74 matches found
Type confusion
The SoapClient implementation in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via an unexpected data type, related to "type confusion" issues in the 1...
Type confusion
The makehttpsoaprequest function in ext/soap/phphttp.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 does not properly retrieve keys, which allows remote attackers to cause a denial of service NULL pointer dereference, type confusion, and application crash or possibly execute...
CVE-2015-4600
CVE-2015-4600 affects PHP SoapClient: vulnerable in PHP versions prior to 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8. Root cause is a type confusion in SoapClient methods (getLastRequest/Response, getLastRequestHeaders/ResponseHeaders, getCookies, setCookie). Impact per the description: ...
CVE-2015-4600
The SoapClient implementation in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via an unexpected data type, related to "type confusion" issues in the 1...
CVE-2016-3185
Removed by vendor...
openSUSE Security Update : php5 (openSUSE-2016-517)
This update for php5 fixes the following security issues : - CVE-2015-8838: mysqlnd was vulnerable to BACKRONYM bnc973792. - CVE-2015-8835: SoapClient scall method suffered from a type confusion issue that could have lead to crashes bsc973351 - CVE-2016-2554: A NULL pointer dereference in...
PHP < 5.4.45, 5.5.x < 5.5.29, 5.6.x < 5.6.13 RCE Vulnerability (Mar 2016) - Windows
PHP is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if descripti...
PHP < 5.4.45, 5.5.x < 5.5.29, 5.6.x < 5.6.13 RCE Vulnerability (Mar 2016) - Linux
PHP is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if descripti...
CVE-2015-6836
The SoapClient call method in ext/soap/soap.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 does not properly manage headers, which allows remote attackers to execute arbitrary code via crafted serialized data that triggers a "type confusion" in the serializefunctioncall...
Type confusion
The SoapClient call method in ext/soap/soap.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 does not properly manage headers, which allows remote attackers to execute arbitrary code via crafted serialized data that triggers a "type confusion" in the serializefunctioncall...
CVE-2015-6836
The SoapClient call method in ext/soap/soap.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 does not properly manage headers, which allows remote attackers to execute arbitrary code via crafted serialized data that triggers a "type confusion" in the serializefunctioncall...
CVE-2015-6836
CVE-2015-6836 affects PHP by the SoapClient::__call path in ext/soap/soap.c. The headers handling is insufficiently validated, allowing a crafted serialized payload to trigger a type confusion in serialize_function_call, enabling remote code execution. Affected PHP versions are pre-5.4.45, pre-5....
KLA10746 Multiple vulnerabilities in PHP
Multiple serious vulnerabilities have been found in PHP. Malicious users can exploit these vulnerabilities to cause denial of service, affect arbitrary files, execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1. Multiple integer overflows can be...
SMF (Simple Machine Forum) 2.0.10 Remote Memory Exfiltration
!/usr/bin/python -- coding: iso-8859-15 -- Title: SMF Simple Machine Forum Filippo Roncari Truel Lab http://lab.truel.it Requirements: SMF = 2.0.10 PHP = 5.6.11 / 5.5.27 / 5.4.43 Advisories: TL-2015-PHP04 http://lab.truel.it/d/advisories/TL-2015-PHP04.txt TL-2015-PHP06...
CVE-2015-6836
The SoapClient call method in ext/soap/soap.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 does not properly manage headers, which allows remote attackers to execute arbitrary code via crafted serialized data that triggers a "type confusion" in the serializefunctioncall...
FreeBSD : php5 -- multiple vulnerabilities (787ef75e-44da-11e5-93ad-002590263bf5)
The PHP project reports : Core : - Fixed bug 69793 Remotely triggerable stack exhaustion via recursive method calls. - Fixed bug 70121 unserialize could lead to unexpected methods execution / NULL pointer deref. OpenSSL : - Fixed bug 70014 opensslrandompseudobytes is not cryptographically secure...
php: SoapClient's do_soap_call() type confusion after unserialize()
A flaws was discovered in the way PHP performed object unserialization. Specially crafted input processed by the unserialize function could cause a PHP application to crash or, possibly, execute arbitrary code...
CVE-2015-4600
The SoapClient implementation in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via an unexpected data type, related to "type confusion" issues in the 1...
openSUSE Security Update : php5 (openSUSE-2015-419)
PHP was updated to fix one security issue. The following vulnerability was fixed : - CVE-2015-4148: A type confusion flay in SoapClient could lead to information disclosure bnc933227 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...
SUSE SLES11 Security Update : php53 (SUSE-SU-2015:1018-1)
PHP 5.3 was updated to fix multiple security issues : bnc931776: pcntlexec does not check path validity CVE-2015-4026 bnc931772: overflow in ftpgenlist resulting in heap overflow CVE-2015-4022 bnc931769: memory corruption in pharparsetarfile when entry filename starts with NULL CVE-2015-4021...