ASA-2006-223.htm
https://support.avaya.com/elmodocs2/security/ASA-2006-234.htm
https://www.gentoo.org/security/en/glsa/glsa-200610-14.xml
https://www.hardened-php.net/advisory_092006.133.html
https://www.hardened-php.net/files/CVE-2006-4812.patch
https://www.securityfocus.com/archive/1/448014/100/0/threaded
https://www.securityfocus.com/archive/1/448953/100/0/threaded
https://www.securityfocus.com/bid/20349
https://www.trustix.org/errata/2006/0055
https://www.ubuntu.com/usn/usn-362-1
https://www.vupen.com/english/advisories/2006/3922
https://exchange.xforce.ibmcloud.com/vulnerabilities/29362
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
50) Race condition
EUVDB-ID: #VU110469
Risk: Low
CVSSv4.0: 4.4 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2006-5178
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
Race condition in the symlink function in PHP 5.1.6 and earlier allows local users to bypass the open_basedir restriction by using a combination of symlink, mkdir, and unlink functions to change the file path after the open_basedir check and before the file is opened by the underlying system, as demonstrated by symlinking a symlink into a subdirectory, to point to a parent directory via .. (dot dot) sequences, and then unlinking the resulting symlink.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 4.0.0 - 5.1.5
CPE2.3- cpe:2.3:a:php_group:php:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.1.2:*:*:*:*:*:*:*
https://lists.grok.org.uk/pipermail/full-disclosure/2006-October/049850.html
https://secunia.com/advisories/22235
https://secunia.com/advisories/22424
https://securityreason.com/securityalert/1692
https://securitytracker.com/id?1016977
https://www.hardened-php.net/advisory_082006.132.html
https://www.mandriva.com/security/advisories?name=MDKSA-2006:185
https://www.neosecurityteam.net/index.php?action=advisories&id=26
https://www.securityfocus.com/archive/1/447649/100/0/threaded
https://www.securityfocus.com/archive/1/448020/100/0/threaded
https://www.securityfocus.com/archive/1/448953/100/0/threaded
https://www.securityfocus.com/bid/20326
https://www.turbolinux.com/security/2006/TLSA-2006-38.txt
https://www.vupen.com/english/advisories/2006/3901
https://exchange.xforce.ibmcloud.com/vulnerabilities/29340
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
51) Input validation error
EUVDB-ID: #VU110470
Risk: Low
CVSSv4.0: 1.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/U:Clear]
CVE-ID: CVE-2006-4625
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: Yes
DescriptionThe vulnerability allows a local user to read and manipulate data.
PHP 4.x up to 4.4.4 and PHP 5 up to 5.1.6 allows local users to bypass certain Apache HTTP Server httpd.conf options, such as safe_mode and open_basedir, via the ini_restore function, which resets the values to their php.ini (Master Value) defaults.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 4.0.0 - 5.1.6
CPE2.3- cpe:2.3:a:php_group:php:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.1.3:*:*:*:*:*:*:*
https://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506
https://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137
https://lists.suse.com/archive/suse-security-announce/2006-Oct/0002.html
https://secunia.com/advisories/22282
https://secunia.com/advisories/22331
https://secunia.com/advisories/22338
https://secunia.com/advisories/22424
https://secunia.com/advisories/25423
https://secunia.com/advisories/25850
https://securityreason.com/achievement_securityalert/42
https://securityreason.com/securityalert/1519
https://www.mandriva.com/security/advisories?name=MDKSA-2006:185
https://www.securityfocus.com/archive/1/445712/100/0/threaded
https://www.securityfocus.com/archive/1/445882/100/0/threaded
https://www.securityfocus.com/archive/1/448953/100/0/threaded
https://www.securityfocus.com/bid/19933
https://www.turbolinux.com/security/2006/TLSA-2006-38.txt
https://www.ubuntu.com/usn/usn-362-1
https://www.vupen.com/english/advisories/2007/1991
https://www.vupen.com/english/advisories/2007/2374
https://exchange.xforce.ibmcloud.com/vulnerabilities/28853
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
52) Input validation error
EUVDB-ID: #VU110477
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2006-4433
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
PHP before 4.4.3 and 5.x before 5.1.4 does not limit the character set of the session identifier (PHPSESSID) for third party session handlers, which might make it easier for remote attackers to exploit other vulnerabilities by inserting PHP code into the PHPSESSID, which is stored in the session file. NOTE: it could be argued that this not a vulnerability in PHP itself, rather a design limitation that enables certain attacks against session handlers that do not account for this limitation.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 4.0.0 - 5.1.2
CPE2.3- cpe:2.3:a:php_group:php:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.1.2:*:*:*:*:*:*:*
https://secunia.com/advisories/21573
https://securityreason.com/securityalert/1466
https://www.hardened-php.net/advisory_052006.128.html
https://www.osvdb.org/28233
https://www.osvdb.org/28273
https://www.securityfocus.com/archive/1/444263/100/0/threaded
https://www.vupen.com/english/advisories/2006/3388
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
53) Input validation error
EUVDB-ID: #VU110479
Risk: Low
CVSSv4.0: 1.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/U:Clear]
CVE-ID: CVE-2006-4020
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: Yes
DescriptionThe vulnerability allows a local user to read and manipulate data.
scanf.c in PHP 5.1.4 and earlier, and 4.4.3 and earlier, allows context-dependent attackers to execute arbitrary code via a sscanf PHP function call that performs argument swapping, which increments an index past the end of an array and triggers a buffer over-read.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 4.0.0 - 5.1.4
CPE2.3- cpe:2.3:a:php_group:php:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.1.4:*:*:*:*:*:*:*
https://www.securityfocus.com/archive/1/442438/30/0/threaded
https://www.plain-text.info/sscanf_bug.txt
https://bugs.php.net/bug.php?id=38322
https://www.securityfocus.com/bid/19415
https://secunia.com/advisories/21403
https://www.novell.com/linux/security/advisories/2006_19_sr.html
https://www.novell.com/linux/security/advisories/2006_20_sr.html
https://www.mandriva.com/security/advisories?name=MDKSA-2006:144
https://secunia.com/advisories/21608
https://www.php.net/ChangeLog-5.php#5.1.5
https://www.php.net/release_5_1_5.php
https://security.gentoo.org/glsa/glsa-200608-28.xml
https://secunia.com/advisories/21546
https://secunia.com/advisories/21683
https://www.novell.com/linux/security/advisories/2006_22_sr.html
https://www.ubuntu.com/usn/usn-342-1
https://secunia.com/advisories/21768
https://www.redhat.com/support/errata/RHSA-2006-0669.html
https://www.redhat.com/support/errata/RHSA-2006-0682.html
https://www.novell.com/linux/security/advisories/2006_52_php.html
https://secunia.com/advisories/22004
https://secunia.com/advisories/22069
https://securitytracker.com/id?1016984
https://support.avaya.com/elmodocs2/security/ASA-2006-221.htm
https://support.avaya.com/elmodocs2/security/ASA-2006-222.htm
https://secunia.com/advisories/22440
https://support.avaya.com/elmodocs2/security/ASA-2006-223.htm
https://rhn.redhat.com/errata/RHSA-2006-0688.html
ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc
https://secunia.com/advisories/22538
https://secunia.com/advisories/22487
https://secunia.com/advisories/21847
https://secunia.com/advisories/22039
https://rhn.redhat.com/errata/RHSA-2006-0736.html
https://secunia.com/advisories/23247
https://secunia.com/advisories/21467
https://securityreason.com/securityalert/1341
https://www.vupen.com/english/advisories/2006/3193
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11062
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
54) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU110480
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2006-3011
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local user to read and manipulate data.
The error_log function in basic_functions.c in PHP before 4.4.4 and 5.x before 5.1.5 allows local users to bypass safe mode and open_basedir restrictions via a "php://" or other scheme in the third argument, which disables safe mode.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 1.0 - 5.1.6
CPE2.3- cpe:2.3:a:php_group:php:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:2.0b10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.16:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.17:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.18:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.1.6:*:*:*:*:*:*:*
https://cvs.php.net/viewvc.cgi/php-src/ext/standard/basic_functions.c?diff_format=u&view=log&pathrev=PHP_4_4
https://cvs.php.net/viewvc.cgi/php-src/ext/standard/basic_functions.c?r1=1.543.2.51.2.9&r2=1.543.2.51.2.10&pathrev=PHP_4_4&diff_format=u
https://secunia.com/advisories/20818
https://secunia.com/advisories/21050
https://secunia.com/advisories/21125
https://secunia.com/advisories/21546
https://securityreason.com/achievement_securityalert/41
https://securityreason.com/securityalert/1129
https://securitytracker.com/id?1016377
https://www.mandriva.com/security/advisories?name=MDKSA-2006:122
https://www.osvdb.org/26827
https://www.php.net/release_5_1_5.php
https://www.securityfocus.com/bid/18645
https://www.ubuntu.com/usn/usn-320-1
https://www.vupen.com/english/advisories/2006/2523
https://exchange.xforce.ibmcloud.com/vulnerabilities/27414
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
55) Path traversal
EUVDB-ID: #VU110487
Risk: Low
CVSSv4.0: N/A
CVE-ID: CVE-2006-1494
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to perform directory traversal attacks.
The vulnerability exists due to input validation error when processing directory traversal sequences in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass open_basedir restrictions. A remote authenticated attacker can send a specially crafted HTTP request and remote attackers to create files in arbitrary directories via the tempnam function.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 4.0.0 - 5.1.2
CPE2.3- cpe:2.3:a:php_group:php:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.1.2:*:*:*:*:*:*:*
https:ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U
https://rhn.redhat.com/errata/RHSA-2006-0549.html
https://secunia.com/advisories/19599
https://secunia.com/advisories/19775
https://secunia.com/advisories/19979
https://secunia.com/advisories/21031
https://secunia.com/advisories/21125
https://secunia.com/advisories/21135
https://secunia.com/advisories/21202
https://secunia.com/advisories/21252
https://secunia.com/advisories/21723
https://secunia.com/advisories/22225
https://securityreason.com/achievement_securityalert/36
https://securityreason.com/securityalert/677
https://securitytracker.com/id?1015881
https://support.avaya.com/elmodocs2/security/ASA-2006-175.htm
https://www.mandriva.com/security/advisories?name=MDKSA-2006:074
https://www.novell.com/linux/security/advisories/05-05-2006.html
https://www.redhat.com/support/errata/RHSA-2006-0567.html
https://www.redhat.com/support/errata/RHSA-2006-0568.html
https://www.securityfocus.com/archive/1/447866/100/0/threaded
https://www.securityfocus.com/bid/17439
https://www.ubuntu.com/usn/usn-320-1
https://www.vupen.com/english/advisories/2006/1290
https://exchange.xforce.ibmcloud.com/vulnerabilities/25705
https://issues.rpath.com/browse/RPL-683
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10196
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
56) Input validation error
EUVDB-ID: #VU110488
Risk: Low
CVSSv4.0: 1.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/U:Clear]
CVE-ID: CVE-2006-1608
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: Yes
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The copy function in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass safe mode and read arbitrary files via a source argument containing a compress.zlib:// URI.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 4.0.0 - 5.1.2
CPE2.3- cpe:2.3:a:php_group:php:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.1.2:*:*:*:*:*:*:*
https://secunia.com/advisories/19599
https://secunia.com/advisories/19775
https://secunia.com/advisories/21125
https://securityreason.com/achievement_securityalert/37
https://securityreason.com/securityalert/678
https://securitytracker.com/id?1015882
https://us.php.net/releases/5_1_3.php
https://www.mandriva.com/security/advisories?name=MDKSA-2006:074
https://www.osvdb.org/24487
https://www.securityfocus.com/archive/1/430461/100/0/threaded
https://www.securityfocus.com/archive/1/440869/100/0/threaded
https://www.securityfocus.com/archive/1/441210/100/0/threaded
https://www.securityfocus.com/bid/17439
https://www.ubuntu.com/usn/usn-320-1
https://www.vupen.com/english/advisories/2006/1290
https://exchange.xforce.ibmcloud.com/vulnerabilities/25706
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
57) Input validation error
EUVDB-ID: #VU110490
Risk: Medium
CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2006-1490
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: Yes
DescriptionThe vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
PHP before 5.1.3-RC1 might allow remote attackers to obtain portions of memory via crafted binary data sent to a script that processes user input in the html_entity_decode function and sends the encoded results back to the client, aka a "binary safety" issue. NOTE: this issue has been referred to as a "memory leak," but it is an information leak that discloses memory contents.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 3.0 - 5.1.2
CPE2.3- cpe:2.3:a:php_group:php:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.16:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.17:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.18:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.1.2:*:*:*:*:*:*:*
https://bugs.gentoo.org/show_bug.cgi?id=127939
https://cvs.php.net/viewcvs.cgi/php-src/ext/standard/html.c?r1=1.112&r2=1.113
https://cvs.php.net/viewcvs.cgi/php-src/ext/standard/html.c?view=log
https://www.securityfocus.com/bid/17296
https://secunia.com/advisories/19383
https://secunia.com/advisories/19499
https://www.trustix.org/errata/2006/0020
https://secunia.com/advisories/19570
https://rhn.redhat.com/errata/RHSA-2006-0276.html
https://secunia.com/advisories/19832
https://www.novell.com/linux/security/advisories/05-05-2006.html
https://security.gentoo.org/glsa/glsa-200605-08.xml
https://support.avaya.com/elmodocs2/security/ASA-2006-129.htm
https://secunia.com/advisories/20951
https://www.ubuntu.com/usn/usn-320-1
https://docs.info.apple.com/article.html?artnum=304829
https://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html
https://www.us-cert.gov/cas/techalerts/TA06-333A.html
https://secunia.com/advisories/23155
ftp://patches.sgi.com/support/free/security/advisories/20060501-01-U.asc
https://secunia.com/advisories/19979
https://secunia.com/advisories/20052
https://secunia.com/advisories/20210
https://secunia.com/advisories/21125
https://www.mandriva.com/security/advisories?name=MDKSA-2006:063
https://www.vupen.com/english/advisories/2006/1149
https://www.vupen.com/english/advisories/2006/4750
https://www.vupen.com/english/advisories/2006/2685
https://exchange.xforce.ibmcloud.com/vulnerabilities/25508
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11084
https://www.securityfocus.com/archive/1/429164/100/0/threaded
https://www.securityfocus.com/archive/1/429162/100/0/threaded
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
58) Input validation error
EUVDB-ID: #VU110492
Risk: Medium
CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2006-1015
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: Yes
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Argument injection vulnerability in certain PHP 3.x, 4.x, and 5.x applications, when used with sendmail and when accepting remote input for the additional_parameters argument to the mail function, allows remote attackers to read and create arbitrary files via the sendmail -C and -X arguments. NOTE: it could be argued that this is a class of technology-specific vulnerability, instead of a particular instance; if so, then this should not be included in CVE.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 3.0 - 5.1.2
CPE2.3- cpe:2.3:a:php_group:php:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.16:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.17:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.18:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.1.2:*:*:*:*:*:*:*
https://secunia.com/advisories/19979
https://securityreason.com/securityalert/517
https://www.novell.com/linux/security/advisories/05-05-2006.html
https://www.securityfocus.com/archive/1/426497/100/0/threaded
https://www.securityfocus.com/bid/16878
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
59) Input validation error
EUVDB-ID: #VU110493
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2006-1017
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
The c-client library 2000, 2001, or 2004 for PHP before 4.4.4 and 5.x before 5.1.5 do not check the (1) safe_mode or (2) open_basedir functions, and when used in applications that accept user-controlled input for the mailbox argument to the imap_open function, allow remote attackers to obtain access to an IMAP stream data structure and conduct unauthorized IMAP actions.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 3.0 - 5.1.4
CPE2.3- cpe:2.3:a:php_group:php:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.16:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.17:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.18:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.1.4:*:*:*:*:*:*:*
https://bugs.php.net/bug.php?id=37265
https://secunia.com/advisories/18694
https://secunia.com/advisories/21050
https://secunia.com/advisories/21546
https://securityreason.com/securityalert/516
https://www.mandriva.com/security/advisories?name=MDKSA-2006:122
https://www.osvdb.org/23535
https://www.php.net/ChangeLog-5.php#5.1.5
https://www.php.net/release_5_1_5.php
https://www.securityfocus.com/archive/1/426339/100/0/threaded
https://www.vupen.com/english/advisories/2006/0772
https://exchange.xforce.ibmcloud.com/vulnerabilities/24964
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
60) Input validation error
EUVDB-ID: #VU110498
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2005-3883
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to corrupt data.
CRLF injection vulnerability in the mb_send_mail function in PHP before 5.1.0 might allow remote attackers to inject arbitrary e-mail headers via line feeds (LF) in the "To" address argument.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 4.0.6 - 5.0.5
CPE2.3- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.5:*:*:*:*:*:*:*
https:ftp://patches.sgi.com/support/free/security/advisories/20060501-01-U.asc
https://bugs.php.net/bug.php?id=35307
https://rhn.redhat.com/errata/RHSA-2006-0276.html
https://secunia.com/advisories/17763
https://secunia.com/advisories/18054
https://secunia.com/advisories/18198
https://secunia.com/advisories/19832
https://secunia.com/advisories/20210
https://secunia.com/advisories/20951
https://securitytracker.com/id?1015296
https://support.avaya.com/elmodocs2/security/ASA-2006-129.htm
https://www.mandriva.com/security/advisories?name=MDKSA-2005:238
https://www.php.net/release_5_1_0.php
https://www.securityfocus.com/archive/1/419504/100/0/threaded
https://www.securityfocus.com/bid/15571
https://www.turbolinux.com/security/2006/TLSA-2006-38.txt
https://www.vupen.com/english/advisories/2006/2685
https://exchange.xforce.ibmcloud.com/vulnerabilities/23270
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10332
https://www.ubuntu.com/usn/usn-232-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
61) Cross-site scripting
EUVDB-ID: #VU110500
Risk: Medium
CVSSv4.0: N/A
CVE-ID: CVE-2005-3388
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: Yes
DescriptionVulnerability allows a remote attacker to perform Cross-site scripting attacks.
An input validation error exists in the phpinfo function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5. A remote authenticated attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in victim's browser in security context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 4.0.0 - 5.0.5
CPE2.3- cpe:2.3:a:php_group:php:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.5:*:*:*:*:*:*:*
https://itrc.hp.com/service/cki/docDisplay.do?docId=c00786522
https://rhn.redhat.com/errata/RHSA-2006-0549.html
https://secunia.com/advisories/17371
https://secunia.com/advisories/17490
https://secunia.com/advisories/17510
https://secunia.com/advisories/17531
https://secunia.com/advisories/17557
https://secunia.com/advisories/17559
https://secunia.com/advisories/18198
https://secunia.com/advisories/18669
https://secunia.com/advisories/21252
https://secunia.com/advisories/22691
https://securityreason.com/securityalert/133
https://securitytracker.com/id?1015130
https://support.avaya.com/elmodocs2/security/ASA-2006-037.htm
https://www.fedoralegacy.org/updates/FC2/2005-11-28-FLSA_2005_166943__Updated_php_packages_fix_security_issues.html
https://www.gentoo.org/security/en/glsa/glsa-200511-08.xml
https://www.hardened-php.net/advisory_182005.77.html
https://www.mandriva.com/security/advisories?name=MDKSA-2005:213
https://www.novell.com/linux/security/advisories/2005_27_sr.html
https://www.openpkg.org/security/OpenPKG-SA-2005.027-php.html
https://www.php.net/release_4_4_1.php
https://www.redhat.com/support/errata/RHSA-2005-831.html
https://www.redhat.com/support/errata/RHSA-2005-838.html
https://www.securityfocus.com/archive/1/415292
https://www.securityfocus.com/bid/15248
https://www.turbolinux.com/security/2006/TLSA-2006-38.txt
https://www.vupen.com/english/advisories/2005/2254
https://www.vupen.com/english/advisories/2006/4320
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PIRZJHM6UDNWNHZ3PCMEZ2YUK3CWY2UE/
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10542
https://www.ubuntu.com/usn/usn-232-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
62) Input validation error
EUVDB-ID: #VU110501
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2005-3389
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to corrupt data.
The parse_str function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, when called with only one parameter, allows remote attackers to enable the register_globals directive via inputs that cause a request to be terminated due to the memory_limit setting, which causes PHP to set an internal flag that enables register_globals and allows attackers to exploit vulnerabilities in PHP applications that would otherwise be protected.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 4.0.0 - 5.0.5
CPE2.3- cpe:2.3:a:php_group:php:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.5:*:*:*:*:*:*:*
https://itrc.hp.com/service/cki/docDisplay.do?docId=c00786522
https://rhn.redhat.com/errata/RHSA-2006-0549.html
https://secunia.com/advisories/17371
https://secunia.com/advisories/17490
https://secunia.com/advisories/17510
https://secunia.com/advisories/17531
https://secunia.com/advisories/17557
https://secunia.com/advisories/17559
https://secunia.com/advisories/18054
https://secunia.com/advisories/18198
https://secunia.com/advisories/18669
https://secunia.com/advisories/21252
https://secunia.com/advisories/22691
https://securityreason.com/securityalert/134
https://securitytracker.com/id?1015131
https://support.avaya.com/elmodocs2/security/ASA-2006-037.htm
https://www.fedoralegacy.org/updates/FC2/2005-11-28-FLSA_2005_166943__Updated_php_packages_fix_security_issues.html
https://www.gentoo.org/security/en/glsa/glsa-200511-08.xml
https://www.hardened-php.net/advisory_192005.78.html
https://www.mandriva.com/security/advisories?name=MDKSA-2005:213
https://www.novell.com/linux/security/advisories/2005_27_sr.html
https://www.openpkg.org/security/OpenPKG-SA-2005.027-php.html
https://www.php.net/release_4_4_1.php
https://www.redhat.com/support/errata/RHSA-2005-831.html
https://www.redhat.com/support/errata/RHSA-2005-838.html
https://www.securityfocus.com/archive/1/415291
https://www.securityfocus.com/archive/1/419504/100/0/threaded
https://www.securityfocus.com/bid/15249
https://www.turbolinux.com/security/2006/TLSA-2006-38.txt
https://www.vupen.com/english/advisories/2005/2254
https://www.vupen.com/english/advisories/2006/4320
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11481
https://www.ubuntu.com/usn/usn-232-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
63) Input validation error
EUVDB-ID: #VU110502
Risk: Medium
CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2005-3390
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: Yes
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
The RFC1867 file upload feature in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, when register_globals is enabled, allows remote attackers to modify the GLOBALS array and bypass security protections of PHP applications via a multipart/form-data POST request with a "GLOBALS" fileupload field.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 3.0 - 5.0.5
CPE2.3- cpe:2.3:a:php_group:php:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.16:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.17:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.18:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.5:*:*:*:*:*:*:*
https://itrc.hp.com/service/cki/docDisplay.do?docId=c00786522
https://rhn.redhat.com/errata/RHSA-2006-0549.html
https://secunia.com/advisories/17371
https://secunia.com/advisories/17490
https://secunia.com/advisories/17510
https://secunia.com/advisories/17531
https://secunia.com/advisories/17557
https://secunia.com/advisories/17559
https://secunia.com/advisories/18054
https://secunia.com/advisories/18198
https://secunia.com/advisories/18669
https://secunia.com/advisories/21252
https://secunia.com/advisories/22691
https://securityreason.com/securityalert/132
https://securitytracker.com/id?1015129
https://support.avaya.com/elmodocs2/security/ASA-2006-037.htm
https://www.fedoralegacy.org/updates/FC2/2005-11-28-FLSA_2005_166943__Updated_php_packages_fix_security_issues.html
https://www.gentoo.org/security/en/glsa/glsa-200511-08.xml
https://www.hardened-php.net/advisory_202005.79.html
https://www.hardened-php.net/globals-problem
https://www.mandriva.com/security/advisories?name=MDKSA-2005:213
https://www.novell.com/linux/security/advisories/2005_27_sr.html
https://www.openpkg.org/security/OpenPKG-SA-2005.027-php.html
https://www.php.net/release_4_4_1.php
https://www.redhat.com/support/errata/RHSA-2005-831.html
https://www.redhat.com/support/errata/RHSA-2005-838.html
https://www.securityfocus.com/archive/1/415290/30/0/threaded
https://www.securityfocus.com/archive/1/419504/100/0/threaded
https://www.securityfocus.com/bid/15250
https://www.vupen.com/english/advisories/2005/2254
https://www.vupen.com/english/advisories/2006/4320
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10537
https://www.ubuntu.com/usn/usn-232-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
64) Input validation error
EUVDB-ID: #VU110503
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2005-3391
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Multiple vulnerabilities in PHP before 4.4.1 allow remote attackers to bypass safe_mode and open_basedir restrictions via unknown attack vectors in (1) ext/curl and (2) ext/gd.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 3.0 - 4.4
CPE2.3- cpe:2.3:a:php_group:php:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.16:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.17:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.18:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4:*:*:*:*:*:*:*
https://docs.info.apple.com/article.html?artnum=303382
https://itrc.hp.com/service/cki/docDisplay.do?docId=c00786522
https://lists.apple.com/archives/security-announce/2006/Mar/msg00000.html
https://secunia.com/advisories/17371
https://secunia.com/advisories/17510
https://secunia.com/advisories/18054
https://secunia.com/advisories/18198
https://secunia.com/advisories/18763
https://secunia.com/advisories/19064
https://secunia.com/advisories/22691
https://securityreason.com/securityalert/525
https://www.gentoo.org/security/en/glsa/glsa-200511-08.xml
https://www.openpkg.org/security/OpenPKG-SA-2005.027-php.html
https://www.osvdb.org/20898
https://www.php.net/release_4_4_1.php
https://www.securityfocus.com/archive/1/419504/100/0/threaded
https://www.securityfocus.com/bid/15411
https://www.securityfocus.com/bid/16907
https://www.us-cert.gov/cas/techalerts/TA06-062A.html
https://www.vupen.com/english/advisories/2005/2254
https://www.vupen.com/english/advisories/2006/0791
https://www.vupen.com/english/advisories/2006/4320
https://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:035
https://www.ubuntu.com/usn/usn-232-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
65) Input validation error
EUVDB-ID: #VU110504
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2005-3392
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Unspecified vulnerability in PHP before 4.4.1, when using the virtual function on Apache 2, allows remote attackers to bypass safe_mode and open_basedir directives.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 3.0 - 4.4
CPE2.3- cpe:2.3:a:php_group:php:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.16:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.17:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.18:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4:*:*:*:*:*:*:*
https://docs.info.apple.com/article.html?artnum=303382
https://itrc.hp.com/service/cki/docDisplay.do?docId=c00786522
https://lists.apple.com/archives/security-announce/2006/Mar/msg00000.html
https://secunia.com/advisories/17371
https://secunia.com/advisories/17510
https://secunia.com/advisories/18054
https://secunia.com/advisories/18198
https://secunia.com/advisories/19064
https://secunia.com/advisories/22691
https://securityreason.com/securityalert/525
https://www.gentoo.org/security/en/glsa/glsa-200511-08.xml
https://www.osvdb.org/20897
https://www.php.net/release_4_4_1.php
https://www.securityfocus.com/archive/1/419504/100/0/threaded
https://www.securityfocus.com/bid/15413
https://www.securityfocus.com/bid/16907
https://www.us-cert.gov/cas/techalerts/TA06-062A.html
https://www.vupen.com/english/advisories/2005/2254
https://www.vupen.com/english/advisories/2006/0791
https://www.vupen.com/english/advisories/2006/4320
https://exchange.xforce.ibmcloud.com/vulnerabilities/22924
https://www.ubuntu.com/usn/usn-232-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
66) Input validation error
EUVDB-ID: #VU110505
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2005-3319
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform service disruption.
The apache2handler SAPI (sapi_apache2.c) in the Apache module (mod_php) for PHP 5.x before 5.1.0 final and 4.4 before 4.4.1 final allows attackers to cause a denial of service (segmentation fault) via the session.save_path option in a .htaccess file or VirtualHost.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 4.0.0 - 5.0.5
CPE2.3- cpe:2.3:a:php_group:php:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.5:*:*:*:*:*:*:*
https://archives.neohapsis.com/archives/fulldisclosure/2005-10/0491.html
https://bugs.gentoo.org/show_bug.cgi?id=107602
https://docs.info.apple.com/article.html?artnum=303382
https://itrc.hp.com/service/cki/docDisplay.do?docId=c00786522
https://lists.apple.com/archives/security-announce/2006/Mar/msg00000.html
https://marc.info/?l=bugtraq&m=113019286208204&w=2
https://secunia.com/advisories/17510
https://secunia.com/advisories/17557
https://secunia.com/advisories/18198
https://secunia.com/advisories/19064
https://secunia.com/advisories/22691
https://securityreason.com/securityalert/525
https://www.gentoo.org/security/en/glsa/glsa-200511-08.xml
https://www.mandriva.com/security/advisories?name=MDKSA-2005:213
https://www.osvdb.org/20491
https://www.securityfocus.com/bid/15177
https://www.securityfocus.com/bid/16907
https://www.us-cert.gov/cas/techalerts/TA06-062A.html
https://www.vupen.com/english/advisories/2006/0791
https://www.vupen.com/english/advisories/2006/4320
https://exchange.xforce.ibmcloud.com/vulnerabilities/22844
https://www.ubuntu.com/usn/usn-232-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
67) Input validation error
EUVDB-ID: #VU110513
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2004-1019
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
The deserialization code in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to cause a denial of service and execute arbitrary code via untrusted data to the unserialize function that may trigger "information disclosure, double-free and negative reference index array underflow" results.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 3.0 - 5.0.2
CPE2.3- cpe:2.3:a:php_group:php:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.16:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.17:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.18:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.2:*:*:*:*:*:*:*
https://lists.opensuse.org/opensuse-security-announce/2015-02/msg00029.html
https://lists.opensuse.org/opensuse-updates/2015-02/msg00079.html
https://marc.info/?l=bugtraq&m=110314318531298&w=2
https://msgs.securepoint.com/cgi-bin/get/bugtraq0412/157.html
https://www.hardened-php.net/advisories/012004.txt
https://www.mandriva.com/security/advisories?name=MDKSA-2004:151
https://www.novell.com/linux/security/advisories/2005_02_php4_mod_php4.html
https://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html
https://www.php.net/release_4_3_10.php
https://www.redhat.com/support/errata/RHSA-2004-687.html
https://www.redhat.com/support/errata/RHSA-2005-032.html
https://www.redhat.com/support/errata/RHSA-2005-816.html
https://www.securityfocus.com/advisories/9028
https://bugzilla.fedora.us/show_bug.cgi?id=2344
https://exchange.xforce.ibmcloud.com/vulnerabilities/18514
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10511
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
68) Input validation error
EUVDB-ID: #VU110517
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2004-1065
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
Buffer overflow in the exif_read_data function in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to execute arbitrary code via a long section name in an image file.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 3.0 - 5.0.2
CPE2.3- cpe:2.3:a:php_group:php:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.16:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.17:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.18:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:5.0.2:*:*:*:*:*:*:*
https://msgs.securepoint.com/cgi-bin/get/bugtraq0412/157.html
https://www.mandriva.com/security/advisories?name=MDKSA-2004:151
https://www.novell.com/linux/security/advisories/2005_02_php4_mod_php4.html
https://www.php.net/release_4_3_10.php
https://www.redhat.com/support/errata/RHSA-2004-687.html
https://www.redhat.com/support/errata/RHSA-2005-032.html
https://www.securityfocus.com/advisories/9028
https://bugzilla.fedora.us/show_bug.cgi?id=2344
https://exchange.xforce.ibmcloud.com/vulnerabilities/18517
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10877
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
69) Cross-site scripting
EUVDB-ID: #VU110523
Risk: Medium
CVSSv4.0: N/A
CVE-ID: CVE-2004-0595
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: Yes
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data. The vulnerability allows dangerous tags to be processed by web browsers such as Internet Explorer and Safari, which ignore null characters and facilitate the exploitation of cross-site scripting (XSS) vulnerabilities.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 4.0.0 - 5
CPE2.3- cpe:2.3:a:php_group:php:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.7:*:*:*:*:*:*:*
https://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000847
https://lists.grok.org.uk/pipermail/full-disclosure/2004-July/023909.html
https://marc.info/?l=bugtraq&m=108981780109154&w=2
https://marc.info/?l=bugtraq&m=108982983426031&w=2
https://marc.info/?l=bugtraq&m=109051444105182&w=2
https://marc.info/?l=bugtraq&m=109181600614477&w=2
https://www.debian.org/security/2004/dsa-531
https://www.debian.org/security/2005/dsa-669
https://www.gentoo.org/security/en/glsa/glsa-200407-13.xml
https://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:068
https://www.novell.com/linux/security/advisories/2004_21_php4.html
https://www.redhat.com/support/errata/RHSA-2004-392.html
https://www.redhat.com/support/errata/RHSA-2004-395.html
https://www.redhat.com/support/errata/RHSA-2004-405.html
https://www.redhat.com/support/errata/RHSA-2005-816.html
https://www.securityfocus.com/bid/10724
https://exchange.xforce.ibmcloud.com/vulnerabilities/16692
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10619
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
70) Input validation error
EUVDB-ID: #VU110526
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2003-0860
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
Buffer overflows in PHP before 4.3.3 have unknown impact and unknown attack vectors.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 4.0.0 - 4.3.2
CPE2.3- cpe:2.3:a:php_group:php:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.2:*:*:*:*:*:*:*
https://www.php.net/ChangeLog-4.php#4.3.3
https://www.php.net/release_4_3_3.php
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
71) Input validation error
EUVDB-ID: #VU110527
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2003-0861
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
Integer overflows in (1) base64_encode and (2) the GD library for PHP before 4.3.3 have unknown impact and unknown attack vectors.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 4.0.0 - 4.3.2
CPE2.3- cpe:2.3:a:php_group:php:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.2:*:*:*:*:*:*:*
https://www.php.net/ChangeLog-4.php#4.3.3
https://www.php.net/release_4_3_3.php
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
72) Input validation error
EUVDB-ID: #VU110530
Risk: Medium
CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2003-0166
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: Yes
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Integer signedness error in emalloc() function for PHP before 4.3.2 allow remote attackers to cause a denial of service (memory consumption) and possibly execute arbitrary code via negative arguments to functions such as (1) socket_recv, (2) socket_recvfrom, and possibly other functions.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 4.0.0 - 4.3.1
CPE2.3- cpe:2.3:a:php_group:php:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.3.1:*:*:*:*:*:*:*
https://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000691
https://marc.info/?l=bugtraq&m=104869828526885&w=2
https://marc.info/?l=bugtraq&m=104878100719467&w=2
https://marc.info/?l=bugtraq&m=104931415307111&w=2
https://www.securityfocus.com/bid/7197
https://www.securityfocus.com/bid/7198
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
73) Input validation error
EUVDB-ID: #VU110533
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2002-1396
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Heap-based buffer overflow in the wordwrap function in PHP after 4.1.2 and before 4.3.0 may allow attackers to cause a denial of service or execute arbitrary code.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 4.1.2 - 4.2.3
CPE2.3- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.3:*:*:*:*:*:*:*
https://archives.neohapsis.com/archives/linux/engarde/2003-q1/0003.html
https://bugs.php.net/bug.php?id=20927
https://marc.info/?l=bugtraq&m=104102689503192&w=2
https://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:019
https://www.novell.com/linux/security/advisories/2003_009_mod_php4.html
https://www.redhat.com/support/errata/RHSA-2003-017.html
https://www.securityfocus.com/advisories/4862
https://www.securityfocus.com/bid/6488
https://exchange.xforce.ibmcloud.com/vulnerabilities/10944
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
74) Input validation error
EUVDB-ID: #VU110534
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2002-1783
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to corrupt data.
CRLF injection vulnerability in PHP 4.2.1 through 4.2.3, when allow_url_fopen is enabled, allows remote attackers to modify HTTP headers for outgoing requests by causing CRLF sequences to be injected into arguments that are passed to the (1) fopen or (2) file functions.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 3.0.14 - 4.2.3
CPE2.3- cpe:2.3:a:php_group:php:3.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.16:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.17:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.18:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.3:*:*:*:*:*:*:*
https://archives.neohapsis.com/archives/bugtraq/2002-09/0086.html
https://archives.neohapsis.com/archives/bugtraq/2002-09/0132.html
https://www.debian.org/security/2002/dsa-168
https://www.securityfocus.com/bid/5681
https://exchange.xforce.ibmcloud.com/vulnerabilities/10080
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
75) Input validation error
EUVDB-ID: #VU110537
Risk: Medium
CVSSv4.0: N/A
CVE-ID: CVE-2002-2215
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows remote attackers to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can cause a denial of service via an e-mail message with a large number of "To" addresses, which triggers an error in the rfc822_write_address function.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 3.0 - 4.2.2
CPE2.3- cpe:2.3:a:php_group:php:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.16:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.17:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.18:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.2:*:*:*:*:*:*:*
https://bugs.php.net/bug.php?id=19280
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=175040
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
76) Resource management error
EUVDB-ID: #VU110538
Risk: Medium
CVSSv4.0: 7.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2002-2309
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: Yes
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
php.exe in PHP 3.0 through 4.2.2, when running on Apache, does not terminate properly, which allows remote attackers to cause a denial of service via a direct request without arguments.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 3.0.1 - 4.2.2
CPE2.3- cpe:2.3:a:php_group:php:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.16:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.17:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.18:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.2:*:*:*:*:*:*:*
https://lists.grok.org.uk/pipermail/full-disclosure/2002-July/000605.html
https://online.securityfocus.com/archive/1/283586
https://www.iss.net/security_center/static/9646.php
https://www.securityfocus.com/bid/5280
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
77) Input validation error
EUVDB-ID: #VU110540
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2002-0986
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to corrupt data.
The mail function in PHP 4.x to 4.2.2 does not filter ASCII control characters from its arguments, which could allow remote attackers to modify mail message content, including mail headers, and possibly use PHP as a "spam proxy."
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 3.0.18 - 4.2.2
CPE2.3- cpe:2.3:a:php_group:php:3.0.18:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.2.2:*:*:*:*:*:*:*
https:ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-008.0.txt
https://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000545
https://marc.info/?l=bugtraq&m=103011916928204&w=2
https://marc.info/?l=bugtraq&m=105760591228031&w=2
https://www.debian.org/security/2002/dsa-168
https://www.kb.cert.org/vuls/id/410609
https://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:082
https://www.novell.com/linux/security/advisories/2002_036_modphp4.html
https://www.osvdb.org/2160
https://www.redhat.com/support/errata/RHSA-2002-213.html
https://www.redhat.com/support/errata/RHSA-2002-214.html
https://www.redhat.com/support/errata/RHSA-2002-243.html
https://www.redhat.com/support/errata/RHSA-2002-244.html
https://www.redhat.com/support/errata/RHSA-2002-248.html
https://www.redhat.com/support/errata/RHSA-2003-159.html
https://www.securityfocus.com/bid/5562
https://exchange.xforce.ibmcloud.com/vulnerabilities/9959
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
78) Input validation error
EUVDB-ID: #VU110541
Risk: Medium
CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2002-0484
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: Yes
DescriptionThe vulnerability allows a remote non-authenticated attacker to corrupt data.
move_uploaded_file in PHP does not does not check for the base directory (open_basedir), which could allow remote attackers to upload files to unintended locations on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsPHP: 3.0 - 4.1.2
CPE2.3- cpe:2.3:a:php_group:php:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.16:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.17:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:3.0.18:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_group:php:4.1.2:*:*:*:*:*:*:*
https://bugs.php.net/bug.php?id=16128
https://marc.info/?l=bugtraq&m=101683938806677&w=2
https://online.securityfocus.com/archive/1/262999
https://online.securityfocus.com/archive/1/263259
https://www.iss.net/security_center/static/8591.php
https://www.securityfocus.com/bid/4325
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
