Published: 05/05/2008 Updated: 11/10/2018

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 890

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Subscribe to Php

The escapeshellcmd API function in PHP prior to 5.2.6 has unknown impact and context-dependent attack vectors related to "incomplete multibyte chars."

Vulnerable Product	Search on Vulmon	Subscribe to Product
php php 5.0.1
php php 5.0.2
php php 5.1.3
php php 5.1.4
php php 5.2.4
php php
php php 5.0.0
php php 5.1.1
php php 5.1.2
php php 5.2.2
php php 5.2.3
php php 5.0.3
php php 5.0.4
php php 5.1.5
php php 5.1.6
php php 5.0.5
php php 5.1.0
php php 5.2.0
php php 5.2.1

It was discovered that PHP did not properly check the length of the string parameter to the fnmatch function An attacker could cause a denial of service in the PHP interpreter if a script passed untrusted input to the fnmatch function (CVE-2007-4782) ...

Several vulnerabilities have been discovered in PHP version 4, a server-side, HTML-embedded scripting language The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2007-3799 The session_start function allows remote attackers to insert arbitrary attributes into the session cookie via special characters ...

NVD-CWE-noinfo http://www.php.net/ChangeLog-5.php http://www.openwall.com/lists/oss-security/2008/05/02/2 http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0176 https://issues.rpath.com/browse/RPL-2503 http://www.debian.org/security/2008/dsa-1578 http://www.securityfocus.com/bid/29009 http://secunia.com/advisories/30048 http://secunia.com/advisories/30288 http://secunia.com/advisories/30345 http://secunia.com/advisories/31119 http://www.mandriva.com/security/advisories?name=MDVSA-2008:128 http://secunia.com/advisories/31200 http://www.mandriva.com/security/advisories?name=MDVSA-2008:125 http://secunia.com/advisories/31124 http://secunia.com/advisories/30411 http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00773.html http://www.redhat.com/support/errata/RHSA-2008-0545.html http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0178 http://www.mandriva.com/security/advisories?name=MDVSA-2008:126 http://www.redhat.com/support/errata/RHSA-2008-0582.html http://www.redhat.com/support/errata/RHSA-2008-0546.html https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00779.html http://secunia.com/advisories/30828 http://www.mandriva.com/security/advisories?name=MDVSA-2008:127 http://secunia.com/advisories/30967 http://www.ubuntu.com/usn/usn-628-1 http://www.redhat.com/support/errata/RHSA-2008-0505.html http://secunia.com/advisories/30757 http://secunia.com/advisories/31326 http://www.redhat.com/support/errata/RHSA-2008-0544.html http://secunia.com/advisories/30158 http://www.debian.org/security/2008/dsa-1572 http://secunia.com/advisories/30083 http://www.vupen.com/english/advisories/2008/1412 http://www.vupen.com/english/advisories/2008/2268 http://secunia.com/advisories/32746 http://security.gentoo.org/glsa/glsa-200811-05.xml http://www.slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.488951 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10256 http://www.securityfocus.com/archive/1/492671/100/0/threaded http://www.securityfocus.com/archive/1/492535/100/0/threaded https://usn.ubuntu.com/628-1/https://nvd.nist.gov

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook