4 matches found
PHP 5.3.x < 5.3.14 / 5.4.x < 5.4.4 Multiple Vulnerabilities
Binary data 9097.prm...
PHP 'openssl_encrypt()' Function Information Disclosure Vulnerability - Windows
PHP is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...
Ubuntu 12.04 LTS : php5 vulnerability (USN-1702-1)
It was discovered that PHP incorrectly handled the opensslencrypt function when used with an empty string. An attacker could use this flaw to cause PHP to disclose arbitrary memory contents and possibly expose sensitive information. Note that Tenable Network Security has extracted the preceding...
CVE-2012-6113
This CVE affects PHP 5.3.9–5.3.13 where the openssl_encrypt() code path in ext/openssl/openssl.c fails to initialize a variable, enabling a remote attacker to read sensitive memory contents by supplying zero-length input data. The issue is a memory disclosure vulnerability. Public references indi...