PHP — популярный язык сценариев общего назначения, особенно подходящий для веб-разработки.
Релизный цикл, информация об уязвимостях
График релизов
Количество 3 883
CVE-2007-1886
Integer overflow in the str_replace function in PHP 4.4.5 and PHP 5.2.1 allows context-dependent attackers to have an unknown impact via a single character search string in conjunction with a single character replacement string, which causes an "off by one overflow."
CVE-2007-1887
Buffer overflow in the sqlite_decode_binary function in the bundled sq ...
CVE-2007-1889
Integer signedness error in the _zend_mm_alloc_int function in the Zen ...
CVE-2007-1886
Integer overflow in the str_replace function in PHP 4.4.5 and PHP 5.2. ...
CVE-2007-1888
Buffer overflow in the sqlite_decode_binary function in src/encode.c i ...
CVE-2007-1885
Integer overflow in the str_replace function in PHP 4 before 4.4.5 and ...
CVE-2007-1883
PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows context-depende ...
CVE-2007-1890
Integer overflow in the msg_receive function in PHP 4 before 4.4.5 and ...
CVE-2007-1884
Multiple integer signedness errors in the printf function family in PH ...
CVE-2007-1888
Buffer overflow in the sqlite_decode_binary function in src/encode.c in SQLite 2, as used by PHP 4.x through 5.x and other applications, allows context-dependent attackers to execute arbitrary code via an empty value of the in parameter. NOTE: some PHP installations use a bundled version of sqlite without this vulnerability. The SQLite developer has argued that this issue could be due to a misuse of the sqlite_decode_binary() API.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
 | CVE-2007-1886 Integer overflow in the str_replace function in PHP 4.4.5 and PHP 5.2.1 allows context-dependent attackers to have an unknown impact via a single character search string in conjunction with a single character replacement string, which causes an "off by one overflow." | CVSS2: 6.8 | 1% Низкий | почти 19 лет назад |
| CVE-2007-1887 Buffer overflow in the sqlite_decode_binary function in the bundled sq ... | CVSS2: 7.5 | 4% Низкий | почти 19 лет назад |
| CVE-2007-1889 Integer signedness error in the _zend_mm_alloc_int function in the Zen ... | CVSS2: 7.5 | 8% Низкий | почти 19 лет назад |
| CVE-2007-1886 Integer overflow in the str_replace function in PHP 4.4.5 and PHP 5.2. ... | CVSS2: 6.8 | 1% Низкий | почти 19 лет назад |
| CVE-2007-1888 Buffer overflow in the sqlite_decode_binary function in src/encode.c i ... | CVSS2: 7.5 | 5% Низкий | почти 19 лет назад |
| CVE-2007-1885 Integer overflow in the str_replace function in PHP 4 before 4.4.5 and ... | CVSS2: 7.5 | 2% Низкий | почти 19 лет назад |
| CVE-2007-1883 PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows context-depende ... | CVSS2: 7.8 | 1% Низкий | почти 19 лет назад |
| CVE-2007-1890 Integer overflow in the msg_receive function in PHP 4 before 4.4.5 and ... | CVSS2: 7.5 | 5% Низкий | почти 19 лет назад |
| CVE-2007-1884 Multiple integer signedness errors in the printf function family in PH ... | CVSS2: 6.8 | 2% Низкий | почти 19 лет назад |
 | CVE-2007-1888 Buffer overflow in the sqlite_decode_binary function in src/encode.c in SQLite 2, as used by PHP 4.x through 5.x and other applications, allows context-dependent attackers to execute arbitrary code via an empty value of the in parameter. NOTE: some PHP installations use a bundled version of sqlite without this vulnerability. The SQLite developer has argued that this issue could be due to a misuse of the sqlite_decode_binary() API. | CVSS2: 7.5 | 5% Низкий | почти 19 лет назад |
Уязвимостей на страницу