41 matches found
Linux Distros Unpatched Vulnerability : CVE-2011-0421
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The zipnamelocate function in zipnamelocate.c in the Zip extension in PHP before 5.3.6 does not properly handle a ZIPARCHIVE::FLUNCHANGED argument, which might...
libzip 0.9.3 _zip_name_locate NULL Pointer Dereference (incl PHP 5.3.5)
No description provided by source. Source: http://securityreason.com/securityalert/8146 libzip 0.9.3 zipnamelocate NULL Pointer Dereference incl PHP 5.3.5 Author: Maksymilian Arciemowicz http://securityreason.com/ http://cxib.net/ Date: - Dis.: 03.01.2011 - Pub.: 18.03.2011 CVE: CVE-2011-0421 CER...
openSUSE Security Update : libzip-devel (openSUSE-SU-2011:0449-1)
empty zip archives could crash programs using libzip CVE-2011-0421. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update libzip-devel-4188. The text description of this plugin is C SUSE LLC...
openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2011:0645-1)
This php5 update fixes : - CVE-2011-0421: CVSS v2 Base Score: 2.6 AV:N/AC:H/Au:N/C:N/I:N/A:P: Input Validation CWE-20 - CVE-2011-1092: CVSS v2 Base Score: 5.1 AV:N/AC:H/Au:N/C:P/I:P/A:P: Numeric Errors CWE-189 - CVE-2011-1148: CVSS v2 Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P: Resource Managemen...
openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2011:0645-1)
This php5 update fixes : - CVE-2011-0421: CVSS v2 Base Score: 2.6 AV:N/AC:H/Au:N/C:N/I:N/A:P: Input Validation CWE-20 - CVE-2011-1092: CVSS v2 Base Score: 5.1 AV:N/AC:H/Au:N/C:P/I:P/A:P: Numeric Errors CWE-189 - CVE-2011-1148: CVSS v2 Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P: Resource Managemen...
openSUSE Security Update : libzip-devel (openSUSE-SU-2011:0449-1)
empty zip archives could crash programs using libzip CVE-2011-0421. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update libzip-devel-4188. The text description of this plugin is C SUSE LLC...
Slackware: Security Advisory (SSA:2011-210-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
PHP 5.3 < 5.3.6 Multiple Vulnerabilities
PHP is prone to multiple vulnerabilities. Copyright C 2012 NopSec Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or...
SuSE 10 Security Update : PHP5 (ZYPP Patch Number 7553)
This update for PHP5 fixes the following security issues : - Input Validation in the ZIP extension and NumberFormatter. CWE-20, CVE-2011-0421 / CVE-2011-1470 / CVE-2011-1467 - Numeric Errors in the SHM support and ZIP extension. CWE-189, CVE-2011-1092 / CVE-2011-1471 - Buffer overflows in the...
Mac OS X v10.6.8 Multiple Vulnerabilities (2011-006)
This host is missing an important security update according to Mac OS X 10.6.8 Update/Mac OS X Security Update 2011-006. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Debian Security Advisory DSA 2266-1 (php5)
The remote host is missing an update to php5 announced via advisory DSA 2266-1. OpenVAS Vulnerability Test $Id: deb22661.nasl 6613 2017-07-07 12:08:40Z cfischer $ Description: Auto-generated from advisory DSA 2266-1 php5 Authors: Thomas Reinke Copyright: Copyright c 2011 E-Soft Inc...
Debian: Security Advisory (DSA-2266-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[slackware-security] libpng
New libpng packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix security issues. Here are the details from the Slackware 13.37 ChangeLog: patches/packages/libpng-1.4.8-i486-1slack13.37.txz: Upgraded. Fixed uninitializ...
Debian DSA-2266-1 : php5 - several vulnerabilities
Several vulnerabilities were discovered in PHP, which could lead to denial of service or potentially the execution of arbitrary code. - CVE-2010-2531 An information leak was found in the varexport function. - CVE-2011-0421 The Zip module could crash. - CVE-2011-0708 An integer overflow was...
[SECURITY] [DSA 2262-2] php5 update
------------------------------------------------------------------------- Debian Security Advisory DSA-2266-2 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff July 01, 2011 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2266-1] php5 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2266-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff June 29, 2011 http://www.debian.org/security/faq -...
SuSE 11.1 Security Update : PHP5 (SAT Patch Number 4663)
This PHP5 update fixes : - CVE-2011-0421: CVSS v2 Base Score: 2.6 AV:N/AC:H/Au:N/C:N/I:N/A:P: Input Validation CWE-20 - CVE-2011-1092: CVSS v2 Base Score: 5.1 AV:N/AC:H/Au:N/C:P/I:P/A:P: Numeric Errors CWE-189 - CVE-2011-1148: CVSS v2 Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P: Resource Managemen...
Ubuntu 6.06 LTS / 8.04 LTS / 9.10 / 10.04 LTS / 10.10 / 11.04 : php5 regressions (USN-1126-2)
USN 1126-1 fixed several vulnerabilities in PHP. The fix for CVE-2010-4697 introduced an incorrect reference counting regression in the Zend engine that caused the PHP interpreter to segfault. This regression affects Ubuntu 6.06 LTS and Ubuntu 8.04 LTS. The fixes for CVE-2011-1072 and CVE-2011-11...
Ubuntu 6.06 LTS / 8.04 LTS / 9.10 / 10.04 LTS / 10.10 / 11.04 : php5 vulnerabilities (USN-1126-1)
Stephane Chazelas discovered that the /etc/cron.d/php5 cron job for PHP 5.3.5 allows local users to delete arbitrary files via a symlink attack on a directory under /var/lib/php5/. CVE-2011-0441 Raphael Geisert and Dan Rosenberg discovered that the PEAR installer allows local users to overwrite...
FreeBSD Ports: php5-zip
The remote host is missing an update to the system as announced in the referenced advisory. VID fe853666-56ce-11e0-9668-001fd0d616cf OpenVAS Vulnerability Test $ Description: Auto generated from VID fe853666-56ce-11e0-9668-001fd0d616cf Authors: Thomas Reinke Copyright: Copyright c 2011 E-Soft Inc...