PHP » PHP » 5.0 RC2 : Security Vulnerabilities (Gain Information)
Cpe Name:
cpe:/a:php:php:5.0:rc2
Copy Results
Download Results
Select Table
| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2009-2626 |
|
|
+Info |
2009-12-01 |
2009-12-19 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
|
The zend_restore_ini_entry_cb function in zend_ini.c in PHP 5.3.0, 5.2.10, and earlier versions allows context-specific attackers to obtain sensitive information (memory contents) and cause a PHP crash by using the ini_set function to declare a variable, then using the ini_restore function to restore the variable. |
|
2 |
CVE-2008-5498 |
200 |
|
+Info |
2008-12-26 |
2010-08-21 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Array index error in the imageRotate function in PHP 5.2.8 and earlier allows context-dependent attackers to read the contents of arbitrary memory locations via a crafted value of the third argument (aka the bgd_color or clrBack argument) for an indexed image. |
|
3 |
CVE-2007-1380 |
|
1
|
+Info |
2007-03-09 |
2010-08-21 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The php_binary serialization handler in the session extension in PHP before 4.4.5, and 5.x before 5.2.1, allows context-dependent attackers to obtain sensitive information (memory contents) via a serialized variable entry with a large length value, which triggers a buffer over-read. |
Total number of vulnerabilities :
3
Page :
1
(This Page)
