Lucene search
K

73 matches found

UbuntuCve
UbuntuCve
added 2010/10/25 12:0 a.m.32 views

CVE-2010-3710

Stack consumption vulnerability in the filtervar function in PHP 5.2.x through 5.2.14 and 5.3.x through 5.3.3, when FILTERVALIDATEEMAIL mode is used, allows remote attackers to cause a denial of service memory consumption and application crash via a long e-mail address string...

4.3CVSS7AI score0.03091EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2010/08/20 12:0 a.m.30 views

CVE-2010-2484

The strrchr function in PHP 5.2 before 5.2.14 allows context-dependent attackers to obtain sensitive information memory contents or trigger memory corruption by causing a userspace interruption of an internal function or handler...

5CVSS5.9AI score0.01827EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2010/08/04 12:0 a.m.189 views

PHP 5.2 < 5.2.14 Multiple Vulnerabilities

According to its banner, the version of PHP 5.2 installed on the remote host is older than 5.2.14. Such versions may be affected by several security issues : - An error exists when processing invalid XML-RPC requests that can lead to a NULL pointer dereference. bug 51288 CVE-2010-0397 - An error...

9.3CVSS8.9AI score0.11528EPSS
Exploits19References16
UbuntuCve
UbuntuCve
added 2010/06/24 12:0 a.m.35 views

CVE-2010-2225

Use-after-free vulnerability in the SplObjectStorage unserializer in PHP 5.2.x and 5.3.x through 5.3.2 allows remote attackers to execute arbitrary code or obtain sensitive information via serialized data, related to the PHP unserialize function...

7.5CVSS7.3AI score0.05342EPSS
Exploits1References5
UbuntuCve
UbuntuCve
added 2010/06/08 12:30 a.m.23 views

CVE-2010-2190

The 1 trim, 2 ltrim, 3 rtrim, and 4 substrreplace functions in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allow context-dependent attackers to obtain sensitive information memory contents by causing a userspace interruption of an internal function, related to the call time pass by reference...

5CVSS5.9AI score0.01896EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2010/06/08 12:30 a.m.21 views

CVE-2010-2191

The 1 parsestr, 2 pregmatch, 3 unpack, and 4 pack functions; the 5 ZENDFETCHRW, 6 ZENDCONCAT, and 7 ZENDASSIGNCONCAT opcodes; and the 8 ArrayObject::uasort method in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allow context-dependent attackers to obtain sensitive information memory contents or...

6.4CVSS5.9AI score0.02411EPSS
Exploits3References8
Cvelist
Cvelist
added 2010/06/07 8:0 p.m.28 views

CVE-2010-2191

The 1 parsestr, 2 pregmatch, 3 unpack, and 4 pack functions; the 5 ZENDFETCHRW, 6 ZENDCONCAT, and 7 ZENDASSIGNCONCAT opcodes; and the 8 ArrayObject::uasort method in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allow context-dependent attackers to obtain sensitive information memory contents or...

9.4AI score0.02411EPSS
Exploits3References11
UbuntuCve
UbuntuCve
added 2010/05/27 10:30 p.m.24 views

CVE-2010-2101

The 1 striptags, 2 setcookie, 3 strtok, 4 wordwrap, 5 strwordcount, and 6 strpad functions in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allow context-dependent attackers to obtain sensitive information memory contents by causing a userspace interruption of an internal function, related to the...

5CVSS5.9AI score0.02403EPSS
Exploits2References7
CVE
CVE
added 2010/05/27 10:0 p.m.74 views

CVE-2010-2093

CVE-2010-2093 is a PHP use-after-free in the request shutdown path (stream context structure freed before destruction) that can cause a denial of service (crash) in PHP 5.2.x &lt; 5.2.13 and 5.3.x =5.3.8. No exploit details are provided in the documents, and in-wild exploitation status is not spe...

5CVSS8.9AI score0.01855EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2010/05/12 11:46 a.m.25 views

CVE-2010-1914

The Zend Engine in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to obtain sensitive information by interrupting the handler for the 1 ZENDBWXOR opcode shiftleftfunction, 2 ZENDSL opcode bitwisexorfunction, or 3 ZENDSR opcode shiftrightfunction, related to the...

5CVSS9.3AI score0.01427EPSS
Exploits1References6
UbuntuCve
UbuntuCve
added 2010/05/12 12:0 a.m.30 views

CVE-2010-1914

The Zend Engine in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to obtain sensitive information by interrupting the handler for the 1 ZENDBWXOR opcode shiftleftfunction, 2 ZENDSL opcode bitwisexorfunction, or 3 ZENDSR opcode shiftrightfunction, related to the...

5CVSS5.9AI score0.01427EPSS
Exploits1References6
Cvelist
Cvelist
added 2010/05/12 12:0 a.m.28 views

CVE-2010-1914

The Zend Engine in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to obtain sensitive information by interrupting the handler for the 1 ZENDBWXOR opcode shiftleftfunction, 2 ZENDSL opcode bitwisexorfunction, or 3 ZENDSR opcode shiftrightfunction, related to the...

9.3AI score0.01427EPSS
Exploits1References6
UbuntuCve
UbuntuCve
added 2010/05/12 12:0 a.m.33 views

CVE-2010-1917

Stack consumption vulnerability in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to cause a denial of service PHP crash via a crafted first argument to the fnmatch function, as demonstrated using a long string...

5CVSS5.8AI score0.03012EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2010/05/12 12:0 a.m.235 views

CVE-2010-1914

The Zend Engine in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to obtain sensitive information by interrupting the handler for the 1 ZENDBWXOR opcode shiftleftfunction, 2 ZENDSL opcode bitwisexorfunction, or 3 ZENDSR opcode shiftrightfunction, related to the...

5CVSS4.1AI score0.01427EPSS
In wildExploits1References7
securityvulns
securityvulns
added 2010/05/11 12:0 a.m.36 views

MOPS-2010-010: PHP html_entity_decode&#40;&#41; Interruption Information Leak Vulnerability

MOPS-2010-010: PHP htmlentitydecode Interruption Information Leak Vulnerability May 6th, 2010 PHP’s htmlentitydecode function can be abused for information leak attacks, because of the call time pass by reference feature. Affected versions Affected is PHP 5.2 = 5.2.13 Affected is PHP 5.3 = 5.3.2...

Exploits0
securityvulns
securityvulns
added 2010/05/11 12:0 a.m.43 views

MOPS-2010-009: PHP shm_put_var&#40;&#41; Already Freed Resource Access Vulnerability

MOPS-2010-009: PHP shmputvar Already Freed Resource Access Vulnerability May 5th, 2010 When PHP’s shmputvar function is interrupted by an object’s sleep function it can destroy the shm resource used by this function which allows to write an arbitrary memory address. Affected versions Affected is...

0.8AI score
Exploits0
securityvulns
securityvulns
added 2010/05/11 12:0 a.m.33 views

MOPS-2010-013: PHP sqlite_array_query&#40;&#41; Uninitialized Memory Usage Vulnerability

MOPS-2010-013: PHP sqlitearrayquery Uninitialized Memory Usage Vulnerability May 7th, 2010 PHP’s sqlitearrayquery function will use uninitialized memory if it is used with an empty SQL query. This can lead to arbitrary code execution. Affected versions Affected is PHP 5.2 = 5.2.13 Affected is PHP...

2AI score
Exploits0
UbuntuCve
UbuntuCve
added 2010/05/07 11:0 p.m.30 views

CVE-2010-1862

The chunksplit function in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to obtain sensitive information memory contents by causing a userspace interruption of an internal function, related to the call time pass by reference feature...

5CVSS5.9AI score0.01189EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2010/05/07 11:0 p.m.25 views

CVE-2010-1861

The sysvshm extension for PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to write to arbitrary memory addresses by using an object's sleep function to interrupt an internal call to the shmputvar function, which triggers access of a freed resource...

6.4CVSS6AI score0.01004EPSS
Exploits1References3
CVE
CVE
added 2010/05/07 10:0 p.m.83 views

CVE-2010-1862

CVE-2010-1862 affects PHP 5.2.x up to 5.2.13 and 5.3.x up to 5.3.2. The vulnerability is in the chunk_split function, allowing a context-dependent attacker to obtain memory contents by triggering an interruption of an internal function related to call-time pass by reference. Impact per sources: p...

5CVSS9AI score0.01189EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder