| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2011-1471 | 4.3 |
Integer signedness error in zip_stream.c in the Zip extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (CPU consumption) via a malformed archive file that triggers errors in zip_fread function calls.
|
19-01-2023 - 16:40 | 20-03-2011 - 02:00 | |
| CVE-2011-1469 | 4.3 |
Unspecified vulnerability in the Streams component in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (application crash) by accessing an ftp:// URL during use of an HTTP proxy with the FTP wrapper.
|
30-10-2018 - 16:26 | 20-03-2011 - 02:00 | |
| CVE-2011-1467 | 5.0 |
Unspecified vulnerability in the NumberFormatter::setSymbol (aka numfmt_set_symbol) function in the Intl extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (application crash) via an invalid argument, a rela
|
30-10-2018 - 16:26 | 20-03-2011 - 02:00 | |
| CVE-2011-1470 | 4.3 |
The Zip extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (application crash) via a ziparchive stream that is not properly handled by the stream_get_contents function.
|
30-10-2018 - 16:26 | 20-03-2011 - 02:00 | |
| CVE-2011-1466 | 5.0 |
Integer overflow in the SdnToJulian function in the Calendar extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (application crash) via a large integer in the first argument to the cal_from_jd function.
|
30-10-2018 - 16:26 | 20-03-2011 - 02:00 | |
| CVE-2011-1464 | 4.3 |
Buffer overflow in the strval function in PHP before 5.3.6, when the precision configuration option has a large value, might allow context-dependent attackers to cause a denial of service (application crash) via a small numerical value in the argumen
|
30-10-2018 - 16:26 | 20-03-2011 - 02:00 | |
| CVE-2011-1092 | 7.5 |
Integer overflow in ext/shmop/shmop.c in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (crash) and possibly read sensitive memory via a large third argument to the shmop_read function.
|
30-10-2018 - 16:26 | 15-03-2011 - 17:55 | |
| CVE-2011-0421 | 4.3 |
The _zip_name_locate function in zip_name_locate.c in the Zip extension in PHP before 5.3.6 does not properly handle a ZIPARCHIVE::FL_UNCHANGED argument, which might allow context-dependent attackers to cause a denial of service (NULL pointer derefer
|
30-10-2018 - 16:26 | 20-03-2011 - 02:00 | |
| CVE-2011-0708 | 4.3 |
exif.c in the Exif extension in PHP before 5.3.6 on 64-bit platforms performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) via an image with a crafted Image File Directory (IFD) that triggers a buf
|
30-10-2018 - 16:26 | 20-03-2011 - 02:00 | |
| CVE-2011-1153 | 7.5 |
Multiple format string vulnerabilities in phar_object.c in the phar extension in PHP 5.3.5 and earlier allow context-dependent attackers to obtain sensitive information from process memory, cause a denial of service (memory corruption), or possibly e
|
17-08-2017 - 01:33 | 16-03-2011 - 22:55 |