SUSE CVE-2010-2191

The 1 parsestr, 2 pregmatch, 3 unpack, and 4 pack functions; the 5 ZENDFETCHRW, 6 ZENDCONCAT, and 7 ZENDASSIGNCONCAT opcodes; and the 8 ArrayObject::uasort method in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allow context-dependent attackers to obtain sensitive information memory contents or...

php: session serializer session data injection vulnerability (MOPS-2010-060)

The default session serializer in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 does not properly handle the PSUNDEFMARKER marker, which allows context-dependent attackers to modify arbitrary session variables via a crafted session variable name...

PT-2010-4084 · Php +1 · Php +1

Name of the Vulnerable Software and Affected Versions: PHP versions 5.2.0 through 5.2.13 PHP versions 5.3.0 through 5.3.2 Description: The issue allows remote attackers to obtain sensitive information by causing the application to exceed limits for memory, execution time, or recursion, due to the...

No title provided

The JSONparser function ext/json/JSONparser.c in PHP 5.2.x before 5.2.9 allows remote attackers to cause a denial of service segmentation fault via a malformed string to the jsondecode API function...

security flaw

Unspecified vulnerability in PHP before 5.2.1 allows attackers to "clobber" certain super-global variables via unspecified vectors...