PHP — популярный язык сценариев общего назначения, особенно подходящий для веб-разработки.

fopen_wrappers.c in PHP 4.4.0, and possibly other versions, does not p ...

fopen_wrappers.c in PHP 4.4.0, and possibly other versions, does not properly restrict access to other directories when the open_basedir directive includes a trailing slash, which allows PHP scripts in one directory to access files in other directories whose names are substrings of the original directory.

Integer overflow in the exif_process_IFD_TAG function in exif.c in PHP before 4.3.11 may allow remote attackers to execute arbitrary code via an IFD tag that leads to a negative byte count.

PHP 4 (PHP4) allows attackers to cause a denial of service (daemon crash) by using the readfile function on a file whose size is a multiple of the page size.

The php_next_marker function in image.c for PHP 4.2.2, 4.3.9, 4.3.10 and 5.0.3, as reachable by the getimagesize PHP function, allows remote attackers to cause a denial of service (infinite loop) via a JPEG image with an invalid marker value, which causes a negative length value to be passed to php_stream_seek.

The php_handle_iff function in image.c for PHP 4.2.2, 4.3.9, 4.3.10 and 5.0.3, as reachable by the getimagesize PHP function, allows remote attackers to cause a denial of service (infinite loop) via a -8 size value.

PHP 4 (PHP4) allows attackers to cause a denial of service (daemon cra ...

Integer overflow in the exif_process_IFD_TAG function in exif.c in PHP ...

The php_next_marker function in image.c for PHP 4.2.2, 4.3.9, 4.3.10 a ...

The php_handle_iff function in image.c for PHP 4.2.2, 4.3.9, 4.3.10 an ...