PHP < 4.4.5 Integer Overflow Vulnerability

PHP is prone to an integer overflow vulnerability because it fails to ensure that integer values aren SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

PHP 4.x < 4.4.5, 5.x < 5.2.1 Multiple Integer Overflow Vulnerabilities

PHP is prone to multiple integer overflow vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; ifdescriptio...

Integer overflow

Integer overflow in the strreplace function in PHP 4.4.5 and PHP 5.2.1 allows context-dependent attackers to have an unknown impact via a single character search string in conjunction with a single character replacement string, which causes an "off by one overflow."...

Buffer overflow

Buffer overflow in the sqlitedecodebinary function in the bundled sqlite library in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 allows context-dependent attackers to execute arbitrary code via an empty value of the in parameter, as demonstrated by calling the sqliteudfdecodebinary function with a...

CVE-2007-1711

CVE-2007-1711: PHP double-free vulnerability in session_decode() allows remote attackers to possibly execute arbitrary code as the apache user by passing crafted data. The initial entry specifies this flaw affects PHP 4.4.5 and 4.4.6 (introduced when patching CVE-2007-1701). Connected documents (...

PHP 4.4.4 - Zip_Entry_Read() Integer Overflow

PHP 4.4.4 - ZipEntryRead Integer Overflow source: https://www.securityfocus.com/bid/23169/info PHP is prone to an integer-overflow vulnerability because it fails to ensure that integer values aren't overrun. Attackers may exploit this issue to cause a heap-based buffer overflow. Exploiting this...

PHP < 4.4.5 / 5.2.1 (shmop Functions) Local Code Execution Exploit

Exploit for linux platform in category local exploits ================================================================== PHP 4.4.5 / 5.2.1 shmop Functions Local Code Execution Exploit ================================================================== ?php...

MOPB-10-2007:PHP php_binary Session Deserialization Information Leak Vulnerability

Summary The PHP session extension comes with a serialization handler called 'phpbinary' that is vulnerable to a heap information leak vulnerability. This security hole is the result of a missing boundary check and allows leaking up to 126 bytes following the serialized data into array keys of the...