Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-9eh9-q3yg-57e9
Vulnerability ID VCID-9eh9-q3yg-57e9
Aliases CVE-2006-5465
Summary PHP contains several vulnerabilities including a heap buffer overflow, potentially leading to the remote execution of arbitrary code under certain conditions.
Status Published
Exploitability 0.5
Weighted Severity 6.8
Risk 3.4
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.41876 https://api.first.org/data/v1/epss?cve=CVE-2006-5465
epss 0.41876 https://api.first.org/data/v1/epss?cve=CVE-2006-5465
epss 0.41876 https://api.first.org/data/v1/epss?cve=CVE-2006-5465
epss 0.41876 https://api.first.org/data/v1/epss?cve=CVE-2006-5465
epss 0.41876 https://api.first.org/data/v1/epss?cve=CVE-2006-5465
epss 0.41876 https://api.first.org/data/v1/epss?cve=CVE-2006-5465
epss 0.41876 https://api.first.org/data/v1/epss?cve=CVE-2006-5465
epss 0.41876 https://api.first.org/data/v1/epss?cve=CVE-2006-5465
epss 0.41876 https://api.first.org/data/v1/epss?cve=CVE-2006-5465
epss 0.41876 https://api.first.org/data/v1/epss?cve=CVE-2006-5465
epss 0.41876 https://api.first.org/data/v1/epss?cve=CVE-2006-5465
epss 0.41876 https://api.first.org/data/v1/epss?cve=CVE-2006-5465
cvssv2 7.5 https://nvd.nist.gov/vuln/detail/CVE-2006-5465
Reference id Reference type URL
ftp://patches.sgi.com/support/free/security/advisories/20061101-01-P
http://docs.info.apple.com/article.html?artnum=304829
http://issues.rpath.com/browse/RPL-761
http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html
http://rhn.redhat.com/errata/RHSA-2006-0736.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-5465.json
https://api.first.org/data/v1/epss?cve=CVE-2006-5465
http://secunia.com/advisories/22653
http://secunia.com/advisories/22685
http://secunia.com/advisories/22688
http://secunia.com/advisories/22693
http://secunia.com/advisories/22713
http://secunia.com/advisories/22753
http://secunia.com/advisories/22759
http://secunia.com/advisories/22779
http://secunia.com/advisories/22881
http://secunia.com/advisories/22929
http://secunia.com/advisories/23139
http://secunia.com/advisories/23155
http://secunia.com/advisories/23247
http://secunia.com/advisories/24606
http://secunia.com/advisories/25047
http://security.gentoo.org/glsa/glsa-200703-21.xml
http://securitytracker.com/id?1017152
http://securitytracker.com/id?1017296
https://exchange.xforce.ibmcloud.com/vulnerabilities/29971
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10240
http://support.avaya.com/elmodocs2/security/ASA-2006-245.htm
http://www.cisco.com/en/US/products/products_security_response09186a008082c4fe.html
http://www.cisco.com/warp/public/707/cisco-air-20070425-http.shtml
http://www.debian.org/security/2006/dsa-1206
http://www.hardened-php.net/advisory_132006.138.html
http://www.mandriva.com/security/advisories?name=MDKSA-2006:196
http://www.novell.com/linux/security/advisories/2006_67_php.html
http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.028.html
http://www.php.net/releases/5_2_0.php
http://www.redhat.com/support/errata/RHSA-2006-0730.html
http://www.redhat.com/support/errata/RHSA-2006-0731.html
http://www.securityfocus.com/archive/1/450431/100/0/threaded
http://www.securityfocus.com/archive/1/451098/100/0/threaded
http://www.securityfocus.com/archive/1/453024/100/0/threaded
http://www.securityfocus.com/bid/20879
http://www.trustix.org/errata/2006/0061/
http://www.turbolinux.com/security/2006/TLSA-2006-38.txt
http://www.ubuntu.com/usn/usn-375-1
http://www.us-cert.gov/cas/techalerts/TA06-333A.html
http://www.vupen.com/english/advisories/2006/4317
http://www.vupen.com/english/advisories/2006/4749
http://www.vupen.com/english/advisories/2006/4750
http://www.vupen.com/english/advisories/2007/1546
213732 https://bugzilla.redhat.com/show_bug.cgi?id=213732
cpe:2.3:a:php:php:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.0.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.0:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.0.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.0.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.2:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.0.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.3:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.0.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.4:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.0.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.5:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.0:rc1:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0:rc1:*:*:*:*:*:*
cpe:2.3:a:php:php:5.0:rc2:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0:rc2:*:*:*:*:*:*
cpe:2.3:a:php:php:5.0:rc3:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0:rc3:*:*:*:*:*:*
cpe:2.3:a:php:php:5.1.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.1.0:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.1.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.1.1:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.1.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.1.2:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.1.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.1.3:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.1.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.1.4:*:*:*:*:*:*:*
cpe:2.3:a:php:php:5.1.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.1.5:*:*:*:*:*:*:*
CVE-2006-5465 https://nvd.nist.gov/vuln/detail/CVE-2006-5465
GLSA-200703-21 https://security.gentoo.org/glsa/200703-21
RHSA-2006:0730 https://access.redhat.com/errata/RHSA-2006:0730
RHSA-2006:0731 https://access.redhat.com/errata/RHSA-2006:0731
RHSA-2006:0736 https://access.redhat.com/errata/RHSA-2006:0736
USN-375-1 https://usn.ubuntu.com/375-1/
No exploits are available.
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2006-5465
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.974
EPSS Score 0.41876
Published At April 1, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-04-01T13:01:36.711438+00:00 Gentoo Importer Import https://security.gentoo.org/glsa/200703-21 38.0.0