Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php php 5.3.3 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-0831
PHP prior to 5.3.10 does not properly perform a temporary change to the magic_quotes_gpc directive during the importing of environment variables, which makes it easier for remote malicious users to conduct SQL injection attacks via a crafted request, related to main/php_variables...
Php Php
NA
CVE-2011-0420
The grapheme_extract function in the Internationalization extension (Intl) for ICU for PHP 5.3.5 allows context-dependent malicious users to cause a denial of service (crash) via an invalid size argument, which triggers a NULL pointer dereference.
Php Php 5.3.5
2 EDB exploits
NA
CVE-2012-0781
The tidy_diagnose function in PHP 5.3.8 might allow remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via crafted input to an application that attempts to perform Tidy::diagnose operations on invalid objects, a different vulnerab...
Php Php 5.3.8
1 EDB exploit
NA
CVE-2011-1657
The (1) ZipArchive::addGlob and (2) ZipArchive::addPattern functions in ext/zip/php_zip.c in PHP 5.3.6 allow context-dependent malicious users to cause a denial of service (application crash) via certain flags arguments, as demonstrated by (a) GLOB_ALTDIRFUNC and (b) GLOB_APPEND.
Php Php 5.3.6
NA
CVE-2011-4153
PHP 5.3.8 does not always check the return value of the zend_strndup function, which might allow remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via crafted input to an application that performs strndup operations on untrusted ...
Php Php 5.3.8
1 EDB exploit
NA
CVE-2011-0441
The Debian GNU/Linux /etc/cron.d/php5 cron job for PHP 5.3.5 allows local users to delete arbitrary files via a symlink attack on a directory under /var/lib/php5/.
Php Php 5.3.5
NA
CVE-2010-2531
The var_export function in PHP 5.2 prior to 5.2.14 and 5.3 prior to 5.3.3 flushes the output buffer to the user when certain fatal errors occur, even if display_errors is off, which allows remote malicious users to obtain sensitive information by causing the application to exceed...
Php Php
Debian Debian Linux 5.0
Debian Debian Linux 6.0
NA
CVE-2011-2483
crypt_blowfish prior to 1.1, as used in PHP prior to 5.3.7 on certain platforms, PostgreSQL prior to 8.4.9, and other products, does not properly handle 8-bit characters, which makes it easier for context-dependent malicious users to determine a cleartext password by leveraging k...
Php Php
Postgresql Postgresql
Openwall Crypt Blowfish
1 Github repository
NA
CVE-2011-4566
Integer overflow in the exif_process_IFD_TAG function in exif.c in the exif extension in PHP 5.4.0beta2 on 32-bit platforms allows remote malicious users to read the contents of arbitrary memory locations or cause a denial of service via a crafted offset_val value in an EXIF head...
Php Php 5.4.0
Php Php
Debian Debian Linux 5.0
Debian Debian Linux 7.0
Debian Debian Linux 6.0
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 11.04
Canonical Ubuntu Linux 11.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 10.04
NA
CVE-2010-3436
fopen_wrappers.c in PHP 5.3.x up to and including 5.3.3 might allow remote malicious users to bypass open_basedir restrictions via vectors related to the length of a filename.
Php Php
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 9.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 6.06
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-3611
CVE-2024-4947
CVE-2024-32988
CVE-2020-35165
local file inclusion
CVE-2024-4980
bypass
malicious code
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »