PEAR Archive_Tar 1.4.4 - PHP Object Injection

PEAR ArchiveTar 1.4.4 - PHP Object Injection PEAR ArchiveTar temptarname will be called in the destructor method. If another class with useful gadget is loaded, remote code execution may be possible. Steps to reproduce object injection and arbitrary file deletion: 1. Make sure that PHP & PEAR are...

PEAR Archive_Tar < 1.4.4 - PHP Object Injection

PEAR ArchiveTar temptarname will be called in the destructor method. If another class with useful gadget is loaded, remote code execution may be possible. Steps to reproduce object injection and arbitrary file deletion: 1. Make sure that PHP & PEAR are installed. 2. Download vulnerable PEAR...

PEAR Archive_Tar PHP Object Injection

PEAR ArchiveTar temptarname will be called in the destructor method. If another class with useful gadget is loaded, remote code execution may be possible. Steps to reproduce object injection and arbitrary file deletion: 1. Make sure that PHP & PEAR are installed. 2. Download vulnerable PEAR...

Updated php-phpmailer package fixes security vulnerability

Potential object injection vulnerability CVE-2018-19296...

MGASA-2019-0010 Updated php-phpmailer package fixes security vulnerability

Potential object injection vulnerability CVE-2018-19296...

Fedora 28 : php-phpmailer6 (2018-0f5e6e9957)

Version 6.0.6 - SECURITY Fix potential object injection vulnerability. CVE-2018-19296. Reported by Sehun Oh of cyberone.kr. - Added Tagalog translation, thanks to StoneArtz - Added Malagache translation, thanks to Hackinet - Updated Serbian translation, fixed incorrect language code, thanks to...

Fedora 29 : php-PHPMailer (2018-a2e9bd6eae)

Version 5.2.27 - SECURITY Fix potential object injection vulnerability. CVE-2018-19296. Reported by Sehun Oh of cyberone.kr. Note that the 5.2 branch is deprecated and will not receive security updates after 31st December 2018. Note that Tenable Network Security has extracted the preceding...

Fedora 28 : php-PHPMailer (2018-f73869d61e)

Version 5.2.27 - SECURITY Fix potential object injection vulnerability. CVE-2018-19296. Reported by Sehun Oh of cyberone.kr. Note that the 5.2 branch is deprecated and will not receive security updates after 31st December 2018. Note that Tenable Network Security has extracted the preceding...

DEBIAN-CVE-2018-1000888

PEAR ArchiveTar version 1.4.3 and earlier contains a CWE-502, CWE-915 vulnerability in the ArchiveTar class. There are several file operations with $vheader'filename' as parameter such as fileexists, isfile, isdir, etc. When extract is called without a specific prefix path, we can trigger...

CVE-2018-1000888

PEAR ArchiveTar version 1.4.3 and earlier contains a CWE-502, CWE-915 vulnerability in the ArchiveTar class. There are several file operations with $vheader'filename' as parameter such as fileexists, isfile, isdir, etc. When extract is called without a specific prefix path, we can trigger...

Arbitrary file deletion

PEAR ArchiveTar version 1.4.3 and earlier contains a CWE-502, CWE-915 vulnerability in the ArchiveTar class. There are several file operations with $vheader'filename' as parameter such as fileexists, isfile, isdir, etc. When extract is called without a specific prefix path, we can trigger...

UBUNTU-CVE-2018-1000888

PEAR ArchiveTar version 1.4.3 and earlier contains a CWE-502, CWE-915 vulnerability in the ArchiveTar class. There are several file operations with $vheader'filename' as parameter such as fileexists, isfile, isdir, etc. When extract is called without a specific prefix path, we can trigger...

CVE-2018-1000888

PEAR ArchiveTar version 1.4.3 and earlier contains a CWE-502, CWE-915 vulnerability in the ArchiveTar class. There are several file operations with $vheader'filename' as parameter such as fileexists, isfile, isdir, etc. When extract is called without a specific prefix path, we can trigger...

CVE-2018-1000888

CVE-2018-1000888 affects the PEAR Archive_Tar library (versions 1.4.3 and earlier). The vulnerability arises from unsafe file operations using $v_header['filename'] during extract, which can trigger phar:// based unserialization. This enables PHP object injection and can lead to destructor/wakeup...

CVE-2018-1000888

PEAR ArchiveTar version 1.4.3 and earlier contains a CWE-502, CWE-915 vulnerability in the ArchiveTar class. There are several file operations with $vheader'filename' as parameter such as fileexists, isfile, isdir, etc. When extract is called without a specific prefix path, we can trigger...

CVE-2018-1000888

PEAR ArchiveTar version 1.4.3 and earlier contains a CWE-502, CWE-915 vulnerability in the ArchiveTar class. There are several file operations with $vheader'filename' as parameter such as fileexists, isfile, isdir, etc. When extract is called without a specific prefix path, we can trigger...

ZoneMinder < 1.32.3 Object Injection Vulnerability

ZoneMinder is prone to an object injection vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:zoneminder:zoneminder";...

Object Injection

wordpress is vulnerable to PHP object injection. The vulnerability exists in the wpgetattachmentthumbfile function in wp-includes/post.php because the attack can be triggered by inputting manipulated metadata. in the wpgetattachmentthumbfile function in wp-includes/post.php...

WordPress 5.0.x < 5.0.1 Multiple Vulnerabilities

According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - Authors could alter meta data to delete files that they weren't authorized to. - Authors could create posts of unauthorized types with specially crafted input. -...

WordPress 4.4.x < 4.4.17 Multiple Vulnerabilities

According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - Authors could alter meta data to delete files that they weren't authorized to. - Authors could create posts of unauthorized types with specially crafted input. -...