Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 5.3.2 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-0708
exif.c in the Exif extension in PHP prior to 5.3.6 on 64-bit platforms performs an incorrect cast, which allows remote malicious users to cause a denial of service (application crash) via an image with a crafted Image File Directory (IFD) that triggers a buffer over-read.
Php Php 4.0.2
Php Php 4.0.3
Php Php 5.3.0
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.0
Php Php 4.1.0
Php Php 4.2.2
Php Php 4.2.3
Php Php 4.3.3
Php Php 4.3.4
Php Php 4.4.1
Php Php 4.4.2
Php Php 3.0.11
Php Php 3.0.10
Php Php 3.0.4
Php Php 3.0.3
Php Php 3.0.8
Php Php 3.0.5
Php Php 5.2.13
Php Php 5.2.11
Php Php 5.2.14
1 EDB exploit
NA
CVE-2011-1148
Use-after-free vulnerability in the substr_replace function in PHP 5.3.6 and previous versions allows context-dependent malicious users to cause a denial of service (memory corruption) or possibly have unspecified other impact by using the same variable for multiple arguments.
Php Php 5.3.0
Php Php 4.0.3
Php Php 4.0.4
Php Php 4.0
Php Php 4.1.0
Php Php 4.2.2
Php Php 4.2.3
Php Php 4.3.2
Php Php 4.3.3
Php Php 4.4.1
Php Php 4.4.2
Php Php 4.4.9
Php Php 3.0.11
Php Php 3.0.18
Php Php 3.0.4
Php Php 3.0.8
Php Php 3.0.5
Php Php 5.3.5
Php Php
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.2.1
NA
CVE-2011-1153
Multiple format string vulnerabilities in phar_object.c in the phar extension in PHP 5.3.5 and previous versions allow context-dependent malicious users to obtain sensitive information from process memory, cause a denial of service (memory corruption), or possibly execute arbitra...
Php Php 4.3.3
Php Php 4.3.6
Php Php 4.4.7
Php Php 5.0.0
Php Php 5.2.8
Php Php 4.4.0
Php Php 5.0.4
Php Php 5.2.9
Php Php 5.0.3
Php Php 5.1.6
Php Php 5.2.0
Php Php 2.0
Php Php 4.4.8
Php Php 3.0.10
Php Php 3.0.13
Php Php 3.0.3
Php Php 3.0.15
Php Php 3.0.8
Php Php 3.0.5
Php Php 4.0.6
Php Php 4.0.5
Php Php 5.2.14
NA
CVE-2011-1092
Integer overflow in ext/shmop/shmop.c in PHP prior to 5.3.6 allows context-dependent malicious users to cause a denial of service (crash) and possibly read sensitive memory via a large third argument to the shmop_read function.
Php Php 5.3.1
Php Php 5.3.2
Php Php 4.0.6
Php Php 4.0.7
Php Php 4.1.1
Php Php 4.1.2
Php Php 4.3.0
Php Php 4.0.2
Php Php 4.0.3
Php Php 4.0
Php Php 4.0.0
Php Php 4.0.1
Php Php 4.2.0
Php Php 4.3.1
Php Php 4.3.10
Php Php 4.3.7
Php Php 4.3.8
Php Php 4.4.5
Php Php 4.4.6
Php Php 3.0.1
Php Php 3.0
Php Php 3.0.17
1 EDB exploit
NA
CVE-2011-0753
Race condition in the PCNTL extension in PHP prior to 5.3.4, when a user-defined signal handler exists, might allow context-dependent malicious users to cause a denial of service (memory corruption) via a large number of concurrent signals.
Php Php 4.0.2
Php Php 4.0.3
Php Php 4.0
Php Php 4.2.1
Php Php 4.2.2
Php Php 4.3.11
Php Php 4.3.2
Php Php 4.3.9
Php Php 4.4.0
Php Php 4.4.8
Php Php 4.4.9
Php Php 5.3.2
Php Php 4.0.6
Php Php 4.0.7
Php Php 5.3.0
Php Php 5.3.1
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.1.0
Php Php 4.2.3
Php Php 4.3.3
Php Php 4.3.4
NA
CVE-2011-0754
The SplFileInfo::getType function in the Standard PHP Library (SPL) extension in PHP prior to 5.3.4 on Windows does not properly detect symbolic links, which might make it easier for local users to conduct symlink attacks by leveraging cross-platform differences in the stat struc...
Php Php 3.0.14
Php Php 3.0.3
Php Php 4.0.1
Php Php 4.0.6
Php Php 4.0
Php Php 4.3.0
Php Php 4.3.4
Php Php 4.3.6
Php Php 4.4.6
Php Php 4.4.7
Php Php 3.0.13
Php Php 3.0.15
Php Php 4.4.4
Php Php 4.3.3
Php Php 1.0
Php Php 2.0
Php Php 3.0.7
Php Php 4.0.2
Php Php 4.2.1
Php Php 4.2.2
Php Php 4.2.0
Php Php 4.3.10
NA
CVE-2011-0755
Integer overflow in the mt_rand function in PHP prior to 5.3.4 might make it easier for context-dependent malicious users to predict the return values by leveraging a script's use of a large max parameter, as demonstrated by a value that exceeds mt_getrandmax.
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.0.3
Php Php 4.0
Php Php 4.2.1
Php Php 4.3.11
Php Php 4.3.2
Php Php 4.3.9
Php Php 4.4.0
Php Php 4.4.7
Php Php 4.4.8
Php Php 3.0.2
Php Php 3.0.18
Php Php 3.0.9
Php Php 3.0.7
Php Php
Php Php 5.2.9
Php Php 5.2.6
Php Php 5.2.8
Php Php 5.2.16
Php Php 5.2.7
Php Php 5.1.4
NA
CVE-2006-7243
PHP prior to 5.3.4 accepts the \0 character in a pathname, which might allow context-dependent malicious users to bypass intended access restrictions by placing a safe file extension after this character, as demonstrated by .php\0.jpg at the end of the argument to the file_exists...
Php Php 5.3.0
Php Php 4.0.3
Php Php 4.0.4
Php Php 4.0
Php Php 4.1.0
Php Php 4.2.2
Php Php 4.2.3
Php Php 4.3.2
Php Php 4.3.3
Php Php 4.4.1
Php Php 4.4.2
Php Php 4.4.9
Php Php 3.0.11
Php Php 3.0.18
Php Php 3.0.4
Php Php 3.0.8
Php Php 3.0.5
Php Php 5.2.12
Php Php 5.2.10
Php Php 5.2.8
Php Php 5.2.3
Php Php 5.2.4
2 Articles
NA
CVE-2010-4698
Stack-based buffer overflow in the GD extension in PHP prior to 5.2.15 and 5.3.x prior to 5.3.4 allows context-dependent malicious users to cause a denial of service (application crash) via a large number of anti-aliasing steps in an argument to the imagepstext function.
Php Php 5.2.12
Php Php 5.2.10
Php Php 5.2.1
Php Php 5.2.2
Php Php 5.2.0
Php Php 5.2.4
Php Php 5.3.1
Php Php 5.3.2
Php Php 5.2.3
Php Php 5.2.14
Php Php 5.2.13
Php Php 5.2.11
Php Php 5.3.3
Php Php 5.3.0
NA
CVE-2010-4699
The iconv_mime_decode_headers function in the Iconv extension in PHP prior to 5.3.4 does not properly handle encodings that are unrecognized by the iconv and mbstring (aka Multibyte String) implementations, which allows remote malicious users to trigger an incomplete output array...
Php Php 5.3.1
Php Php 5.3.2
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.0
Php Php 4.0.0
Php Php 4.0.7
Php Php 4.2.0
Php Php 4.3.1
Php Php 4.3.7
Php Php 4.3.8
Php Php 4.4.5
Php Php 4.4.6
Php Php 3.0.12
Php Php 3.0.1
Php Php 3.0.17
Php Php 3.0.16
Php Php 2.0
Php Php 1.0
Php Php 5.2.5
Php Php 5.2.0
Php Php 5.2.17
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »