PHP — популярный язык сценариев общего назначения, особенно подходящий для веб-разработки.
Релизный цикл, информация об уязвимостях
График релизов
Количество 3 883
CVE-2006-1990
Integer overflow in the wordwrap function in string.c in PHP 4.4.2 and 5.1.2 might allow context-dependent attackers to execute arbitrary code via certain long arguments that cause a small buffer to be allocated, which triggers a heap-based buffer overflow in a memcpy function call, a different vulnerability than CVE-2002-1396.
CVE-2006-1991
The substr_compare function in string.c in PHP 5.1.2 allows context-de ...
CVE-2006-1990
Integer overflow in the wordwrap function in string.c in PHP 4.4.2 and ...
CVE-2006-1990
Integer overflow in the wordwrap function in string.c in PHP 4.4.2 and 5.1.2 might allow context-dependent attackers to execute arbitrary code via certain long arguments that cause a small buffer to be allocated, which triggers a heap-based buffer overflow in a memcpy function call, a different vulnerability than CVE-2002-1396.
CVE-2006-1991
The substr_compare function in string.c in PHP 5.1.2 allows context-dependent attackers to cause a denial of service (memory access violation) via an out-of-bounds offset argument.
CVE-2006-1990
Integer overflow in the wordwrap function in string.c in PHP 4.4.2 and 5.1.2 might allow context-dependent attackers to execute arbitrary code via certain long arguments that cause a small buffer to be allocated, which triggers a heap-based buffer overflow in a memcpy function call, a different vulnerability than CVE-2002-1396.
CVE-2006-1549
PHP 4.4.2 and 5.1.2 allows local users to cause a crash (segmentation fault) by defining and executing a recursive function. NOTE: it has been reported by a reliable third party that some later versions are also affected.
CVE-2006-1549
PHP 4.4.2 and 5.1.2 allows local users to cause a crash (segmentation ...
CVE-2006-1549
PHP 4.4.2 and 5.1.2 allows local users to cause a crash (segmentation fault) by defining and executing a recursive function. NOTE: it has been reported by a reliable third party that some later versions are also affected.
CVE-2006-1608
The copy function in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass safe mode and read arbitrary files via a source argument containing a compress.zlib:// URI.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
 | CVE-2006-1990 Integer overflow in the wordwrap function in string.c in PHP 4.4.2 and 5.1.2 might allow context-dependent attackers to execute arbitrary code via certain long arguments that cause a small buffer to be allocated, which triggers a heap-based buffer overflow in a memcpy function call, a different vulnerability than CVE-2002-1396. | CVSS2: 5 | 1% Низкий | почти 20 лет назад |
| CVE-2006-1991 The substr_compare function in string.c in PHP 5.1.2 allows context-de ... | CVSS2: 6.4 | 4% Низкий | почти 20 лет назад |
| CVE-2006-1990 Integer overflow in the wordwrap function in string.c in PHP 4.4.2 and ... | CVSS2: 5 | 1% Низкий | почти 20 лет назад |
 | CVE-2006-1990 Integer overflow in the wordwrap function in string.c in PHP 4.4.2 and 5.1.2 might allow context-dependent attackers to execute arbitrary code via certain long arguments that cause a small buffer to be allocated, which triggers a heap-based buffer overflow in a memcpy function call, a different vulnerability than CVE-2002-1396. | CVSS2: 5 | 1% Низкий | почти 20 лет назад |
| CVE-2006-1991 The substr_compare function in string.c in PHP 5.1.2 allows context-dependent attackers to cause a denial of service (memory access violation) via an out-of-bounds offset argument. | CVSS2: 6.4 | 4% Низкий | почти 20 лет назад |
 | CVE-2006-1990 Integer overflow in the wordwrap function in string.c in PHP 4.4.2 and 5.1.2 might allow context-dependent attackers to execute arbitrary code via certain long arguments that cause a small buffer to be allocated, which triggers a heap-based buffer overflow in a memcpy function call, a different vulnerability than CVE-2002-1396. | 1% Низкий | почти 20 лет назад | |
| CVE-2006-1549 PHP 4.4.2 and 5.1.2 allows local users to cause a crash (segmentation fault) by defining and executing a recursive function. NOTE: it has been reported by a reliable third party that some later versions are also affected. | CVSS2: 2.1 | 0% Низкий | почти 20 лет назад |
| CVE-2006-1549 PHP 4.4.2 and 5.1.2 allows local users to cause a crash (segmentation ... | CVSS2: 2.1 | 0% Низкий | почти 20 лет назад |
| CVE-2006-1549 PHP 4.4.2 and 5.1.2 allows local users to cause a crash (segmentation fault) by defining and executing a recursive function. NOTE: it has been reported by a reliable third party that some later versions are also affected. | CVSS2: 2.1 | 0% Низкий | почти 20 лет назад |
| CVE-2006-1608 The copy function in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass safe mode and read arbitrary files via a source argument containing a compress.zlib:// URI. | CVSS2: 2.1 | 1% Низкий | почти 20 лет назад |
Уязвимостей на страницу