2 matches found
php: heap-based buffer over-read in DateInterval
A buffer over-read flaw was found in the way the DateInterval class parsed interval specifications. An attacker able to make a PHP application parse a specially crafted specification using DateInterval could possibly cause the PHP interpreter to crash...
MIT Kerberos 5 ksu may allow either the '-r' or '-l' time-interval parameter to overflow the stack with the characters ''d', 'h', 'm', or 's'
Overview Description From the reporter: Time-interval parsing for the "-r" and "-l" command-line options calls a library routine which uses sscanf"%d%d" and passes the address of an automatic int variable to correspond to the second %-sequence. But the % sequence needs an arbitrarily large string...