CentOS 3 / 4 : php (CESA-2005:831)

Updated PHP packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web...

Ubuntu 4.10 / 5.04 / 5.10 : php4, php5 vulnerabilities (USN-232-1)

Eric Romang discovered a local Denial of Service vulnerability in the handling of the 'session.savepath' parameter in PHP's Apache 2.0 module. By setting this parameter to an invalid value in an .htaccess file, a local user could crash the Apache server. CVE-2005-3319 A Denial of Service flaw was...

Mandrake Linux Security Advisory : php (MDKSA-2005:213)

"A number of vulnerabilities were discovered in PHP : An issue with fopenwrappers.c would not properly restrict access to other directories when the openbasedir directive included a trailing slash CVE-2005-3054 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package...

USN-232-1: PHP vulnerabilities

Eric Romang discovered a local Denial of Service vulnerability in the handling of the 'session.savepath' parameter in PHP's Apache 2.0 module. By setting this parameter to an invalid value in an .htaccess file, a local user could crash the Apache server. CVE-2005-3319 A Denial of Service flaw was...

RHEL 3 / 4 : php (RHSA-2005:831)

Updated PHP packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web...

Fedora Core 4 : php-5.0.4-10.5 (2005-1062)

This update includes several security fixes : - fixes for prevent malicious requests from overwriting the GLOBALS array CVE-2005-3390 - a fix to stop the parsestr function from enabling the registerglobals setting CVE-2005-3389 - fixes for Cross-Site Scripting flaws in the phpinfo output...

php security update

CentOS Errata and Security Advisory CESA-2005:1110-001 Updated PHP packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an HTML-embedded...

CVE-2005-3389

The parsestr function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, when called with only one parameter, allows remote attackers to enable the registerglobals directive via inputs that cause a request to be terminated due to the memorylimit setting, which causes PHP to set an internal flag that...

CVE-2005-3389

Technical details about CVE-2005-3389 (affected PHP versions, exploit scenarios, and patches) are not publicly provided in the connected documents. Monitor for updates from vendors/OSVs for concrete remediation status.

[Full-disclosure] Advisory 19/2005: PHP register_globals Activation Vulnerability in parse_str()

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hardened-PHP Project www.hardened-php.net -= Security Advisory =- Advisory: PHP registerglobals Activation Vulnerability in parsestr Release Date: 2005/10/31 Last Modified: 2005/10/31 Author: Stefan Esser [email protected] Application: PHP4 =...

CVE-2026-46626: SymfonyRuntime CVE-2024-50340 Patch Bypass: Web Requests Can Still Set APP_ENV/APP_DEBUG via parse_str/SAPI Argv Mismatch

More info at https://symfony.com/cve-2026-46626...