PHP — популярный язык сценариев общего назначения, особенно подходящий для веб-разработки.
Релизный цикл, информация об уязвимостях
График релизов
Количество 3 768
CVE-2007-1886
Integer overflow in the str_replace function in PHP 4.4.5 and PHP 5.2. ...
CVE-2007-1889
Integer signedness error in the _zend_mm_alloc_int function in the Zen ...
CVE-2007-1884
Multiple integer signedness errors in the printf function family in PH ...
CVE-2007-1887
Buffer overflow in the sqlite_decode_binary function in the bundled sq ...
CVE-2007-1888
Buffer overflow in the sqlite_decode_binary function in src/encode.c i ...
CVE-2007-1884
Multiple integer signedness errors in the printf function family in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 on 64 bit machines allow context-dependent attackers to execute arbitrary code via (1) certain negative argument numbers that arise in the php_formatted_print function because of 64 to 32 bit truncation, and bypass a check for the maximum allowable value; and (2) a width and precision of -1, which make it possible for the php_sprintf_appendstring function to place an internal buffer at an arbitrary memory location.
CVE-2007-1883
PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows context-dependent attackers to read arbitrary memory locations via an interruption that triggers a user space error handler that changes a parameter to an arbitrary pointer, as demonstrated via the iptcembed function, which calls certain convert_to_* functions with its input parameters.
CVE-2007-1887
Buffer overflow in the sqlite_decode_binary function in the bundled sqlite library in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 allows context-dependent attackers to execute arbitrary code via an empty value of the in parameter, as demonstrated by calling the sqlite_udf_decode_binary function with a 0x01 character.
CVE-2007-1888
Buffer overflow in the sqlite_decode_binary function in src/encode.c in SQLite 2, as used by PHP 4.x through 5.x and other applications, allows context-dependent attackers to execute arbitrary code via an empty value of the in parameter. NOTE: some PHP installations use a bundled version of sqlite without this vulnerability. The SQLite developer has argued that this issue could be due to a misuse of the sqlite_decode_binary() API.
CVE-2007-1890
Integer overflow in the msg_receive function in PHP 4 before 4.4.5 and PHP 5 before 5.2.1, on FreeBSD and possibly other platforms, allows context-dependent attackers to execute arbitrary code via certain maxsize values, as demonstrated by 0xffffffff.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| CVE-2007-1886 Integer overflow in the str_replace function in PHP 4.4.5 and PHP 5.2. ... | CVSS2: 6.8 | 1% Низкий | около 18 лет назад |
| CVE-2007-1889 Integer signedness error in the _zend_mm_alloc_int function in the Zen ... | CVSS2: 7.5 | 6% Низкий | около 18 лет назад |
| CVE-2007-1884 Multiple integer signedness errors in the printf function family in PH ... | CVSS2: 6.8 | 1% Низкий | около 18 лет назад |
| CVE-2007-1887 Buffer overflow in the sqlite_decode_binary function in the bundled sq ... | CVSS2: 7.5 | 2% Низкий | около 18 лет назад |
| CVE-2007-1888 Buffer overflow in the sqlite_decode_binary function in src/encode.c i ... | CVSS2: 7.5 | 3% Низкий | около 18 лет назад |
 | CVE-2007-1884 Multiple integer signedness errors in the printf function family in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 on 64 bit machines allow context-dependent attackers to execute arbitrary code via (1) certain negative argument numbers that arise in the php_formatted_print function because of 64 to 32 bit truncation, and bypass a check for the maximum allowable value; and (2) a width and precision of -1, which make it possible for the php_sprintf_appendstring function to place an internal buffer at an arbitrary memory location. | CVSS2: 6.8 | 1% Низкий | около 18 лет назад |
| CVE-2007-1883 PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows context-dependent attackers to read arbitrary memory locations via an interruption that triggers a user space error handler that changes a parameter to an arbitrary pointer, as demonstrated via the iptcembed function, which calls certain convert_to_* functions with its input parameters. | CVSS2: 7.8 | 0% Низкий | около 18 лет назад |
| CVE-2007-1887 Buffer overflow in the sqlite_decode_binary function in the bundled sqlite library in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 allows context-dependent attackers to execute arbitrary code via an empty value of the in parameter, as demonstrated by calling the sqlite_udf_decode_binary function with a 0x01 character. | CVSS2: 7.5 | 2% Низкий | около 18 лет назад |
| CVE-2007-1888 Buffer overflow in the sqlite_decode_binary function in src/encode.c in SQLite 2, as used by PHP 4.x through 5.x and other applications, allows context-dependent attackers to execute arbitrary code via an empty value of the in parameter. NOTE: some PHP installations use a bundled version of sqlite without this vulnerability. The SQLite developer has argued that this issue could be due to a misuse of the sqlite_decode_binary() API. | CVSS2: 7.5 | 3% Низкий | около 18 лет назад |
| CVE-2007-1890 Integer overflow in the msg_receive function in PHP 4 before 4.4.5 and PHP 5 before 5.2.1, on FreeBSD and possibly other platforms, allows context-dependent attackers to execute arbitrary code via certain maxsize values, as demonstrated by 0xffffffff. | CVSS2: 7.5 | 4% Низкий | около 18 лет назад |
Уязвимостей на страницу