SUSE CVE-2007-1884

Multiple integer signedness errors in the printf function family in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 on 64 bit machines allow context-dependent attackers to execute arbitrary code via 1 certain negative argument numbers that arise in the phpformattedprint function because of 64 to 32 bit...

SUSE CVE-2007-3790

The comprinttypeinfo function in the bz2 extension in PHP 5.2.3 allows context-dependent attackers to cause a denial of service via a long argument...

SUSE CVE-2007-4652

The session extension in PHP before 5.2.4 might allow local users to bypass openbasedir restrictions via a session file that is a symlink...

SUSE CVE-2007-4889

The MySQL extension in PHP 5.2.4 and earlier allows remote attackers to bypass safemode and openbasedir restrictions via the MySQL 1 LOADFILE, 2 INTO DUMPFILE, and 3 INTO OUTFILE functions, a different issue than CVE-2007-3997...

SUSE CVE-2007-5898

The 1 htmlentities and 2 htmlspecialchars functions in PHP before 5.2.5 accept partial multibyte sequences, which has unknown impact and attack vectors, a different issue than CVE-2006-5465...

SUSE CVE-2008-1384

Integer overflow in PHP 5.2.5 and earlier allows context-dependent attackers to cause a denial of service and possibly have unspecified other impact via a printf format parameter with a large width specifier, related to the phpsprintfappendstring function in formattedprint.c and probably other...

SUSE CVE-2008-2829

phpimap.c in PHP 5.2.5, 5.2.6, 4.x, and other versions, uses obsolete API calls that allow context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via a long IMAP request, which triggers an "rfc822.c legacy routine buffer overflow" error message, related...

SUSE CVE-2008-3660

PHP 4.4.x before 4.4.9, and 5.x through 5.2.6, when used as a FastCGI module, allows remote attackers to cause a denial of service crash via a request with multiple dots preceding the extension, as demonstrated using foo..php...

SUSE CVE-2009-3293

Unspecified vulnerability in the imagecolortransparent function in PHP before 5.2.11 has unknown impact and attack vectors related to an incorrect "sanity check for the color index."...

SUSE CVE-2009-3557

The tempnam function in ext/standard/file.c in PHP before 5.2.12 and 5.3.x before 5.3.1 allows context-dependent attackers to bypass safemode restrictions, and create files in group-writable or world-writable directories, via the dir and prefix arguments...

SUSE CVE-2009-4017

PHP before 5.2.12 and 5.3.x before 5.3.1 does not restrict the number of temporary files created when handling a multipart/form-data POST request, which allows remote attackers to cause a denial of service resource exhaustion, and makes it easier for remote attackers to exploit local file inclusi...

SUSE CVE-2010-0397

The xmlrpc extension in PHP 5.3.1 does not properly handle a missing methodName element in the first argument to the xmlrpcdecoderequest function, which allows context-dependent attackers to cause a denial of service NULL pointer dereference and application crash and possibly have unspecified oth...

SUSE CVE-2010-1128

The Linear Congruential Generator LCG in PHP before 5.2.13 does not provide the expected entropy, which makes it easier for context-dependent attackers to guess values that were intended to be unpredictable, as demonstrated by session cookies generated by using the uniqid function...

SUSE CVE-2010-1129

The safemode implementation in PHP before 5.2.13 does not properly handle directory pathnames that lack a trailing / slash character, which allows context-dependent attackers to bypass intended access restrictions via vectors related to use of the tempnam function...

SUSE CVE-2010-1868

The 1 sqlitesinglequery and 2 sqlitearrayquery functions in ext/sqlite/sqlite.c in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allow context-dependent attackers to execute arbitrary code by calling these functions with an empty SQL query, which triggers access of uninitialized memory...

SUSE CVE-2010-2101

The 1 striptags, 2 setcookie, 3 strtok, 4 wordwrap, 5 strwordcount, and 6 strpad functions in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allow context-dependent attackers to obtain sensitive information memory contents by causing a userspace interruption of an internal function, related to the...

SUSE CVE-2010-3063

The phpmysqlndreaderrorfromline function in the Mysqlnd extension in PHP 5.3 through 5.3.2 does not properly calculate a buffer length, which allows context-dependent attackers to trigger a heap-based buffer overflow via crafted inputs that cause a negative length value to be used...

SUSE CVE-2010-3062

mysqlndwireprotocol.c in the Mysqlnd extension in PHP 5.3 through 5.3.2 allows remote attackers to 1 read sensitive memory via a modified length value, which is not properly handled by the phpmysqlndokread function; or 2 trigger a heap-based buffer overflow via a modified length value, which is n...

SUSE CVE-2010-4409

Integer overflow in the NumberFormatter::getSymbol aka numfmtgetsymbol function in PHP 5.3.3 and earlier allows context-dependent attackers to cause a denial of service application crash via an invalid argument...

SUSE CVE-2010-4698

Stack-based buffer overflow in the GD extension in PHP before 5.2.15 and 5.3.x before 5.3.4 allows context-dependent attackers to cause a denial of service application crash via a large number of anti-aliasing steps in an argument to the imagepstext function...