4 matches found
CVE-2011-3182
PHP before 5.3.7 does not properly check the return values of the malloc, calloc, and realloc library functions, which allows context-dependent attackers to cause a denial of service NULL pointer dereference and application crash or trigger a buffer overflow by leveraging the ability to provide a...
CVE-2011-3182
PHP before 5.3.7 does not properly check the return values of the malloc, calloc, and realloc library functions, which allows context-dependent attackers to cause a denial of service NULL pointer dereference and application crash or trigger a buffer overflow by leveraging the ability to provide a...
Cross site scripting
The popen API function in TSRM/tsrmwin32.c in PHP before 5.2.11 and 5.3.x before 5.3.1, when running on certain Windows operating systems, allows context-dependent attackers to cause a denial of service crash via a crafted 1 "e" or 2 "er" string in the second argument aka mode, possibly related t...
CVE-2009-3294
CVE-2009-3294 affects PHP prior to 5.2.11 and 5.3.x prior to 5.3.1. The vulnerability is in the popen API (TSRM/tsrm_win32.c) on certain Windows OSes, where a crafted second argument (mode) of either "e" or "er" can cause a denial of service (crash) and may involve the Microsoft C runtime’s _fdop...