PHP — популярный язык сценариев общего назначения, особенно подходящий для веб-разработки.

Релизный цикл, информация об уязвимостях

Продукт: PHP

Вендор: php

График релизов

Недавние уязвимости PHP

Количество 3 883

CVE-2005-0524

почти 21 год назад

The php_handle_iff function in image.c for PHP 4.2.2, 4.3.9, 4.3.10 and 5.0.3, as reachable by the getimagesize PHP function, allows remote attackers to cause a denial of service (infinite loop) via a -8 size value.

CVSS2: 5

EPSS: Низкий

CVE-2005-1042

почти 21 год назад

Integer overflow in the exif_process_IFD_TAG function in exif.c in PHP ...

CVSS2: 7.5

EPSS: Низкий

CVE-2005-0524

почти 21 год назад

The php_handle_iff function in image.c for PHP 4.2.2, 4.3.9, 4.3.10 an ...

CVSS2: 5

EPSS: Низкий

CVE-2005-0525

почти 21 год назад

The php_next_marker function in image.c for PHP 4.2.2, 4.3.9, 4.3.10 a ...

CVSS2: 5

EPSS: Низкий

CVE-2005-0596

почти 21 год назад

PHP 4 (PHP4) allows attackers to cause a denial of service (daemon cra ...

CVSS2: 2.1

EPSS: Низкий

CVE-2005-0596

почти 21 год назад

PHP 4 (PHP4) allows attackers to cause a denial of service (daemon crash) by using the readfile function on a file whose size is a multiple of the page size.

CVSS2: 2.1

EPSS: Низкий

CVE-2005-0524

почти 21 год назад

CVSS2: 5

EPSS: Низкий

CVE-2005-1042

почти 21 год назад

Integer overflow in the exif_process_IFD_TAG function in exif.c in PHP before 4.3.11 may allow remote attackers to execute arbitrary code via an IFD tag that leads to a negative byte count.

CVSS2: 7.5

EPSS: Низкий

CVE-2005-0525

почти 21 год назад

The php_next_marker function in image.c for PHP 4.2.2, 4.3.9, 4.3.10 and 5.0.3, as reachable by the getimagesize PHP function, allows remote attackers to cause a denial of service (infinite loop) via a JPEG image with an invalid marker value, which causes a negative length value to be passed to php_stream_seek.

CVSS2: 5

EPSS: Низкий

CVE-2005-1043

почти 21 год назад

exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion.

CVSS2: 5

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано 1
CVE-2005-0524 The php_handle_iff function in image.c for PHP 4.2.2, 4.3.9, 4.3.10 and 5.0.3, as reachable by the getimagesize PHP function, allows remote attackers to cause a denial of service (infinite loop) via a -8 size value.	CVSS2: 5	4% Низкий	почти 21 год назад
CVE-2005-1042 Integer overflow in the exif_process_IFD_TAG function in exif.c in PHP ...	CVSS2: 7.5	6% Низкий	почти 21 год назад
CVE-2005-0524 The php_handle_iff function in image.c for PHP 4.2.2, 4.3.9, 4.3.10 an ...	CVSS2: 5	4% Низкий	почти 21 год назад
CVE-2005-0525 The php_next_marker function in image.c for PHP 4.2.2, 4.3.9, 4.3.10 a ...	CVSS2: 5	6% Низкий	почти 21 год назад
CVE-2005-0596 PHP 4 (PHP4) allows attackers to cause a denial of service (daemon cra ...	CVSS2: 2.1	0% Низкий	почти 21 год назад
CVE-2005-0596 PHP 4 (PHP4) allows attackers to cause a denial of service (daemon crash) by using the readfile function on a file whose size is a multiple of the page size.	CVSS2: 2.1	0% Низкий	почти 21 год назад
CVE-2005-0524 The php_handle_iff function in image.c for PHP 4.2.2, 4.3.9, 4.3.10 and 5.0.3, as reachable by the getimagesize PHP function, allows remote attackers to cause a denial of service (infinite loop) via a -8 size value.	CVSS2: 5	4% Низкий	почти 21 год назад
CVE-2005-1042 Integer overflow in the exif_process_IFD_TAG function in exif.c in PHP before 4.3.11 may allow remote attackers to execute arbitrary code via an IFD tag that leads to a negative byte count.	CVSS2: 7.5	6% Низкий	почти 21 год назад
CVE-2005-0525 The php_next_marker function in image.c for PHP 4.2.2, 4.3.9, 4.3.10 and 5.0.3, as reachable by the getimagesize PHP function, allows remote attackers to cause a denial of service (infinite loop) via a JPEG image with an invalid marker value, which causes a negative length value to be passed to php_stream_seek.	CVSS2: 5	6% Низкий	почти 21 год назад
CVE-2005-1043 exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion.	CVSS2: 5	1% Низкий	почти 21 год назад

Уязвимостей на страницу