7 matches found
SUSE CVE-2007-2728
The soap extension in PHP calls phprandr with an uninitialized seed variable, which has unknown impact and attack vectors, a related issue to the mcryptcreateiv issue covered by CVE-2007-2727. Note: The PHP team argue that this is not a valid security issue...
Ubuntu: Security Advisory (USN-485-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SuSE 10 Security Update : PHP5 (ZYPP Patch Number 3980)
This update fixes multiple bugs in php : - predictable generaton of an initialization vector IV in the mcrypt extension - additional cookie attributes could be injected via a session id - specially crafted files could cause integer overflows in gd and leverage them to at least crash gd based...
openSUSE 10 Security Update : apache2-mod_php5 (apache2-mod_php5-3979)
This update fixes multiple bugs in php : - predictable generaton of an initialization vector IV in the mcrypt extension - additional cookie attributes could be injected via a session id - specially crafted files could cause integer overflows in gd and leverage them to at least crash gd based...
openSUSE 10 Security Update : apache2-mod_php5 (apache2-mod_php5-3978)
This update fixes multiple bugs in php : - predictable generaton of an initialization vector IV in the mcrypt extension - additional cookie attributes could be injected via a session id - specially crafted files could cause integer overflows in gd and leverage them to at least crash gd based...
CVE-2007-2728
The soap extension in PHP calls phprandr with an uninitialized seed variable, which has unknown impact and attack vectors, a related issue to the mcryptcreateiv issue covered by CVE-2007-2727. Note: The PHP team argue that this is not a valid security issue...
CVE-2007-2728
CVE-2007-2728 concerns the PHP soap extension calling php_rand_r with an uninitialized seed variable. The impact and attack vectors are not clearly defined in the provided documents; it is noted as related to CVE-2007-2727 and the PHP team argued it is not a valid security issue. No exploitation ...