Search for packages
| purl | pkg:rpm/redhat/php@5.1.6-44?arch=el5_10 |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 10.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-2jhf-j64s-gygy
Aliases: CVE-2009-0689 |
Security researcher Alin Rad Pop of Secunia Research reported a heap-based buffer overflow in Mozilla's string to floating point number conversion routines. Using this vulnerability an attacker could craft some malicious JavaScript code containing a very long string to be converted to a floating point number which would result in improper memory allocation and the execution of an arbitrary memory location. This vulnerability could thus be leveraged by the attacker to run arbitrary code on a victim's computer.Update: The underlying flaw in the dtoa routines used by Mozilla appears to be essentially the same as that reported against the libc gdtoa routine by Maksymilian Arciemowicz. | There are no reported fixed by versions. |
|
VCID-c9kd-927x-5ket
Aliases: CVE-2006-7243 |
Multiple vulnerabilities were found in PHP, the worst of which leading to remote execution of arbitrary code. | There are no reported fixed by versions. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T15:00:11.564977+00:00 | RedHat Importer | Affected by | VCID-c9kd-927x-5ket | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-7243.json | 38.0.0 |
| 2026-04-01T14:57:28.999611+00:00 | RedHat Importer | Affected by | VCID-2jhf-j64s-gygy | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0689.json | 38.0.0 |