Lucene search
K

4 matches found

Tenable Nessus
Tenable Nessus
added 2007/12/13 12:0 a.m.48 views

SuSE 10 Security Update : PHP5 (ZYPP Patch Number 3754)

The following issues have been fixed : - missing openbasedir and safemode restriction. CVE-2007-3007 - chunksplit integer overflow. CVE-2007-2872 - DoS condition in libgd's image processing. CVE-2007-2756 - possible super-global overwrite inside importrequestvariables. CVE-2007-1396 - buffer...

7.5CVSS7AI score0.18162EPSS
Exploits1References20
Tenable Nessus
Tenable Nessus
added 2007/10/17 12:0 a.m.34 views

openSUSE 10 Security Update : php5 (php5-3753)

The following issues have been fixed in PHP, which were spotted by the MOPB project or fixed in PHP 5.2.3 release : - missing openbasedir and safemode restriction CVE-2007-3007 - chunksplit integer overflow CVE-2007-2872 - DoS condition in libgd's image processing CVE-2007-2756 - possible...

7.5CVSS7AI score0.18162EPSS
Exploits1References10
CVE
CVE
added 2007/03/10 10:0 p.m.76 views

CVE-2007-1396

The CVE-2007-1396 entry describes a vulnerability in PHP where import_request_variables (PHP 4.0.7–4.4.6 and 5.x before 5.2.2) can overwrite superglobals (GET, POST, COOKIE, FILES, SERVER, SESSION, etc.) when called without a prefix, enabling remote attackers to spoof source IP and Referer data a...

6.8CVSS7.5AI score0.01864EPSS
Exploits0References10Affected Software1
Cvelist
Cvelist
added 2007/03/10 10:0 p.m.32 views

CVE-2007-1396

The importrequestvariables function in PHP 4.0.7 through 4.4.6, and 5.x before 5.2.2, when called without a prefix, does not prevent the 1 GET, 2 POST, 3 COOKIE, 4 FILES, 5 SERVER, 6 SESSION, and other superglobals from being overwritten, which allows remote attackers to spoof source IP address a...

7.6AI score0.01864EPSS
Exploits0References10
Rows per page
Query Builder