10 matches found
SUSE CVE-2007-1521
Double free vulnerability in PHP before 4.4.7, and 5.x before 5.2.2, allows context-dependent attackers to execute arbitrary code by interrupting the sessionregenerateid function, as demonstrated by calling a userspace error handler or triggering a memory limit violation...
Gentoo Security Advisory GLSA 200705-19 (php)
The remote host is missing updates announced in advisory GLSA 200705-19. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Debian: Security Advisory (DSA-1282-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 6.06 LTS / 6.10 / 7.04 : php5 vulnerabilities (USN-455-1)
Stefan Esser discovered multiple vulnerabilities in the 'Month of PHP bugs'. The substrcompare function did not sufficiently verify its length argument. This might be exploited to read otherwise unaccessible memory, which might lead to information disclosure. CVE-2007-1375 The shared memory shmop...
openSUSE 10 Security Update : apache2-mod_php5 (apache2-mod_php5-3289)
This Update fixes numerous vulnerabilities in PHP. Most of them were made public during the 'Month of PHP Bugs'. The vulnerabilities potentially lead to crashes, information leaks or even execution of malicious code. CVE-2007-1380, CVE-2007-0988, CVE-2007-1375, CVE-2007-1454 CVE-2007-1453,...
Mac OS X Multiple Vulnerabilities (Security Update 2007-007)
The remote host is running a version of Mac OS X 10.4 or 10.3 which does not have the security update 2007-007 applied. This update contains several security fixes for the following programs : - bzip2 - CFNetwork - CoreAudio - cscope - gnuzip - iChat - Kerberos - mDNSResponder - PDFKit - PHP -...
USN-455-1: PHP vulnerabilities
Stefan Esser discovered multiple vulnerabilities in the "Month of PHP bugs". The substrcompare function did not sufficiently verify its length argument. This might be exploited to read otherwise unaccessible memory, which might lead to information disclosure. CVE-2007-1375 The shared memory shmop...
[SECURITY] [DSA 1282-1] New php4 packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 1282-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff April 26th, 2006 http://www.debian.org/security/faq -...
DSA-1282-1 php4
Bulletin has no description...
CVE-2007-1521
CVE-2007-1521 is a PHP double-free vulnerability that affects PHP 4.x and 5.x (before 4.4.7 and 5.2.2). The issue allows context-dependent attackers to cause arbitrary code execution by interrupting session_regenerate_id (e.g., via a userspace error handler or memory-limit violation). Public deta...