Php@4.2.0 Security Vulnerabilities and Issues — Php@4.2.0 CVE List

Lucene search

PhpPhp4.2.0

17 matches found

CVE•added 2006/06/13 6:2 p.m.•1075 views

CVE-2006-2660

Buffer consumption vulnerability in the tempnam function in PHP 5.1.4 and 4.x before 4.4.3 allows local users to bypass restrictions and create PHP files with fixed names in other directories via a pathname argument longer than MAXPATHLEN, which prevents a unique string from being appended to the f...

2.1CVSS6AI score0.00275EPSS

CVE•added 2006/10/10 4:6 a.m.•102 views

CVE-2006-4812

Integer overflow in PHP 5 up to 5.1.6 and 4 before 4.3.0 allows remote attackers to execute arbitrary code via an argument to the unserialize PHP function with a large value for the number of array elements, which triggers the overflow in the Zend Engine ecalloc function (Zend/zend_alloc.c).

10CVSS7.9AI score0.38404EPSS

CVE•added 2006/09/12 4:7 p.m.•82 views

CVE-2006-4625

PHP 4.x up to 4.4.4 and PHP 5 up to 5.1.6 allows local users to bypass certain Apache HTTP Server httpd.conf options, such as safe_mode and open_basedir, via the ini_restore function, which resets the values to their php.ini (Master Value) defaults.

3.6CVSS6AI score0.00251EPSS

CVE•added 2006/03/07 12:2 a.m.•81 views

CVE-2006-1017

The c-client library 2000, 2001, or 2004 for PHP before 4.4.4 and 5.x before 5.1.5 do not check the (1) safe_mode or (2) open_basedir functions, and when used in applications that accept user-controlled input for the mailbox argument to the imap_open function, allow remote attackers to obtain acces...

9.3CVSS6.3AI score0.05487EPSS

CVE•added 2006/06/14 11:2 p.m.•75 views

CVE-2006-3017

zend_hash_del_key_or_index in zend_hash.c in PHP before 4.4.3 and 5.x before 5.1.3 can cause zend_hash_del to delete the wrong element, which prevents a variable from being unset even when the PHP unset function is called, which might cause the variable's value to be used in security-relevant opera...

9.3CVSS6AI score0.04833EPSS

CVE•added 2006/08/08 8:4 p.m.•75 views

CVE-2006-4020

scanf.c in PHP 5.1.4 and earlier, and 4.4.3 and earlier, allows context-dependent attackers to execute arbitrary code via a sscanf PHP function call that performs argument swapping, which increments an index past the end of an array and triggers a buffer over-read.

4.6CVSS7.3AI score0.05977EPSS

CVE•added 2006/01/13 11:3 p.m.•73 views

CVE-2006-0208

Multiple cross-site scripting (XSS) vulnerabilities in PHP 4.4.1 and 5.1.1, when display_errors and html_errors are on, allow remote attackers to inject arbitrary web script or HTML via inputs to PHP applications that are not filtered when they are included in the resulting error message.

2.6CVSS5.5AI score0.03288EPSS

CVE•added 2006/03/29 9:6 p.m.•71 views

CVE-2006-1490

PHP before 5.1.3-RC1 might allow remote attackers to obtain portions of memory via crafted binary data sent to a script that processes user input in the html_entity_decode function and sends the encoded results back to the client, aka a "binary safety" issue. NOTE: this issue has been referred to a...

5CVSS6AI score0.33827EPSS

CVE•added 2006/06/14 10:0 p.m.•65 views

CVE-2003-1302

The IMAP functionality in PHP before 4.3.1 allows remote attackers to cause a denial of service via an e-mail message with a (1) To or (2) From header with an address that contains a large number of "" (backslash) characters.

5CVSS6.8AI score0.00667EPSS

CVE•added 2006/04/10 7:2 p.m.•64 views

CVE-2006-1494

Directory traversal vulnerability in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass open_basedir restrictions allows remote attackers to create files in arbitrary directories via the tempnam function.

2.6CVSS6.4AI score0.04053EPSS

CVE•added 2006/06/26 9:5 p.m.•64 views

CVE-2006-3011

The error_log function in basic_functions.c in PHP before 4.4.4 and 5.x before 5.1.5 allows local users to bypass safe mode and open_basedir restrictions via a "php://" or other scheme in the third argument, which disables safe mode.

4.6CVSS6AI score0.00467EPSS

CVE•added 2006/06/14 10:0 p.m.•61 views

CVE-2002-2215

The imap_header function in the IMAP functionality for PHP before 4.3.0 allows remote attackers to cause a denial of service via an e-mail message with a large number of "To" addresses, which triggers an error in the rfc822_write_address function.

5CVSS6.7AI score0.00667EPSS

CVE•added 2006/04/10 7:2 p.m.•61 views

CVE-2006-1608

The copy function in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass safe mode and read arbitrary files via a source argument containing a compress.zlib:// URI.

2.1CVSS6.1AI score0.00253EPSS

CVE•added 2006/06/14 10:0 p.m.•56 views

CVE-2002-2214

The php_if_imap_mime_header_decode function in the IMAP functionality in PHP before 4.2.2 allows remote attackers to cause a denial of service (crash) via an e-mail header with a long "To" header.

5CVSS6.7AI score0.00776EPSS

CVE•added 2006/10/10 4:6 a.m.•56 views

CVE-2006-5178

Race condition in the symlink function in PHP 5.1.6 and earlier allows local users to bypass the open_basedir restriction by using a combination of symlink, mkdir, and unlink functions to change the file path after the open_basedir check and before the file is opened by the underlying system, as de...

6.2CVSS6.2AI score0.00059EPSS

CVE•added 2006/03/07 12:2 a.m.•55 views

CVE-2006-1015

Argument injection vulnerability in certain PHP 3.x, 4.x, and 5.x applications, when used with sendmail and when accepting remote input for the additional_parameters argument to the mail function, allows remote attackers to read and create arbitrary files via the sendmail -C and -X arguments. NOTE:...

6.4CVSS6.8AI score0.03867EPSS

CVE•added 2006/08/29 12:4 a.m.•50 views

CVE-2006-4433

PHP before 4.4.3 and 5.x before 5.1.4 does not limit the character set of the session identifier (PHPSESSID) for third party session handlers, which might make it easier for remote attackers to exploit other vulnerabilities by inserting PHP code into the PHPSESSID, which is stored in the session fi...

7.5CVSS6.8AI score0.0164EPSS