Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

php php 5.2.9 vulnerabilities and exploits

(subscribe to this query)
6.4
CVSSv2
CVE-2010-1128
The Linear Congruential Generator (LCG) in PHP prior to 5.2.13 does not provide the expected entropy, which makes it easier for context-dependent malicious users to guess values that were intended to be unpredictable, as demonstrated by session cookies generated by using the uniq...
Php Php 5.2.9Php Php 5.2.8Php Php 5.2.0Php Php 5.2.11Php Php 5.2.10Php Php 5.2.1Php Php 5.2.3Php Php 5.2.2Php PhpPhp Php 5.2.5Php Php 5.2.4Php Php 5.2.7Php Php 5.2.6
7.5
CVSSv2
CVE-2010-1129
The safe_mode implementation in PHP prior to 5.2.13 does not properly handle directory pathnames that lack a trailing / (slash) character, which allows context-dependent malicious users to bypass intended access restrictions via vectors related to use of the tempnam function.
Php Php 5.2.5Php Php 5.2.6Php Php 5.2.0Php Php 5.2.7Php Php 5.2.8Php Php 5.2.9Php Php 5.2.3Php Php 5.2.4Php Php 5.2.12Php Php 5.2.1Php Php 5.2.2Php Php 5.2.10Php Php 5.2.11
5
CVSSv2
CVE-2010-2484
The strrchr function in PHP 5.2 prior to 5.2.14 allows context-dependent malicious users to obtain sensitive information (memory contents) or trigger memory corruption by causing a userspace interruption of an internal function or handler.
Php Php 5.2.11Php Php 5.2.5Php Php 5.2.2Php Php 5.2.9Php Php 5.2.6Php Php 5.2.8Php Php 5.2.0Php Php 5.2.4Php Php 5.2.13Php Php 5.2.12Php Php 5.2.10Php Php 5.2.3Php Php 5.2.1
5
CVSSv2
CVE-2010-2093
Use-after-free vulnerability in the request shutdown functionality in PHP 5.2 prior to 5.2.13 and 5.3 prior to 5.3.2 allows context-dependent malicious users to cause a denial of service (crash) via a stream context structure that is freed before destruction occurs.
Php Php 5.2.2Php Php 5.2.3Php Php 5.2.10Php Php 5.2.11Php Php 5.2.4Php Php 5.2.5Php Php 5.2.12Php Php 5.3.0Php Php 5.2.0Php Php 5.2.1Php Php 5.2.8Php Php 5.2.9Php Php 5.2.6Php Php 5.2.7Php Php 5.3.1
6.4
CVSSv2
CVE-2010-1861
The sysvshm extension for PHP 5.2 up to and including 5.2.13 and 5.3 up to and including 5.3.2 allows context-dependent malicious users to write to arbitrary memory addresses by using an object's __sleep function to interrupt an internal call to the shm_put_var function, whi...
Php Php 5.2.0Php Php 5.2.8Php Php 5.2.2Php Php 5.2.3Php Php 5.2.4Php Php 5.2.5Php Php 5.2.11Php Php 5.2.12Php Php 5.2.13Php Php 5.2.10Php Php 5.2.1Php Php 5.2.6Php Php 5.2.9Php Php 5.3.0Php Php 5.3.2Php Php 5.3.1
7.5
CVSSv2
CVE-2010-1868
The (1) sqlite_single_query and (2) sqlite_array_query functions in ext/sqlite/sqlite.c in PHP 5.2 up to and including 5.2.13 and 5.3 up to and including 5.3.2 allow context-dependent malicious users to execute arbitrary code by calling these functions with an empty SQL query, wh...
Php Php 5.2.5Php Php 5.2.8Php Php 5.2.13Php Php 5.2.0Php Php 5.2.1Php Php 5.2.2Php Php 5.2.3Php Php 5.2.9Php Php 5.2.10Php Php 5.2.11Php Php 5.2.12Php Php 5.2.4Php Php 5.2.6Php Php 5.3.0Php Php 5.3.2Php Php 5.3.1
5
CVSSv2
CVE-2010-1914
The Zend Engine in PHP 5.2 up to and including 5.2.13 and 5.3 up to and including 5.3.2 allows context-dependent malicious users to obtain sensitive information by interrupting the handler for the (1) ZEND_BW_XOR opcode (shift_left_function), (2) ZEND_SL opcode (bitwise_xor_funct...
Php Php 5.2.2Php Php 5.2.3Php Php 5.2.10Php Php 5.2.6Php Php 5.2.7Php Php 5.3.2Php Php 5.2.12Php Php 5.2.4Php Php 5.2.5Php Php 5.3.0Php Php 5.3.1Php Php 5.2.11Php Php 5.2.0Php Php 5.2.1Php Php 5.2.8Php Php 5.2.9
5
CVSSv2
CVE-2010-1915
The preg_quote function in PHP 5.2 up to and including 5.2.13 and 5.3 up to and including 5.3.2 allows context-dependent malicious users to obtain sensitive information (memory contents) by causing a userspace interruption of an internal function, related to the call time pass by...
Php Php 5.2.5Php Php 5.2.6Php Php 5.3.2Php Php 5.2.12Php Php 5.2.3Php Php 5.2.4Php Php 5.3.0Php Php 5.3.1Php Php 5.2.1Php Php 5.2.2Php Php 5.2.10Php Php 5.2.11Php Php 5.2.0Php Php 5.2.7Php Php 5.2.8Php Php 5.2.9
5
CVSSv2
CVE-2010-1917
Stack consumption vulnerability in PHP 5.2 up to and including 5.2.13 and 5.3 up to and including 5.3.2 allows context-dependent malicious users to cause a denial of service (PHP crash) via a crafted first argument to the fnmatch function, as demonstrated using a long string.
Php Php 5.2.3Php Php 5.2.4Php Php 5.2.12Php Php 5.2.13Php Php 5.2.0Php Php 5.2.1Php Php 5.2.2Php Php 5.2.10Php Php 5.2.11Php Php 5.2.5Php Php 5.2.6Php Php 5.2.8Php Php 5.2.9Php Php 5.3.0Php Php 5.3.1Php Php 5.3.2
5
CVSSv2
CVE-2010-1860
The html_entity_decode function in PHP 5.2 up to and including 5.2.13 and 5.3 up to and including 5.3.2 allows context-dependent malicious users to obtain sensitive information (memory contents) or trigger memory corruption by causing a userspace interruption of an internal call,...
Php Php 5.2.6Php Php 5.2.8Php Php 5.2.2Php Php 5.2.3Php Php 5.2.11Php Php 5.2.12Php Php 5.2.13Php Php 5.2.4Php Php 5.2.5Php Php 5.2.0Php Php 5.2.1Php Php 5.2.9Php Php 5.2.10Php Php 5.3.1Php Php 5.3.2Php Php 5.3.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654CVE-2024-2757authentication bypassCVE-2024-3194CVE-2024-33640CVE-2024-21111dosinsecure direct object referenceCVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook