Lucene search
K

6 matches found

OpenVAS
OpenVAS
added 2010/04/23 12:0 a.m.29 views

PHP Session Data Deserialization Arbitrary Code Execution Vulnerability

PHP is prone to an arbitrary code execution vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; ifdescriptio...

7.5CVSS7.7AI score0.09233EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2008/09/24 12:0 a.m.54 views

Gentoo Security Advisory GLSA 200705-19 (php)

The remote host is missing updates announced in advisory GLSA 200705-19. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

7.8CVSS1.1AI score0.40435EPSS
Exploits14
Tenable Nessus
Tenable Nessus
added 2007/11/10 12:0 a.m.50 views

Ubuntu 6.06 LTS / 6.10 / 7.04 : php5 vulnerabilities (USN-455-1)

Stefan Esser discovered multiple vulnerabilities in the 'Month of PHP bugs'. The substrcompare function did not sufficiently verify its length argument. This might be exploited to read otherwise unaccessible memory, which might lead to information disclosure. CVE-2007-1375 The shared memory shmop...

7.8CVSS6.2AI score0.10028EPSS
Exploits10References14
Tenable Nessus
Tenable Nessus
added 2007/10/17 12:0 a.m.43 views

openSUSE 10 Security Update : apache2-mod_php5 (apache2-mod_php5-3289)

This Update fixes numerous vulnerabilities in PHP. Most of them were made public during the 'Month of PHP Bugs'. The vulnerabilities potentially lead to crashes, information leaks or even execution of malicious code. CVE-2007-1380, CVE-2007-0988, CVE-2007-1375, CVE-2007-1454 CVE-2007-1453,...

7.8CVSS5.5AI score0.10028EPSS
Exploits12References18
Ubuntu
Ubuntu
added 2007/04/27 9:10 p.m.88 views

USN-455-1: PHP vulnerabilities

Stefan Esser discovered multiple vulnerabilities in the "Month of PHP bugs". The substrcompare function did not sufficiently verify its length argument. This might be exploited to read otherwise unaccessible memory, which might lead to information disclosure. CVE-2007-1375 The shared memory shmop...

7.8CVSS6.1AI score0.10028EPSS
Exploits9
CVE
CVE
added 2007/03/27 1:0 a.m.85 views

CVE-2007-1700

CVE-2007-1700 describes a vulnerability in PHP where the session extension pre-4.4.5 (and pre-5.2.1) incorrectly calculates the session variable reference count, failing to account for the internal pointer in the session globals. This can allow context-dependent attackers to execute arbitrary cod...

7.5CVSS7.6AI score0.09017EPSS
Exploits1References17Affected Software1
Rows per page
Query Builder