7 matches found
SuSE 11 / 11.1 Security Update : Apache 2 (SAT Patch Numbers 2880 / 2881)
PHP was updated to version 5.2.14 to fix serveral security issues : - CVE-2010-1860 - CVE-2010-1862 - CVE-2010-1864 - CVE-2010-1914 - CVE-2010-1915 - CVE-2010-1917 - CVE-2010-2093 - CVE-2010-2094 - CVE-2010-2097 - CVE-2010-2100 - CVE-2010-2101 - CVE-2010-2190 - CVE-2010-2191 - CVE-2010-2225 -...
openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2010:0678-1)
PHP was updated to version 5.2.14 to fix several security issues : - CVE-2010-1860 - CVE-2010-1862 - CVE-2010-1864 - CVE-2010-1914 - CVE-2010-1915 - CVE-2010-1917 - CVE-2010-2093 - CVE-2010-2094 - CVE-2010-2097 - CVE-2010-2100 - CVE-2010-2101 - CVE-2010-2190 - CVE-2010-2191 - CVE-2010-2225 -...
openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2010:0599-1)
PHP was updated to version 5.3.3 to fix serveral security issues. CVE-2010-0397, CVE-2010-1860, CVE-2010-1862, CVE-2010-1864, CVE-2010-1866, CVE-2010-1914, CVE-2010-1915, CVE-2010-1917, CVE-2010-2093, CVE-2010-2094, CVE-2010-2097, CVE-2010-2100, CVE-2010-2101, CVE-2010-2190, CVE-2010-2191,...
PHP 5.2 < 5.2.14 Multiple Vulnerabilities
According to its banner, the version of PHP 5.2 installed on the remote host is older than 5.2.14. Such versions may be affected by several security issues : - An error exists when processing invalid XML-RPC requests that can lead to a NULL pointer dereference. bug 51288 CVE-2010-0397 - An error...
PHP http_build_query()函数中断处理地址信息泄露漏洞
CVE ID: CVE-2010-2100 PHP是广泛使用的通用目的脚本语言,特别适合于Web开发,可嵌入到HTML中。 PHP的httpbuildquery函数中存在信息泄露漏洞: PHPFUNCTIONhttpbuildquery zval formdata; char prefix = NULL, argsep=NULL; int argseplen = 0, prefixlen = 0; smartstr formstr = 0; if zendparseparametersZENDNUMARGS TSRMLSCC, "z|ss", &formdata, &prefix,...
PHP str_getcsv()函数中断处理地址信息泄露漏洞
CVE ID: CVE-2010-2100 PHP是广泛使用的通用目的脚本语言,特别适合于Web开发,可嵌入到HTML中。 PHP的strgetcsv函数中存在信息泄露漏洞: PHPFUNCTIONstrgetcsv char str, delim = ',', enc = '"', esc = ''; char delimstr = NULL, encstr = NULL, escstr = NULL; int strlen = 0, delimlen = 0, enclen = 0, esclen = 0; if zendparseparametersZENDNUMARGS...
PHP htmlentities()和htmlspecialchars()函数中断处理地址信息泄露漏洞
CVE ID: CVE-2010-2100 PHP是广泛使用的通用目的脚本语言,特别适合于Web开发,可嵌入到HTML中。 PHP的htmlentities及htmlspecialchars函数中存在信息泄露漏洞: static void phphtmlentitiesINTERNALFUNCTIONPARAMETERS, int all char str, hintcharset = NULL; int strlen, hintcharsetlen = 0; int len; long quotestyle = ENTCOMPAT; char replaced; zendbool...