Heap-based buffer overflow in ext/mbstring/libmbfl/filters/mbfilter_htmlent.c in the mbstring extension in PHP 4.3.0 through 5.2.6 allows context-dependent attackers to execute arbitrary code via a crafted string containing an HTML entity, which is not properly handled during Unicode conversion, related to the (1) mb_convert_encoding, (2) mb_check_encoding, (3) mb_convert_variables, and (4) mb_parse_str functions.
| Max Base Score | 10.0 |
| Published | 2008-12-23 |
| Updated | 2018-10-11 |
| EPSS | 3.74% |
Buffer overflow in the memnstr function in PHP 4.4.x before 4.4.9 and PHP 5.6 through 5.2.6 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via the delimiter argument to the explode function. NOTE: the scope of this issue is limited since most applications would not use an attacker-controlled delimiter, but local attacks against safe_mode are feasible.
| Max Base Score | 6.4 |
| Published | 2008-08-15 |
| Updated | 2018-10-11 |
| EPSS | 3.47% |
Buffer overflow in the imageloadfont function in ext/gd/gd.c in PHP 4.4.x before 4.4.9 and PHP 5.2 before 5.2.6-r6 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted font file.
| Max Base Score | 7.5 |
| Published | 2008-08-15 |
| Updated | 2018-10-11 |
| EPSS | 3.33% |
php_imap.c in PHP 5.2.5, 5.2.6, 4.x, and other versions, uses obsolete API calls that allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long IMAP request, which triggers an "rfc822.c legacy routine buffer overflow" error message, related to the rfc822_write_address function.
| Max Base Score | 5.0 |
| Published | 2008-06-23 |
| Updated | 2019-10-09 |
| EPSS | 0.99% |
Heap-based buffer overflow in pcre_compile.c in the Perl-Compatible Regular Expression (PCRE) library 7.7 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a regular expression that begins with an option and contains multiple branches.
| Max Base Score | 7.5 |
| Published | 2008-07-07 |
| Updated | 2022-08-01 |
| EPSS | 0.28% |
Stack-based buffer overflow in the FastCGI SAPI (fastcgi.c) in PHP before 5.2.6 has unknown impact and attack vectors.
| Max Base Score | 10.0 |
| Published | 2008-05-05 |
| Updated | 2023-02-13 |
| EPSS | 2.23% |
Integer overflow in PHP 5.2.5 and earlier allows context-dependent attackers to cause a denial of service and possibly have unspecified other impact via a printf format parameter with a large width specifier, related to the php_sprintf_appendstring function in formatted_print.c and probably other functions for formatted strings (aka *printf functions).
| Max Base Score | 5.0 |
| Published | 2008-03-27 |
| Updated | 2018-10-11 |
| EPSS | 1.94% |
7 vulnerabilities found