| Max CVSS | 6.4 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2011-4566 | 6.4 |
Integer overflow in the exif_process_IFD_TAG function in exif.c in the exif extension in PHP 5.4.0beta2 on 32-bit platforms allows remote attackers to read the contents of arbitrary memory locations or cause a denial of service via a crafted offset_v
|
29-08-2022 - 20:11 | 29-11-2011 - 00:55 | |
| CVE-2011-2202 | 6.4 |
The rfc1867_post_handler function in main/rfc1867.c in PHP before 5.3.7 does not properly restrict filenames in multipart/form-data POST requests, which allows remote attackers to conduct absolute path traversal attacks, and possibly create or overwr
|
30-10-2018 - 16:26 | 16-06-2011 - 23:55 | |
| CVE-2011-1466 | 5.0 |
Integer overflow in the SdnToJulian function in the Calendar extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (application crash) via a large integer in the first argument to the cal_from_jd function.
|
30-10-2018 - 16:26 | 20-03-2011 - 02:00 | |
| CVE-2011-0708 | 4.3 |
exif.c in the Exif extension in PHP before 5.3.6 on 64-bit platforms performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) via an image with a crafted Image File Directory (IFD) that triggers a buf
|
30-10-2018 - 16:26 | 20-03-2011 - 02:00 | |
| CVE-2011-4885 | 5.0 |
PHP before 5.3.9 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.
|
09-01-2018 - 02:29 | 30-12-2011 - 01:55 |