This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Php First view 2012-05-21
Product Php Last view 2020-05-20
Version 5.3.14 Type Application
Update -  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:php:php

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
5.3 2020-05-20 CVE-2019-11048

In PHP versions 7.2.x below 7.2.31, 7.3.x below 7.3.18 and 7.4.x below 7.4.6, when HTTP file uploads are allowed, supplying overly long filenames or field names could lead PHP engine to try to allocate oversized memory storage, hit the memory limit and stop processing the request, without cleaning up temporary files created by upload request. This potentially could lead to accumulation of uncleaned temporary files exhausting the disk space on the target server.

7.5 2020-04-27 CVE-2020-7067

In PHP versions 7.2.x below 7.2.30, 7.3.x below 7.3.17 and 7.4.x below 7.4.5, if PHP is compiled with EBCDIC support (uncommon), urldecode() function can be made to access locations past the allocated memory, due to erroneously using signed numbers as array indexes.

4.3 2020-04-01 CVE-2020-7066

In PHP versions 7.2.x below 7.2.29, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using get_headers() with user-supplied URL, if the URL contains zero (\0) character, the URL will be silently truncated at it. This may cause some software to make incorrect assumptions about the target of the get_headers() and possibly send some information to a wrong server.

8.8 2020-04-01 CVE-2020-7065

In PHP versions 7.3.x below 7.3.16 and 7.4.x below 7.4.34, while using mb_strtolower() function with UTF-32LE encoding, certain invalid strings could cause PHP to overwrite stack-allocated buffer. This could lead to memory corruption, crashes and potentially code execution.

5.4 2020-04-01 CVE-2020-7064

In PHP versions 7.2.x below 7.2.9, 7.3.x below 7.3.16 and 7.4.x below 7.4.34, while parsing EXIF data with exif_read_data() function, it is possible for malicious data to cause PHP to read one byte of uninitialized memory. This could potentially lead to information disclosure or crash.

5.3 2020-02-27 CVE-2020-7063

In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when creating PHAR archive using PharData::buildFromIterator() function, the files are added with default permissions (0666, or all access) even if the original files on the filesystem were with more restrictive permissions. This may result in files having more lax permissions than intended when such archive is extracted.

7.5 2020-02-27 CVE-2020-7062

In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when using file upload functionality, if upload progress tracking is enabled, but session.upload_progress.cleanup is set to 0 (disabled), and the file upload fails, the upload procedure would try to clean up data that does not exist and encounter null pointer dereference, which would likely lead to a crash.

9.1 2020-02-27 CVE-2020-7061

In PHP versions 7.3.x below 7.3.15 and 7.4.x below 7.4.3, while extracting PHAR files on Windows using phar extension, certain content inside PHAR file could lead to one-byte read past the allocated buffer. This could potentially lead to information disclosure or crash.

9.8 2020-02-19 CVE-2014-3622

Use-after-free vulnerability in the add_post_var function in the Posthandler component in PHP 5.6.x before 5.6.1 might allow remote attackers to execute arbitrary code by leveraging a third-party filter extension that accesses a certain ksep value.

9.1 2020-02-10 CVE-2020-7060

When using certain mbstring functions to convert multibyte encodings, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause function mbfl_filt_conv_big5_wchar to read past the allocated buffer. This may lead to information disclosure or crash.

9.1 2020-02-10 CVE-2020-7059

When using fgetss() function to read data with stripping tags, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause this function to read past the allocated buffer. This may lead to information disclosure or crash.

8.8 2020-01-15 CVE-2015-6497

The create function in app/code/core/Mage/Catalog/Model/Product/Api/V2.php in Magento Community Edition (CE) before 1.9.2.1 and Enterprise Edition (EE) before 1.14.2.1, when used with PHP before 5.4.24 or 5.5.8, allows remote authenticated users to execute arbitrary PHP code via the productData parameter to index.php/api/v2_soap.

6.5 2019-12-23 CVE-2019-11050

When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.

9.8 2019-12-23 CVE-2019-11049

In PHP versions 7.3.x below 7.3.13 and 7.4.0 on Windows, when supplying custom headers to mail() function, due to mistake introduced in commit 78f4b4a2dcf92ddbccea1bb95f8390a18ac3342e, if the header is supplied in lowercase, this can result in double-freeing certain memory locations.

6.5 2019-12-23 CVE-2019-11047

When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.

7.5 2019-12-23 CVE-2019-11046

In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP bcmath extension functions on some systems, including Windows, can be tricked into reading beyond the allocated space by supplying it with string containing characters that are identified as numeric by the OS but aren't ASCII numbers. This can read to disclosure of the content of some memory locations.

5.9 2019-12-23 CVE-2019-11045

In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP DirectoryIterator class accepts filenames with embedded \0 byte and treats them as terminating at that byte. This could lead to security vulnerabilities, e.g. in applications checking paths that the code is allowed to access.

7.5 2019-12-23 CVE-2019-11044

In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 on Windows, PHP link() function accepts filenames with embedded \0 byte and treats them as terminating at that byte. This could lead to security vulnerabilities, e.g. in applications checking paths that the code is allowed to access.

7.5 2019-11-25 CVE-2019-19246

Oniguruma through 6.9.3, as used in PHP 7.3.x and other products, has a heap-based buffer over-read in str_lower_case_match in regexec.c.

7.5 2019-11-13 CVE-2010-4657

PHP5 before 5.4.4 allows passing invalid utf-8 strings via the xmlTextWriterWriteAttribute, which are then misparsed by libxml2. This results in memory leak into the resulting output.

9.8 2019-10-28 CVE-2019-11043

In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.

7.1 2019-08-09 CVE-2019-11042

When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.

7.1 2019-08-09 CVE-2019-11041

When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.

7.5 2019-07-10 CVE-2017-7189

main/streams/xp_socket.c in PHP 7.x before 2017-03-07 misparses fsockopen calls, such as by interpreting fsockopen('127.0.0.1:80', 443) as if the address/port were 127.0.0.1:80:443, which is later truncated to 127.0.0.1:80. This behavior has a security risk if the explicitly provided port number (i.e., 443 in this example) is hardcoded into an application as a security policy, but the hostname argument (i.e., 127.0.0.1:80 in this example) is obtained from untrusted input.

9.1 2019-06-18 CVE-2019-11040

When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.

CWE : Common Weakness Enumeration

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
%idName
26% (62) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
12% (28) CWE-125 Out-of-bounds Read
11% (27) CWE-20 Improper Input Validation
6% (14) CWE-189 Numeric Errors
5% (13) CWE-416 Use After Free
5% (13) CWE-190 Integer Overflow or Wraparound
4% (11) CWE-476 NULL Pointer Dereference
4% (11) CWE-200 Information Exposure
3% (8) CWE-787 Out-of-bounds Write
2% (6) CWE-264 Permissions, Privileges, and Access Controls
1% (4) CWE-399 Resource Management Errors
1% (4) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
1% (4) CWE-19 Data Handling
1% (3) CWE-502 Deserialization of Untrusted Data
0% (2) CWE-415 Double Free
0% (2) CWE-400 Uncontrolled Resource Consumption ('Resource Exhaustion')
0% (2) CWE-284 Access Control (Authorization) Issues
0% (2) CWE-78 Improper Sanitization of Special Elements used in an OS Command ('O...
0% (2) CWE-74 Failure to Sanitize Data into a Different Plane ('Injection')
0% (2) CWE-59 Improper Link Resolution Before File Access ('Link Following')
0% (2) CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path ...
0% (1) CWE-772 Missing Release of Resource after Effective Lifetime
0% (1) CWE-770 Allocation of Resources Without Limits or Throttling
0% (1) CWE-754 Improper Check for Unusual or Exceptional Conditions
0% (1) CWE-681 Incorrect Conversion between Numeric Types

SAINT Exploits

Description Link
Horde Imp Unauthenticated Remote Command Execution More info here

ExploitDB Exploits

id Description
30395 PHP openssl_x509_parse() - Memory Corruption Vulnerability

OpenVAS Exploits

id Description
2012-09-26 Name : Gentoo Security Advisory GLSA 201209-03 (php)
File : nvt/glsa_201209_03.nasl
2012-09-25 Name : Mac OS X v10.6.8 Multiple Vulnerabilities (2012-004)
File : nvt/gb_macosx_su12-004.nasl
2012-09-22 Name : Ubuntu Update for php5 USN-1569-1
File : nvt/gb_ubuntu_USN_1569_1.nasl
2012-09-19 Name : FreeBSD Ports: php5-sqlite
File : nvt/freebsd_php5-sqlite.nasl
2012-09-10 Name : Slackware Advisory SSA:2012-204-01 php
File : nvt/esoft_slk_ssa_2012_204_01.nasl
2012-08-30 Name : Debian Security Advisory DSA 2527-1 (php5)
File : nvt/deb_2527_1.nasl
2012-08-30 Name : Fedora Update for maniadrive FEDORA-2012-10936
File : nvt/gb_fedora_2012_10936_maniadrive_fc17.nasl
2012-08-30 Name : Fedora Update for php FEDORA-2012-10936
File : nvt/gb_fedora_2012_10936_php_fc17.nasl
2012-08-10 Name : FreeBSD Ports: php5
File : nvt/freebsd_php518.nasl
2012-08-06 Name : Fedora Update for maniadrive FEDORA-2012-10908
File : nvt/gb_fedora_2012_10908_maniadrive_fc16.nasl
2012-08-06 Name : Fedora Update for php-eaccelerator FEDORA-2012-10908
File : nvt/gb_fedora_2012_10908_php-eaccelerator_fc16.nasl
2012-08-06 Name : Fedora Update for php FEDORA-2012-10908
File : nvt/gb_fedora_2012_10908_php_fc16.nasl
2012-07-26 Name : Mandriva Update for php MDVSA-2012:108 (php)
File : nvt/gb_mandriva_MDVSA_2012_108.nasl
2012-05-23 Name : PHP 'com_print_typeinfo()' Remote Code Execution Vulnerability (Windows)
File : nvt/secpod_php_typeinfo_code_exec_vuln.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2015-B-0108 Multiple Vulnerabilities in PHP
Severity: Category I - VMSKEY: V0061365
2015-A-0199 Multiple Vulnerabilities in Apple Mac OS X
Severity: Category I - VMSKEY: V0061337
2014-B-0086 Multiple Vulnerabilities in PHP
Severity: Category I - VMSKEY: V0052897
2014-B-0021 Multiple Vulnerabilities in PHP
Severity: Category I - VMSKEY: V0044541
2014-A-0030 Apple Mac OS X Security Update 2014-001
Severity: Category I - VMSKEY: V0044547
2013-A-0179 Apple Mac OS X Security Update 2013-004
Severity: Category I - VMSKEY: V0040373
2013-B-0093 Multiple Vulnerabilities in PHP
Severity: Category I - VMSKEY: V0040108

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2020-01-14 PHP malformed quoted printable denial of service attempt
RuleID : 52454 - Type : SERVER-WEBAPP - Revision : 1
2019-12-10 PHP FPM env_path_info buffer underflow attempt
RuleID : 52123 - Type : SERVER-WEBAPP - Revision : 1
2019-11-19 PHP tag depth heap memory corruption attempt
RuleID : 51930 - Type : SERVER-WEBAPP - Revision : 1
2019-10-23 PHP http fopen stack buffer overflow attempt
RuleID : 51578 - Type : SERVER-WEBAPP - Revision : 1
2019-05-07 PHP gdImageColorMatch heap buffer overflow file download attempt
RuleID : 49673 - Type : SERVER-OTHER - Revision : 1
2019-05-07 PHP gdImageColorMatch heap buffer overflow file upload attempt
RuleID : 49672 - Type : SERVER-OTHER - Revision : 1
2018-12-11 CVE PHP infinite loop from use of stream filter and convert.iconv file upload...
RuleID : 48354 - Type : SERVER-WEBAPP - Revision : 2
2018-06-26 PHP .phar cross site scripting attempt
RuleID : 46808 - Type : SERVER-WEBAPP - Revision : 2
2017-12-13 PHP unserialize call SPL ArrayObject and SPLObjectStorage memory corruption a...
RuleID : 44749 - Type : SERVER-WEBAPP - Revision : 2
2017-12-13 PHP unserialize call SPL ArrayObject and SPLObjectStorage memory corruption a...
RuleID : 44748 - Type : SERVER-WEBAPP - Revision : 2
2017-12-13 PHP unserialize call SPL ArrayObject and SPLObjectStorage memory corruption a...
RuleID : 44747 - Type : SERVER-WEBAPP - Revision : 2
2017-12-13 PHP unserialize call SPL ArrayObject and SPLObjectStorage memory corruption a...
RuleID : 44746 - Type : SERVER-WEBAPP - Revision : 2
2017-12-13 PHP unserialize call SPL ArrayObject and SPLObjectStorage memory corruption a...
RuleID : 44745 - Type : SERVER-WEBAPP - Revision : 2
2017-12-13 PHP unserialize call SPL ArrayObject and SPLObjectStorage memory corruption a...
RuleID : 44744 - Type : SERVER-WEBAPP - Revision : 2
2017-10-24 PHP form-based file upload DoS attempt
RuleID : 44390 - Type : SERVER-WEBAPP - Revision : 2
2017-09-19 PHP malformed quoted printable denial of service attempt
RuleID : 44001 - Type : SERVER-WEBAPP - Revision : 2
2017-08-23 PHP core unserialize use after free attempt
RuleID : 43668 - Type : SERVER-WEBAPP - Revision : 2
2017-07-18 Oniguruma expression parser out of bounds write attempt
RuleID : 43182 - Type : FILE-OTHER - Revision : 2
2017-07-18 Oniguruma expression parser out of bounds write attempt
RuleID : 43181 - Type : FILE-OTHER - Revision : 2
2017-03-28 PHP Exception Handling remote denial of service attempt
RuleID : 41690 - Type : SERVER-OTHER - Revision : 2
2017-03-28 PHP Exception Handling remote denial of service attempt
RuleID : 41689 - Type : SERVER-OTHER - Revision : 2
2017-02-23 PHP ZipArchive getFromIndex and getFromName integer overflow attempt
RuleID : 41384 - Type : SERVER-WEBAPP - Revision : 2
2017-02-23 PHP ZipArchive getFromIndex and getFromName integer overflow attempt
RuleID : 41383 - Type : SERVER-WEBAPP - Revision : 2
2016-11-01 PHP exif_process_IFD_in_MAKERNOTE out of bounds read attempt
RuleID : 40297 - Type : FILE-IMAGE - Revision : 3
2016-11-01 PHP exif_process_IFD_in_MAKERNOTE out of bounds read attempt
RuleID : 40296 - Type : FILE-IMAGE - Revision : 2

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2019-01-14 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2019-1147.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-1aeac808ce.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-791c3cfe21.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-7ebfe1e6f2.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-b6072889db.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-dfe1f0bac6.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-ee6707d519.nasl - Type: ACT_GATHER_INFO
2018-12-17 Name: The remote Debian host is missing a security update.
File: debian_DLA-1608.nasl - Type: ACT_GATHER_INFO
2018-12-11 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-4353.nasl - Type: ACT_GATHER_INFO
2018-12-03 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201812-01.nasl - Type: ACT_GATHER_INFO
2018-10-26 Name: The remote EulerOS Virtualization host is missing a security update.
File: EulerOS_SA-2018-1325.nasl - Type: ACT_GATHER_INFO
2018-10-19 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2018-1090.nasl - Type: ACT_GATHER_INFO
2018-09-27 Name: The remote EulerOS host is missing a security update.
File: EulerOS_SA-2018-1309.nasl - Type: ACT_GATHER_INFO
2018-09-27 Name: The remote EulerOS host is missing a security update.
File: EulerOS_SA-2018-1310.nasl - Type: ACT_GATHER_INFO
2018-09-24 Name: The remote Fedora host is missing a security update.
File: fedora_2018-25100b492c.nasl - Type: ACT_GATHER_INFO
2018-09-20 Name: The remote Debian host is missing a security update.
File: debian_DLA-1509.nasl - Type: ACT_GATHER_INFO
2018-09-18 Name: The remote EulerOS Virtualization host is missing a security update.
File: EulerOS_SA-2018-1249.nasl - Type: ACT_GATHER_INFO
2018-09-04 Name: The remote Debian host is missing a security update.
File: debian_DLA-1490.nasl - Type: ACT_GATHER_INFO
2018-08-24 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2018-1066.nasl - Type: ACT_GATHER_INFO
2018-08-24 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2018-1067.nasl - Type: ACT_GATHER_INFO
2018-08-17 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2017-0021.nasl - Type: ACT_GATHER_INFO
2018-08-17 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2017-0029.nasl - Type: ACT_GATHER_INFO
2018-08-10 Name: The remote EulerOS host is missing a security update.
File: EulerOS_SA-2018-1224.nasl - Type: ACT_GATHER_INFO
2018-07-06 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-4240.nasl - Type: ACT_GATHER_INFO
2018-07-03 Name: The remote EulerOS host is missing a security update.
File: EulerOS_SA-2018-1217.nasl - Type: ACT_GATHER_INFO