Double free vulnerability in the imap_do_open function in the IMAP extension (ext/imap/php_imap.c) in PHP 5.2 before 5.2.15 and 5.3 before 5.3.4 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors.
| Max Base Score | 5.0 |
| Published | 2010-12-07 |
| Updated | 2017-09-19 |
| EPSS | 1.94% |
The ZipArchive::getArchiveComment function in PHP 5.2.x through 5.2.14 and 5.3.x through 5.3.3 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ZIP archive.
| Max Base Score | 4.3 |
| Published | 2010-11-09 |
| Updated | 2023-02-13 |
| EPSS | 0.24% |
The strrchr function in PHP 5.2 before 5.2.14 allows context-dependent attackers to obtain sensitive information (memory contents) or trigger memory corruption by causing a userspace interruption of an internal function or handler.
| Max Base Score | 5.0 |
| Published | 2010-08-20 |
| Updated | 2016-08-23 |
| EPSS | 0.59% |
Use-after-free vulnerability in the SplObjectStorage unserializer in PHP 5.2.x and 5.3.x through 5.3.2 allows remote attackers to execute arbitrary code or obtain sensitive information via serialized data, related to the PHP unserialize function.
| Max Base Score | 7.5 |
| Published | 2010-06-24 |
| Updated | 2017-08-17 |
| EPSS | 4.47% |
The (1) parse_str, (2) preg_match, (3) unpack, and (4) pack functions; the (5) ZEND_FETCH_RW, (6) ZEND_CONCAT, and (7) ZEND_ASSIGN_CONCAT opcodes; and the (8) ArrayObject::uasort method in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allow context-dependent attackers to obtain sensitive information (memory contents) or trigger memory corruption by causing a userspace interruption of an internal function or handler. NOTE: vectors 2 through 4 are related to the call time pass by reference feature.
| Max Base Score | 6.4 |
| Published | 2010-06-08 |
| Updated | 2017-08-17 |
| EPSS | 0.56% |
Use-after-free vulnerability in the request shutdown functionality in PHP 5.2 before 5.2.13 and 5.3 before 5.3.2 allows context-dependent attackers to cause a denial of service (crash) via a stream context structure that is freed before destruction occurs.
| Max Base Score | 5.0 |
| Published | 2010-05-27 |
| Updated | 2010-12-07 |
| EPSS | 0.31% |
The dechunk filter in PHP 5.3 through 5.3.2, when decoding an HTTP chunked encoding stream, allows context-dependent attackers to cause a denial of service (crash) and possibly trigger memory corruption via a negative chunk size, which bypasses a signed comparison, related to an integer overflow in the chunk size decoder.
| Max Base Score | 7.5 |
| Published | 2010-05-07 |
| Updated | 2010-09-30 |
| EPSS | 0.77% |
The html_entity_decode function in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to obtain sensitive information (memory contents) or trigger memory corruption by causing a userspace interruption of an internal call, related to the call time pass by reference feature.
| Max Base Score | 5.0 |
| Published | 2010-05-07 |
| Updated | 2016-08-23 |
| EPSS | 0.26% |
The xmlrpc extension in PHP 5.3.1 does not properly handle a missing methodName element in the first argument to the xmlrpc_decode_request function, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) and possibly have unspecified other impact via a crafted argument.
| Max Base Score | 5.0 |
| Published | 2010-03-16 |
| Updated | 2010-12-10 |
| EPSS | 2.30% |
9 vulnerabilities found