| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2011-2483 | 5.0 |
crypt_blowfish before 1.1, as used in PHP before 5.3.7 on certain platforms, PostgreSQL before 8.4.9, and other products, does not properly handle 8-bit characters, which makes it easier for context-dependent attackers to determine a cleartext passwo
|
23-04-2024 - 19:57 | 25-08-2011 - 14:22 | |
| CVE-2011-1471 | 4.3 |
Integer signedness error in zip_stream.c in the Zip extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (CPU consumption) via a malformed archive file that triggers errors in zip_fread function calls.
|
19-01-2023 - 16:40 | 20-03-2011 - 02:00 | |
| CVE-2011-2202 | 6.4 |
The rfc1867_post_handler function in main/rfc1867.c in PHP before 5.3.7 does not properly restrict filenames in multipart/form-data POST requests, which allows remote attackers to conduct absolute path traversal attacks, and possibly create or overwr
|
30-10-2018 - 16:26 | 16-06-2011 - 23:55 | |
| CVE-2011-1469 | 4.3 |
Unspecified vulnerability in the Streams component in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (application crash) by accessing an ftp:// URL during use of an HTTP proxy with the FTP wrapper.
|
30-10-2018 - 16:26 | 20-03-2011 - 02:00 | |
| CVE-2011-1468 | 4.3 |
Multiple memory leaks in the OpenSSL extension in PHP before 5.3.6 might allow remote attackers to cause a denial of service (memory consumption) via (1) plaintext data to the openssl_encrypt function or (2) ciphertext data to the openssl_decrypt fun
|
30-10-2018 - 16:26 | 20-03-2011 - 02:00 | |
| CVE-2011-1466 | 5.0 |
Integer overflow in the SdnToJulian function in the Calendar extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (application crash) via a large integer in the first argument to the cal_from_jd function.
|
30-10-2018 - 16:26 | 20-03-2011 - 02:00 | |
| CVE-2011-1148 | 7.5 |
Use-after-free vulnerability in the substr_replace function in PHP 5.3.6 and earlier allows context-dependent attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact by using the same variable for multiple
|
30-10-2018 - 16:26 | 18-03-2011 - 15:55 | |
| CVE-2011-0708 | 4.3 |
exif.c in the Exif extension in PHP before 5.3.6 on 64-bit platforms performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) via an image with a crafted Image File Directory (IFD) that triggers a buf
|
30-10-2018 - 16:26 | 20-03-2011 - 02:00 | |
| CVE-2011-1938 | 7.5 |
Stack-based buffer overflow in the socket_connect function in ext/sockets/sockets.c in PHP 5.3.3 through 5.3.6 might allow context-dependent attackers to execute arbitrary code via a long pathname for a UNIX socket.
|
17-08-2017 - 01:34 | 31-05-2011 - 20:55 |