This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Php First view 2012-05-21
Product Php Last view 2020-09-09
Version 5.3.15 Type Application
Update -  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:php:php

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
3.6 2020-09-09 CVE-2020-7068

In PHP versions 7.2.x below 7.2.23, 7.3.x below 7.3.21 and 7.4.x below 7.4.9, while processing PHAR files using phar extension, phar_parse_zipfile could be tricked into accessing freed memory, which could lead to a crash or information disclosure.

7.5 2020-09-03 CVE-2020-11579

An issue was discovered in Chadha PHPKB 9.0 Enterprise Edition. installer/test-connection.php (part of the installation process) allows a remote unauthenticated attacker to disclose local files on hosts running PHP before 7.2.16, or on hosts where the MySQL ALLOW LOCAL DATA INFILE option is enabled.

5.3 2020-05-20 CVE-2019-11048

In PHP versions 7.2.x below 7.2.31, 7.3.x below 7.3.18 and 7.4.x below 7.4.6, when HTTP file uploads are allowed, supplying overly long filenames or field names could lead PHP engine to try to allocate oversized memory storage, hit the memory limit and stop processing the request, without cleaning up temporary files created by upload request. This potentially could lead to accumulation of uncleaned temporary files exhausting the disk space on the target server.

7.5 2020-04-27 CVE-2020-7067

In PHP versions 7.2.x below 7.2.30, 7.3.x below 7.3.17 and 7.4.x below 7.4.5, if PHP is compiled with EBCDIC support (uncommon), urldecode() function can be made to access locations past the allocated memory, due to erroneously using signed numbers as array indexes.

4.3 2020-04-01 CVE-2020-7066

In PHP versions 7.2.x below 7.2.29, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using get_headers() with user-supplied URL, if the URL contains zero (\0) character, the URL will be silently truncated at it. This may cause some software to make incorrect assumptions about the target of the get_headers() and possibly send some information to a wrong server.

8.8 2020-04-01 CVE-2020-7065

In PHP versions 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using mb_strtolower() function with UTF-32LE encoding, certain invalid strings could cause PHP to overwrite stack-allocated buffer. This could lead to memory corruption, crashes and potentially code execution.

5.4 2020-04-01 CVE-2020-7064

In PHP versions 7.2.x below 7.2.9, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while parsing EXIF data with exif_read_data() function, it is possible for malicious data to cause PHP to read one byte of uninitialized memory. This could potentially lead to information disclosure or crash.

5.3 2020-02-27 CVE-2020-7063

In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when creating PHAR archive using PharData::buildFromIterator() function, the files are added with default permissions (0666, or all access) even if the original files on the filesystem were with more restrictive permissions. This may result in files having more lax permissions than intended when such archive is extracted.

7.5 2020-02-27 CVE-2020-7062

In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when using file upload functionality, if upload progress tracking is enabled, but session.upload_progress.cleanup is set to 0 (disabled), and the file upload fails, the upload procedure would try to clean up data that does not exist and encounter null pointer dereference, which would likely lead to a crash.

9.1 2020-02-27 CVE-2020-7061

In PHP versions 7.3.x below 7.3.15 and 7.4.x below 7.4.3, while extracting PHAR files on Windows using phar extension, certain content inside PHAR file could lead to one-byte read past the allocated buffer. This could potentially lead to information disclosure or crash.

9.8 2020-02-19 CVE-2014-3622

Use-after-free vulnerability in the add_post_var function in the Posthandler component in PHP 5.6.x before 5.6.1 might allow remote attackers to execute arbitrary code by leveraging a third-party filter extension that accesses a certain ksep value.

9.1 2020-02-10 CVE-2020-7060

When using certain mbstring functions to convert multibyte encodings, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause function mbfl_filt_conv_big5_wchar to read past the allocated buffer. This may lead to information disclosure or crash.

9.1 2020-02-10 CVE-2020-7059

When using fgetss() function to read data with stripping tags, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause this function to read past the allocated buffer. This may lead to information disclosure or crash.

8.8 2020-01-15 CVE-2015-6497

The create function in app/code/core/Mage/Catalog/Model/Product/Api/V2.php in Magento Community Edition (CE) before 1.9.2.1 and Enterprise Edition (EE) before 1.14.2.1, when used with PHP before 5.4.24 or 5.5.8, allows remote authenticated users to execute arbitrary PHP code via the productData parameter to index.php/api/v2_soap.

6.5 2019-12-23 CVE-2019-11050

When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.

9.8 2019-12-23 CVE-2019-11049

In PHP versions 7.3.x below 7.3.13 and 7.4.0 on Windows, when supplying custom headers to mail() function, due to mistake introduced in commit 78f4b4a2dcf92ddbccea1bb95f8390a18ac3342e, if the header is supplied in lowercase, this can result in double-freeing certain memory locations.

6.5 2019-12-23 CVE-2019-11047

When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.

7.5 2019-12-23 CVE-2019-11046

In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP bcmath extension functions on some systems, including Windows, can be tricked into reading beyond the allocated space by supplying it with string containing characters that are identified as numeric by the OS but aren't ASCII numbers. This can read to disclosure of the content of some memory locations.

5.9 2019-12-23 CVE-2019-11045

In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP DirectoryIterator class accepts filenames with embedded \0 byte and treats them as terminating at that byte. This could lead to security vulnerabilities, e.g. in applications checking paths that the code is allowed to access.

7.5 2019-12-23 CVE-2019-11044

In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 on Windows, PHP link() function accepts filenames with embedded \0 byte and treats them as terminating at that byte. This could lead to security vulnerabilities, e.g. in applications checking paths that the code is allowed to access.

7.5 2019-11-25 CVE-2019-19246

Oniguruma through 6.9.3, as used in PHP 7.3.x and other products, has a heap-based buffer over-read in str_lower_case_match in regexec.c.

7.5 2019-11-13 CVE-2010-4657

PHP5 before 5.4.4 allows passing invalid utf-8 strings via the xmlTextWriterWriteAttribute, which are then misparsed by libxml2. This results in memory leak into the resulting output.

9.8 2019-10-28 CVE-2019-11043

In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.

7.1 2019-08-09 CVE-2019-11042

When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.

7.1 2019-08-09 CVE-2019-11041

When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.

CWE : Common Weakness Enumeration

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
%idName
25% (61) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
12% (29) CWE-125 Out-of-bounds Read
11% (28) CWE-20 Improper Input Validation
5% (14) CWE-416 Use After Free
5% (14) CWE-189 Numeric Errors
5% (13) CWE-190 Integer Overflow or Wraparound
4% (11) CWE-476 NULL Pointer Dereference
4% (11) CWE-200 Information Exposure
3% (9) CWE-787 Out-of-bounds Write
2% (5) CWE-264 Permissions, Privileges, and Access Controls
1% (4) CWE-399 Resource Management Errors
1% (4) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
1% (4) CWE-19 Data Handling
1% (3) CWE-502 Deserialization of Untrusted Data
0% (2) CWE-415 Double Free
0% (2) CWE-400 Uncontrolled Resource Consumption ('Resource Exhaustion')
0% (2) CWE-284 Access Control (Authorization) Issues
0% (2) CWE-74 Failure to Sanitize Data into a Different Plane ('Injection')
0% (2) CWE-59 Improper Link Resolution Before File Access ('Link Following')
0% (2) CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path ...
0% (1) CWE-772 Missing Release of Resource after Effective Lifetime
0% (1) CWE-770 Allocation of Resources Without Limits or Throttling
0% (1) CWE-754 Improper Check for Unusual or Exceptional Conditions
0% (1) CWE-681 Incorrect Conversion between Numeric Types
0% (1) CWE-384 Session Fixation

SAINT Exploits

Description Link
Horde Imp Unauthenticated Remote Command Execution More info here

ExploitDB Exploits

id Description
30395 PHP openssl_x509_parse() - Memory Corruption Vulnerability

OpenVAS Exploits

id Description
2012-05-23 Name : PHP 'com_print_typeinfo()' Remote Code Execution Vulnerability (Windows)
File : nvt/secpod_php_typeinfo_code_exec_vuln.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2015-B-0108 Multiple Vulnerabilities in PHP
Severity: Category I - VMSKEY: V0061365
2015-A-0199 Multiple Vulnerabilities in Apple Mac OS X
Severity: Category I - VMSKEY: V0061337
2014-B-0086 Multiple Vulnerabilities in PHP
Severity: Category I - VMSKEY: V0052897
2014-B-0021 Multiple Vulnerabilities in PHP
Severity: Category I - VMSKEY: V0044541
2014-A-0030 Apple Mac OS X Security Update 2014-001
Severity: Category I - VMSKEY: V0044547
2013-A-0179 Apple Mac OS X Security Update 2013-004
Severity: Category I - VMSKEY: V0040373
2013-B-0093 Multiple Vulnerabilities in PHP
Severity: Category I - VMSKEY: V0040108

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2020-07-30 PHP php_strip_tags_ex function out-of-bounds read attempt
RuleID : 54406 - Type : SERVER-WEBAPP - Revision : 1
2020-07-30 PHP php_strip_tags_ex function out-of-bounds read attempt
RuleID : 54405 - Type : SERVER-WEBAPP - Revision : 1
2020-01-14 PHP malformed quoted printable denial of service attempt
RuleID : 52454 - Type : SERVER-WEBAPP - Revision : 1
2019-12-10 PHP FPM env_path_info buffer underflow attempt
RuleID : 52123 - Type : SERVER-WEBAPP - Revision : 1
2019-11-19 PHP tag depth heap memory corruption attempt
RuleID : 51930 - Type : SERVER-WEBAPP - Revision : 1
2019-10-23 PHP http fopen stack buffer overflow attempt
RuleID : 51578 - Type : SERVER-WEBAPP - Revision : 1
2019-05-07 PHP gdImageColorMatch heap buffer overflow file download attempt
RuleID : 49673 - Type : SERVER-OTHER - Revision : 1
2019-05-07 PHP gdImageColorMatch heap buffer overflow file upload attempt
RuleID : 49672 - Type : SERVER-OTHER - Revision : 1
2018-12-11 CVE PHP infinite loop from use of stream filter and convert.iconv file upload...
RuleID : 48354 - Type : SERVER-WEBAPP - Revision : 2
2018-06-26 PHP .phar cross site scripting attempt
RuleID : 46808 - Type : SERVER-WEBAPP - Revision : 2
2017-12-13 PHP unserialize call SPL ArrayObject and SPLObjectStorage memory corruption a...
RuleID : 44749 - Type : SERVER-WEBAPP - Revision : 2
2017-12-13 PHP unserialize call SPL ArrayObject and SPLObjectStorage memory corruption a...
RuleID : 44748 - Type : SERVER-WEBAPP - Revision : 2
2017-12-13 PHP unserialize call SPL ArrayObject and SPLObjectStorage memory corruption a...
RuleID : 44747 - Type : SERVER-WEBAPP - Revision : 2
2017-12-13 PHP unserialize call SPL ArrayObject and SPLObjectStorage memory corruption a...
RuleID : 44746 - Type : SERVER-WEBAPP - Revision : 2
2017-12-13 PHP unserialize call SPL ArrayObject and SPLObjectStorage memory corruption a...
RuleID : 44745 - Type : SERVER-WEBAPP - Revision : 2
2017-12-13 PHP unserialize call SPL ArrayObject and SPLObjectStorage memory corruption a...
RuleID : 44744 - Type : SERVER-WEBAPP - Revision : 2
2017-10-24 PHP form-based file upload DoS attempt
RuleID : 44390 - Type : SERVER-WEBAPP - Revision : 2
2017-09-19 PHP malformed quoted printable denial of service attempt
RuleID : 44001 - Type : SERVER-WEBAPP - Revision : 2
2017-08-23 PHP core unserialize use after free attempt
RuleID : 43668 - Type : SERVER-WEBAPP - Revision : 2
2017-07-18 Oniguruma expression parser out of bounds write attempt
RuleID : 43182 - Type : FILE-OTHER - Revision : 2
2017-07-18 Oniguruma expression parser out of bounds write attempt
RuleID : 43181 - Type : FILE-OTHER - Revision : 2
2017-03-28 PHP Exception Handling remote denial of service attempt
RuleID : 41690 - Type : SERVER-OTHER - Revision : 2
2017-03-28 PHP Exception Handling remote denial of service attempt
RuleID : 41689 - Type : SERVER-OTHER - Revision : 2
2017-02-23 PHP ZipArchive getFromIndex and getFromName integer overflow attempt
RuleID : 41384 - Type : SERVER-WEBAPP - Revision : 2
2017-02-23 PHP ZipArchive getFromIndex and getFromName integer overflow attempt
RuleID : 41383 - Type : SERVER-WEBAPP - Revision : 2

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2019-01-14 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2019-1147.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-1aeac808ce.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-791c3cfe21.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-7ebfe1e6f2.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-b6072889db.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-dfe1f0bac6.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-ee6707d519.nasl - Type: ACT_GATHER_INFO
2018-12-17 Name: The remote Debian host is missing a security update.
File: debian_DLA-1608.nasl - Type: ACT_GATHER_INFO
2018-12-11 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-4353.nasl - Type: ACT_GATHER_INFO
2018-12-03 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201812-01.nasl - Type: ACT_GATHER_INFO
2018-10-26 Name: The remote EulerOS Virtualization host is missing a security update.
File: EulerOS_SA-2018-1325.nasl - Type: ACT_GATHER_INFO
2018-10-19 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2018-1090.nasl - Type: ACT_GATHER_INFO
2018-09-27 Name: The remote EulerOS host is missing a security update.
File: EulerOS_SA-2018-1309.nasl - Type: ACT_GATHER_INFO
2018-09-27 Name: The remote EulerOS host is missing a security update.
File: EulerOS_SA-2018-1310.nasl - Type: ACT_GATHER_INFO
2018-09-24 Name: The remote Fedora host is missing a security update.
File: fedora_2018-25100b492c.nasl - Type: ACT_GATHER_INFO
2018-09-20 Name: The remote Debian host is missing a security update.
File: debian_DLA-1509.nasl - Type: ACT_GATHER_INFO
2018-09-18 Name: The remote EulerOS Virtualization host is missing a security update.
File: EulerOS_SA-2018-1249.nasl - Type: ACT_GATHER_INFO
2018-09-04 Name: The remote Debian host is missing a security update.
File: debian_DLA-1490.nasl - Type: ACT_GATHER_INFO
2018-08-24 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2018-1066.nasl - Type: ACT_GATHER_INFO
2018-08-24 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2018-1067.nasl - Type: ACT_GATHER_INFO
2018-08-17 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2017-0021.nasl - Type: ACT_GATHER_INFO
2018-08-17 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2017-0029.nasl - Type: ACT_GATHER_INFO
2018-08-10 Name: The remote EulerOS host is missing a security update.
File: EulerOS_SA-2018-1224.nasl - Type: ACT_GATHER_INFO
2018-07-06 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-4240.nasl - Type: ACT_GATHER_INFO
2018-07-03 Name: The remote EulerOS host is missing a security update.
File: EulerOS_SA-2018-1217.nasl - Type: ACT_GATHER_INFO