7 matches found
Debian Security Advisory DSA 1283-1 (php5)
The remote host is missing an update to php5 announced via advisory DSA 1283-1. OpenVAS Vulnerability Test $Id: deb12831.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1283-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
Ubuntu 6.06 LTS / 6.10 / 7.04 : php5 vulnerabilities (USN-455-1)
Stefan Esser discovered multiple vulnerabilities in the 'Month of PHP bugs'. The substrcompare function did not sufficiently verify its length argument. This might be exploited to read otherwise unaccessible memory, which might lead to information disclosure. CVE-2007-1375 The shared memory shmop...
openSUSE 10 Security Update : apache2-mod_php5 (apache2-mod_php5-3289)
This Update fixes numerous vulnerabilities in PHP. Most of them were made public during the 'Month of PHP Bugs'. The vulnerabilities potentially lead to crashes, information leaks or even execution of malicious code. CVE-2007-1380, CVE-2007-0988, CVE-2007-1375, CVE-2007-1454 CVE-2007-1453,...
USN-455-1: PHP vulnerabilities
Stefan Esser discovered multiple vulnerabilities in the "Month of PHP bugs". The substrcompare function did not sufficiently verify its length argument. This might be exploited to read otherwise unaccessible memory, which might lead to information disclosure. CVE-2007-1375 The shared memory shmop...
CVE-2007-1375
Integer overflow in the substrcompare function in PHP 5.2.1 and earlier allows context-dependent attackers to read sensitive memory via a large value in the length argument, a different vulnerability than CVE-2006-1991...
CVE-2007-1375
CVE-2007-1375 relates to an integer overflow in PHP’s substr_compare function in PHP 5.2.1 and earlier, allowing a context‑dependent attacker to read sensitive memory when a large length argument is processed. The connected advisories (e.g., Ubuntu USN-455-1 and related OpenVAS entries) list CVE-...
CVE-2007-1375
Integer overflow in the substrcompare function in PHP 5.2.1 and earlier allows context-dependent attackers to read sensitive memory via a large value in the length argument, a different vulnerability than CVE-2006-1991...