This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:php:php:5.3.9:rc1
Detail
VendorPhpFirst view 2012-02-10
ProductPhpLast view2019-03-08
Version5.3.9TypeApplication
Edition 
Language 
Updaterc1 
 
CPE Productcpe:/a:php:php

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
 DateAlertAccess VectorAccess ComplexityAuthentication
7.52019-03-08CVE-2019-9641NetworkLowNone Requ...
52019-03-08CVE-2019-9639NetworkLowNone Requ...
52019-03-08CVE-2019-9638NetworkLowNone Requ...
52019-03-08CVE-2019-9637NetworkLowNone Requ...
52019-02-22CVE-2019-9024NetworkLowNone Requ...
Hide | Show 20 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
7.52019-02-22CVE-2019-9023NetworkLowNone Requ...
7.52019-02-22CVE-2019-9021NetworkLowNone Requ...
7.52019-02-22CVE-2019-9020NetworkLowNone Requ...
6.82019-01-26CVE-2019-6977NetworkMediumNone Requ...
52018-12-07CVE-2018-19935NetworkLowNone Requ...
52018-08-03CVE-2018-14883NetworkLowNone Requ...
4.32018-08-02CVE-2018-14851NetworkMediumNone Requ...
6.82018-04-29CVE-2018-10549NetworkMediumNone Requ...
52018-04-29CVE-2018-10548NetworkLowNone Requ...
4.32018-04-29CVE-2018-10547NetworkMediumNone Requ...
52018-04-29CVE-2018-10546NetworkLowNone Requ...
1.92018-04-29CVE-2018-10545LocalMediumNone Requ...
6.82018-02-19CVE-2015-9253NetworkLowRequires ...
52018-02-09CVE-2016-10712NetworkLowNone Requ...
52017-11-07CVE-2017-16642NetworkLowNone Requ...
7.52017-08-17CVE-2017-12933NetworkLowNone Requ...
4.32017-08-02CVE-2017-7890NetworkMediumNone Requ...
6.82017-07-25CVE-2017-11628NetworkMediumNone Requ...
6.42017-07-10CVE-2017-11147NetworkLowNone Requ...

CWE : Common Weakness Enumeration

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
%idName
26% (49)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
15% (28)CWE-20Improper Input Validation
8% (15)CWE-189Numeric Errors
7% (14)CWE-125Out-of-bounds Read
5% (10)CWE-416Use After Free
Hide | Show 21 More...
%idName
4% (9)CWE-200Information Exposure
4% (9)CWE-190Integer Overflow or Wraparound
4% (8)CWE-476NULL Pointer Dereference
3% (6)CWE-787Out-of-bounds Write
2% (5)CWE-399Resource Management Errors
2% (5)CWE-264Permissions, Privileges, and Access Controls
1% (3)CWE-400Uncontrolled Resource Consumption ('Resource Exhaustion')
1% (3)CWE-19Data Handling
1% (2)CWE-502Deserialization of Untrusted Data
1% (2)CWE-284Access Control (Authorization) Issues
1% (2)CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting')
1% (2)CWE-74Failure to Sanitize Data into a Different Plane ('Injection')
1% (2)CWE-22Improper Limitation of a Pathname to a Restricted Directory ('Path ...
0% (1)CWE-754Improper Check for Unusual or Exceptional Conditions
0% (1)CWE-415Double Free
0% (1)CWE-310Cryptographic Issues
0% (1)CWE-254Security Features
0% (1)CWE-89Improper Sanitization of Special Elements used in an SQL Command ('...
0% (1)CWE-78Improper Sanitization of Special Elements used in an OS Command ('O...
0% (1)CWE-59Improper Link Resolution Before File Access ('Link Following')

Oval Markup Language : Definitions

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalIDName
oval:org.mitre.oval:def:29107HP-UX Apache Server Suite running Apache Tomcat or PHP, Remote Denial of Ser...
oval:org.mitre.oval:def:19358HP-UX Apache Web Server running PHP, Remote Execution of Arbitrary Code, Pri...
oval:org.mitre.oval:def:18140DSA-2465-1 php5 - several
oval:org.mitre.oval:def:21035RHSA-2013:1050: php53 security update (Critical)
oval:org.mitre.oval:def:20931RHSA-2013:1049: php security update (Critical)
Hide | Show 20 More...
idName
oval:org.mitre.oval:def:18965DSA-2723-1 php5 - heap corruption
oval:org.mitre.oval:def:24124ELSA-2013:1049: php security update (Critical)
oval:org.mitre.oval:def:23414ELSA-2013:1050: php53 security update (Critical)
oval:org.mitre.oval:def:23370DEPRECATED: ELSA-2013:1049: php security update (Critical)
oval:org.mitre.oval:def:25866SUSE-SU-2013:1285-2 -- Security update for PHP5
oval:org.mitre.oval:def:25802SUSE-SU-2013:1317-1 -- Security update for PHP5
oval:org.mitre.oval:def:25747SUSE-SU-2013:1316-1 -- Security update for PHP5
oval:org.mitre.oval:def:25298SUSE-SU-2013:1285-1 -- Security update for PHP5
oval:org.mitre.oval:def:27533DEPRECATED: ELSA-2013-1050 -- php53 security update (critical)
oval:org.mitre.oval:def:27441DEPRECATED: ELSA-2013-1049 -- php security update (critical)
oval:org.mitre.oval:def:21114RHSA-2013:1307: php53 security, bug fix and enhancement update (Moderate)
oval:org.mitre.oval:def:18927USN-1937-1 -- php5 vulnerability
oval:org.mitre.oval:def:18760DSA-2742-1 php5 - interpretation conflict
oval:org.mitre.oval:def:23222ELSA-2013:1307: php53 security, bug fix and enhancement update (Moderate)
oval:org.mitre.oval:def:25611SUSE-SU-2014:0063-1 -- Security update for PHP5
oval:org.mitre.oval:def:25595SUSE-SU-2014:0064-1 -- Security update for PHP5
oval:org.mitre.oval:def:25081SUSE-SU-2014:0062-1 -- Security update for PHP5
oval:org.mitre.oval:def:26232SUSE-SU-2014:0873-1 -- Security update for PHP5
oval:org.mitre.oval:def:27044RHSA-2013:1615 -- php security, bug fix, and enhancement update (Moderate)
oval:org.mitre.oval:def:27442ELSA-2013-1615 -- php security, bug fix, and enhancement update (moderate)

SAINT Exploits

DescriptionLink
PHP CGI Query String Parameters Command ExecutionMore info here

ExploitDB Exploits

idDescription
30395PHP openssl_x509_parse() - Memory Corruption Vulnerability
29290Apache / PHP 5.x Remote Code Execution Exploit
25986Plesk Apache Zeroday Remote Exploit
18836PHP CGI Argument Injection Exploit
18834PHP CGI Argument Injection

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2012-12-13Name : SuSE Update for update openSUSE-SU-2012:0426-1 (update)
File : nvt/gb_suse_2012_0426_1.nasl
2012-12-13Name : SuSE Update for update openSUSE-SU-2012:0590-1 (update)
File : nvt/gb_suse_2012_0590_1.nasl
2012-10-03Name : Gentoo Security Advisory GLSA 201209-24 (PostgreSQL)
File : nvt/glsa_201209_24.nasl
2012-09-26Name : Gentoo Security Advisory GLSA 201209-03 (php)
File : nvt/glsa_201209_03.nasl
2012-09-25Name : Mac OS X v10.6.8 Multiple Vulnerabilities (2012-004)
File : nvt/gb_macosx_su12-004.nasl
Hide | Show 20 More...
idDescription
2012-09-24Name : PHP 'main/SAPI.c' HTTP Header Injection Vulnerability
File : nvt/gb_php_http_header_injection_vuln_win.nasl
2012-09-22Name : Ubuntu Update for php5 USN-1569-1
File : nvt/gb_ubuntu_USN_1569_1.nasl
2012-09-19Name : FreeBSD Ports: php5-sqlite
File : nvt/freebsd_php5-sqlite.nasl
2012-09-10Name : Slackware Advisory SSA:2012-204-01 php
File : nvt/esoft_slk_ssa_2012_204_01.nasl
2012-09-07Name : FreeBSD Ports: php5
File : nvt/freebsd_php519.nasl
2012-08-30Name : Fedora Update for maniadrive FEDORA-2012-7628
File : nvt/gb_fedora_2012_7628_maniadrive_fc17.nasl
2012-08-30Name : Fedora Update for php FEDORA-2012-7628
File : nvt/gb_fedora_2012_7628_php_fc17.nasl
2012-08-30Name : Debian Security Advisory DSA 2527-1 (php5)
File : nvt/deb_2527_1.nasl
2012-08-30Name : Fedora Update for maniadrive FEDORA-2012-10936
File : nvt/gb_fedora_2012_10936_maniadrive_fc17.nasl
2012-08-30Name : Fedora Update for php FEDORA-2012-10936
File : nvt/gb_fedora_2012_10936_php_fc17.nasl
2012-08-30Name : Fedora Update for postgresql FEDORA-2012-8924
File : nvt/gb_fedora_2012_8924_postgresql_fc17.nasl
2012-08-30Name : Fedora Update for postgresql FEDORA-2012-12156
File : nvt/gb_fedora_2012_12156_postgresql_fc16.nasl
2012-08-30Name : Fedora Update for postgresql FEDORA-2012-12165
File : nvt/gb_fedora_2012_12165_postgresql_fc17.nasl
2012-08-30Name : Fedora Update for maniadrive FEDORA-2012-9490
File : nvt/gb_fedora_2012_9490_maniadrive_fc17.nasl
2012-08-30Name : Fedora Update for php FEDORA-2012-9490
File : nvt/gb_fedora_2012_9490_php_fc17.nasl
2012-08-30Name : Fedora Update for maniadrive FEDORA-2012-6869
File : nvt/gb_fedora_2012_6869_maniadrive_fc17.nasl
2012-08-30Name : Fedora Update for php FEDORA-2012-6869
File : nvt/gb_fedora_2012_6869_php_fc17.nasl
2012-08-27Name : PHP pdo_sql_parser.re 'PDO' extension DoS vulnerability (Windows)
File : nvt/gb_php_pdo_sql_parser_re_file_pdo_ext_dos_vuln_win.nasl
2012-08-10Name : Debian Security Advisory DSA 2491-1 (postgresql-8.4)
File : nvt/deb_2491_1.nasl
2012-08-10Name : Debian Security Advisory DSA 2492-1 (php5)
File : nvt/deb_2492_1.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2015-B-0108Multiple Vulnerabilities in PHP
Severity : Category I - VMSKEY : V0061365
2015-A-0199Multiple Vulnerabilities in Apple Mac OS X
Severity : Category I - VMSKEY : V0061337
2014-B-0086Multiple Vulnerabilities in PHP
Severity : Category I - VMSKEY : V0052897
2014-B-0021Multiple Vulnerabilities in PHP
Severity : Category I - VMSKEY : V0044541
2014-A-0030Apple Mac OS X Security Update 2014-001
Severity : Category I - VMSKEY : V0044547
Hide | Show 2 More...
idDescription
2013-A-0179Apple Mac OS X Security Update 2013-004
Severity : Category I - VMSKEY : V0040373
2013-B-0093Multiple Vulnerabilities in PHP
Severity : Category I - VMSKEY : V0040108

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
DateDescription
2019-05-07PHP gdImageColorMatch heap buffer overflow file download attempt
RuleID : 49673 - Type : SERVER-OTHER - Revision : 1
2019-05-07PHP gdImageColorMatch heap buffer overflow file upload attempt
RuleID : 49672 - Type : SERVER-OTHER - Revision : 1
2018-12-11CVE PHP infinite loop from use of stream filter and convert.iconv file upload...
RuleID : 48354 - Type : SERVER-WEBAPP - Revision : 2
2018-06-26PHP .phar cross site scripting attempt
RuleID : 46808 - Type : SERVER-WEBAPP - Revision : 2
2017-12-13PHP unserialize call SPL ArrayObject and SPLObjectStorage memory corruption a...
RuleID : 44749 - Type : SERVER-WEBAPP - Revision : 2
Hide | Show 20 More...
DateDescription
2017-12-13PHP unserialize call SPL ArrayObject and SPLObjectStorage memory corruption a...
RuleID : 44748 - Type : SERVER-WEBAPP - Revision : 2
2017-12-13PHP unserialize call SPL ArrayObject and SPLObjectStorage memory corruption a...
RuleID : 44747 - Type : SERVER-WEBAPP - Revision : 2
2017-12-13PHP unserialize call SPL ArrayObject and SPLObjectStorage memory corruption a...
RuleID : 44746 - Type : SERVER-WEBAPP - Revision : 2
2017-12-13PHP unserialize call SPL ArrayObject and SPLObjectStorage memory corruption a...
RuleID : 44745 - Type : SERVER-WEBAPP - Revision : 2
2017-12-13PHP unserialize call SPL ArrayObject and SPLObjectStorage memory corruption a...
RuleID : 44744 - Type : SERVER-WEBAPP - Revision : 2
2017-10-24PHP form-based file upload DoS attempt
RuleID : 44390 - Type : SERVER-WEBAPP - Revision : 2
2017-09-19PHP malformed quoted printable denial of service attempt
RuleID : 44001 - Type : SERVER-WEBAPP - Revision : 2
2017-08-23PHP core unserialize use after free attempt
RuleID : 43668 - Type : SERVER-WEBAPP - Revision : 2
2017-07-18Oniguruma expression parser out of bounds write attempt
RuleID : 43182 - Type : FILE-OTHER - Revision : 2
2017-07-18Oniguruma expression parser out of bounds write attempt
RuleID : 43181 - Type : FILE-OTHER - Revision : 2
2017-02-23PHP ZipArchive getFromIndex and getFromName integer overflow attempt
RuleID : 41384 - Type : SERVER-WEBAPP - Revision : 2
2017-02-23PHP ZipArchive getFromIndex and getFromName integer overflow attempt
RuleID : 41383 - Type : SERVER-WEBAPP - Revision : 2
2016-11-01PHP exif_process_IFD_in_MAKERNOTE out of bounds read attempt
RuleID : 40297 - Type : FILE-IMAGE - Revision : 3
2016-11-01PHP exif_process_IFD_in_MAKERNOTE out of bounds read attempt
RuleID : 40296 - Type : FILE-IMAGE - Revision : 2
2016-11-01PHP exif_process_IFD_in_MAKERNOTE out of bounds read attempt
RuleID : 40295 - Type : FILE-IMAGE - Revision : 2
2016-11-01PHP exif_process_IFD_in_MAKERNOTE out of bounds read attempt
RuleID : 40294 - Type : FILE-IMAGE - Revision : 2
2016-10-20PHP exif_process_user_comment null pointer dereference attempt
RuleID : 40248 - Type : FILE-IMAGE - Revision : 3
2016-10-20PHP exif_process_user_comment null pointer dereference attempt
RuleID : 40247 - Type : FILE-IMAGE - Revision : 2
2016-10-20PHP exif_process_user_comment null pointer dereference attempt
RuleID : 40246 - Type : FILE-IMAGE - Revision : 3
2016-10-20PHP exif_process_user_comment null pointer dereference attempt
RuleID : 40245 - Type : FILE-IMAGE - Revision : 2

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2019-01-14Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2019-1147.nasl - Type : ACT_GATHER_INFO
2019-01-03Name : The remote Fedora host is missing a security update.
File : fedora_2018-ee6707d519.nasl - Type : ACT_GATHER_INFO
2019-01-03Name : The remote Fedora host is missing a security update.
File : fedora_2018-7ebfe1e6f2.nasl - Type : ACT_GATHER_INFO
2019-01-03Name : The remote Fedora host is missing a security update.
File : fedora_2018-dfe1f0bac6.nasl - Type : ACT_GATHER_INFO
2018-12-17Name : The remote Debian host is missing a security update.
File : debian_DLA-1608.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2018-12-11Name : The remote Debian host is missing a security-related update.
File : debian_DSA-4353.nasl - Type : ACT_GATHER_INFO
2018-12-03Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201812-01.nasl - Type : ACT_GATHER_INFO
2018-10-26Name : The remote EulerOS Virtualization host is missing a security update.
File : EulerOS_SA-2018-1325.nasl - Type : ACT_GATHER_INFO
2018-09-27Name : The remote EulerOS host is missing a security update.
File : EulerOS_SA-2018-1309.nasl - Type : ACT_GATHER_INFO
2018-09-27Name : The remote EulerOS host is missing a security update.
File : EulerOS_SA-2018-1310.nasl - Type : ACT_GATHER_INFO
2018-09-18Name : The remote EulerOS Virtualization host is missing a security update.
File : EulerOS_SA-2018-1249.nasl - Type : ACT_GATHER_INFO
2018-09-04Name : The remote Debian host is missing a security update.
File : debian_DLA-1490.nasl - Type : ACT_GATHER_INFO
2018-08-24Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2018-1066.nasl - Type : ACT_GATHER_INFO
2018-08-24Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2018-1067.nasl - Type : ACT_GATHER_INFO
2018-08-17Name : The remote PhotonOS host is missing multiple security updates.
File : PhotonOS_PHSA-2017-0021.nasl - Type : ACT_GATHER_INFO
2018-08-17Name : The remote PhotonOS host is missing multiple security updates.
File : PhotonOS_PHSA-2017-0029.nasl - Type : ACT_GATHER_INFO
2018-08-10Name : The remote EulerOS host is missing a security update.
File : EulerOS_SA-2018-1224.nasl - Type : ACT_GATHER_INFO
2018-07-06Name : The remote Debian host is missing a security-related update.
File : debian_DSA-4240.nasl - Type : ACT_GATHER_INFO
2018-07-03Name : The remote EulerOS host is missing a security update.
File : EulerOS_SA-2018-1217.nasl - Type : ACT_GATHER_INFO
2018-06-27Name : The remote Debian host is missing a security update.
File : debian_DLA-1397.nasl - Type : ACT_GATHER_INFO
2018-05-24Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL75543432.nasl - Type : ACT_GATHER_INFO
2018-05-17Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2018-136-02.nasl - Type : ACT_GATHER_INFO
2018-05-11Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2018-1019.nasl - Type : ACT_GATHER_INFO
2018-05-10Name : The remote Debian host is missing a security update.
File : debian_DLA-1373.nasl - Type : ACT_GATHER_INFO
2018-05-04Name : The remote Fedora host is missing a security update.
File : fedora_2018-04f6056c42.nasl - Type : ACT_GATHER_INFO