[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

249966

 
 

909

 
 

195636

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2006-5465Date: (C)2006-11-03   (M)2023-12-22


Buffer overflow in PHP before 5.2.0 allows remote attackers to execute arbitrary code via crafted UTF-8 inputs to the (1) htmlentities or (2) htmlspecialchars functions.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.5
Exploit Score: 10.0
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
SECTRACK-1017152
SECTRACK-1017296
2006-0061
20061101-01-P
http://www.securityfocus.com/archive/1/archive/1/450431/100/0/threaded
http://www.securityfocus.com/archive/1/archive/1/451098/100/0/threaded
http://www.securityfocus.com/archive/1/archive/1/453024/100/0/threaded
http://www.cisco.com/warp/public/707/cisco-air-20070425-http.shtml
http://www.cisco.com/en/US/products/products_security_response09186a008082c4fe.html
BID-20879
SECUNIA-22653
SECUNIA-22685
SECUNIA-22688
SECUNIA-22693
SECUNIA-22713
SECUNIA-22753
SECUNIA-22759
SECUNIA-22779
SECUNIA-22881
SECUNIA-22929
SECUNIA-23139
SECUNIA-23155
SECUNIA-23247
SECUNIA-24606
SECUNIA-25047
ADV-2006-4317
ADV-2006-4749
ADV-2006-4750
ADV-2007-1546
APPLE-SA-2006-11-28
DSA-1206
GLSA-200703-21
MDKSA-2006:196
OpenPKG-SA-2006.028
RHSA-2006:0730
RHSA-2006:0731
RHSA-2006:0736
SUSE-SA:2006:067
TA06-333A
TLSA-2006-38
USN-375-1
http://docs.info.apple.com/article.html?artnum=304829
http://issues.rpath.com/browse/RPL-761
http://support.avaya.com/elmodocs2/security/ASA-2006-245.htm
http://www.hardened-php.net/advisory_132006.138.html
http://www.php.net/releases/5_2_0.php
php-htmlentities-bo(29971)

CPE    13
cpe:/a:php:php:5.1
cpe:/a:php:php:5.0.0
cpe:/a:php:php:5.0.5
cpe:/a:php:php:5.1.4
...

© SecPod Technologies