96 matches found
CVE-2009-1990
CVE-2009-1990 affects Oracle Application Server BI Enterprise Edition (Business Intelligence Enterprise Edition component) in Oracle Application Server 10.1.3.4.1. The Oracle CPU/Oracle Application Server risk matrix lists this as a local vulnerability with confidentiality impact Partial and no e...
Gentoo Security Advisory GLSA 200605-08 (php)
The remote host is missing updates announced in advisory GLSA 200605-08. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2008-1990
creationtimestamp| type| source ---|---|--- 2008-04-20 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/5478...
openSUSE 10 Security Update : php5 (php5-1590)
This update fixes the following security issues: - invalid charactes in session names were not blocked - a bug in zendhashdel allowed attackers to prevent unsetting of some variables - bugs in the substrcompare and wordwrap function could crash php CVE-2006-1991, CVE-2006-1990 - a memory leak in...
CVE-2007-1990
The provided connected documents confirm a PHP remote file inclusion vulnerability in Sam Crew MyBlog (games.php) affecting versions 1.0–1.6. The flaw allows an attacker to retrieve arbitrary PHP code execution by supplying a crafted URL parameter (scoreid in CVE-2007-1968/2007-1990 entries; also...
Moderate: Red Hat Security Advisory: php security update
Updated PHP packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web...
Mandrake Linux Security Advisory : php (MDKSA-2006:091)
An integer overflow in the wordwrap function could allow attackers to execute arbitrary code via certain long arguments that cause a small buffer to be allocated, triggering a heap-based buffer overflow CVE-2006-1990. The substrcompare function in PHP 5.x and 4.4.2 could allow attackers to cause ...
php security update
CentOS Errata and Security Advisory CESA-2006:0501-02 Updated PHP packages that fix multiple security issues are now available for Red Hat Enterprise Linux 2.1. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting...
Moderate: Red Hat Security Advisory: php security update
Updated PHP packages that fix multiple security issues are now available for Red Hat Enterprise Linux 2.1. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server...
CVE-2006-1990
CVE-2006-1990 affects PHP 4.4.2 and 5.1.2 and is caused by an integer overflow in the wordwrap function in string.c, leading to a heap-based buffer overflow in memcpy. This vulnerability could allow context-dependent attackers to execute arbitrary code. Connected documents reference PHP4/PHP5 adv...
CVE-2005-1990
CVE-2005-1990 affects Internet Explorer 5.0, 5.5, and 6.0. The vulnerability arises from improper instantiation of certain COM objects as ActiveX controls, causing a buffer/memory corruption in the host process and potentially enabling command execution or a crash. Affected components include a s...
MS05-038: Cumulative Security Update for Internet Explorer (896727)
The remote host contains a version of the Internet Explorer that is vulnerable to multiple security flaws JPEG Rendering, Web Folder, COM Object that could allow an attacker to execute arbitrary code on the remote host by constructing a malicious web page and entice a victim to visit this web pag...
CVE-2002-1990
Vulnerability summary: CVE-2002-1990 affects Resin 2.0.5 through 2.1.2. The issue allows remote attackers to reveal physical path information by requesting the example Java class HelloServlet, enabling partial information disclosure. The available sources (NVD/Red Hat/CVE listings) confirm the af...
CVE-2004-1990
Aldo's Web Server (aweb) 1.5 is affected by an information-disclosure vulnerability. Remote attackers can cause the server to reveal the full path and the user running the aweb process via an arbitrary character in a malformed request. Root cause is associated with handling of malformed requests ...
CVE-2004-1990
Aldo's Web Server aweb 1.5 allows remote attackers to gain sensitive information via an arbitrary character, which reveals the full path and the user running the aweb process, possibly due to a malformed request...
CVE-2002-1990
Resin 2.0.5 through 2.1.2 allows remote attackers to reveal physical path information via a URL request for the example Java class file HelloServlet...