3 matches found
CRLF Injection
Overview Affected versions of this package are vulnerable to CRLF Injection via the settingsToParameters process. An attacker can execute arbitrary code and alter the configuration of child processes by injecting newline characters into PHP INI values that are forwarded to child processes. This...
CVE-2010-0664
Google Chrome prior to version 4.0.249.78 is affected by a stack consumption vulnerability in ChildProcessSecurityPolicy::CanRequestURL. The issue allows remote attackers to trigger memory consumption and a crash by supplying a URL that uses multiple protocols (e.g., repeated view-source: sequenc...
Linux kernel in/out ports access
Mask for input/output permissions is not cleared for child process. It may lead to unauthorized access to i/o ports...