7.5

CVE-2006-5465

Buffer overflow in PHP before 5.2.0 allows remote attackers to execute arbitrary code via crafted UTF-8 inputs to the (1) htmlentities or (2) htmlspecialchars functions.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
PhpPhp Version <= 5.1.6
PhpPhp Version5.0 Updaterc1
PhpPhp Version5.0 Updaterc2
PhpPhp Version5.0 Updaterc3
PhpPhp Version5.0.0
PhpPhp Version5.0.1
PhpPhp Version5.0.2
PhpPhp Version5.0.3
PhpPhp Version5.0.4
PhpPhp Version5.0.5
PhpPhp Version5.1.0
PhpPhp Version5.1.1
PhpPhp Version5.1.2
PhpPhp Version5.1.3
PhpPhp Version5.1.4
PhpPhp Version5.1.5
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 7.51% 0.937
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
ftp://patches.sgi.com/support/free/security/advisories/20061101-01-P
http://secunia.com/advisories/22929
http://www.turbolinux.com/security/2006/TLSA-2006-38.txt
http://secunia.com/advisories/22713
http://www.debian.org/security/2006/dsa-1206
http://docs.info.apple.com/article.html?artnum=304829
http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html
http://secunia.com/advisories/23155
http://www.us-cert.gov/cas/techalerts/TA06-333A.html
US Government Resource
http://www.vupen.com/english/advisories/2006/4750
http://rhn.redhat.com/errata/RHSA-2006-0736.html
http://secunia.com/advisories/23247
http://secunia.com/advisories/22685
http://www.trustix.org/errata/2006/0061/
http://issues.rpath.com/browse/RPL-761
http://secunia.com/advisories/22653
http://secunia.com/advisories/22688
http://secunia.com/advisories/22693
http://secunia.com/advisories/22753
http://secunia.com/advisories/22759
http://secunia.com/advisories/22779
http://secunia.com/advisories/22881
http://secunia.com/advisories/23139
http://secunia.com/advisories/24606
http://secunia.com/advisories/25047
http://security.gentoo.org/glsa/glsa-200703-21.xml
http://securitytracker.com/id?1017152
http://securitytracker.com/id?1017296
http://support.avaya.com/elmodocs2/security/ASA-2006-245.htm
http://www.cisco.com/en/US/products/products_security_response09186a008082c4fe.html
http://www.cisco.com/warp/public/707/cisco-air-20070425-http.shtml
http://www.hardened-php.net/advisory_132006.138.html
http://www.mandriva.com/security/advisories?name=MDKSA-2006:196
http://www.novell.com/linux/security/advisories/2006_67_php.html
http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.028.html
http://www.php.net/releases/5_2_0.php
http://www.redhat.com/support/errata/RHSA-2006-0730.html
http://www.redhat.com/support/errata/RHSA-2006-0731.html
http://www.securityfocus.com/archive/1/450431/100/0/threaded
http://www.securityfocus.com/archive/1/451098/100/0/threaded
http://www.securityfocus.com/archive/1/453024/100/0/threaded
http://www.securityfocus.com/bid/20879
http://www.ubuntu.com/usn/usn-375-1
http://www.vupen.com/english/advisories/2006/4317
http://www.vupen.com/english/advisories/2006/4749
http://www.vupen.com/english/advisories/2007/1546
https://exchange.xforce.ibmcloud.com/vulnerabilities/29971
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10240