Mageia: Security Advisory (MGASA-2014-0162)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Denial Of Service (DoS)

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A buffer overflow flaw was found in the Exif extension. A specially crafted JPEG or TIFF file could cause a PHP application using the exifthumbnail function to crash or, possibly, execute arbitrary code...

Denial Of Service (DoS)

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A buffer overflow flaw was found in the Exif extension. A specially crafted JPEG or TIFF file could cause a PHP application using the exifthumbnail function to crash or, possibly, execute arbitrary code...

Fedora 29 : php (2019-da36d5d484)

PHP version 7.2.17 04 Apr 2019 Core: - Fixed bug php77738 Nullptr deref in zendcompileexpr. Laruence - Fixed bug php77660 Segmentation fault on break 2147483648. Laruence - Fixed bug php77652 Anonymous classes can lose their interface information. Nikita - Fixed bug php77676 Unable to run tests...

Apache 2.4.17 2.4.38 - apache2ctl graceful logrotate Local Privilege Escalation

Apache 2.4.17 2.4.38 - apache2ctl graceful logrotate Local Privilege Escalation ?php CARPE DIEM: CVE-2019-0211 Apache Root Privilege Escalation Charles Fol @cfreal 2019-04-08 INFOS https://cfreal.github.io/carpe-diem-cve-2019-0211-apache-local-root.html USAGE 1. Upload exploit to Apache HTTP serv...

CARPE (DIEM) Apache 2.4.x Local Privilege Escalation

?php CARPE DIEM: CVE-2019-0211 Apache Root Privilege Escalation Charles Fol @cfreal 2019-04-08 INFOS https://cfreal.github.io/carpe-diem-cve-2019-0211-apache-local-root.html USAGE 1. Upload exploit to Apache HTTP server 2. Send request to page 3. Await 6:25AM for logrotate to restart Apache 4...

Denial Of Service (DoS)

php is vulnerable to denial of service DoS attacks. The vulnerability exists as the scan function in ext/date/lib/parseisointervals.c in PHP through 5.5.6 does not properly restrict creation of DateInterval objects, which might allow remote attackers to cause a denial of service heap-based buffer...

Fedora 27 : php (2018-6f37f99641)

PHP version 7.1.20 19 Jul 2018 Core: - Fixed bug php76534 PHP hangs on 'illegal string offset on string references with an error handler. Laruence - Fixed bug php76502 Chain of mixed exceptions and errors does not serialize properly. Nikita Date: - Fixed bug php76462 Undefined property:...

MyBB 1.8.3 Remote Code Execution Exploit

Exploit for php platform in category web applications GMP Deserialization Type Confusion Vulnerability MyBB - Write Date: 2015.4.28 - Release Date: 2017.1.20 A type-confusion vulnerability was discovered in GMP deserialization with crafted object's wakeup magic method that can be abused for...

PHP 5.6.x / MyBB 1.8.3 Remote Code Execution

GMP Deserialization Type Confusion Vulnerability MyBB - Write Date: 2015.4.28 - Release Date: 2017.1.20 A type-confusion vulnerability was discovered in GMP deserialization with crafted object's wakeup magic method that can be abused for updating any already assigned properties of any already...

MyBB 1.8.3 (with PHP 5.6 5.6.11) - Remote Code Execution

MyBB 1.8.3 with PHP 5.6 5.6.11 - Remote Code Execution GMP Deserialization Type Confusion Vulnerability MyBB - Write Date: 2015.4.28 - Release Date: 2017.1.20 A type-confusion vulnerability was discovered in GMP deserialization with crafted object's wakeup magic method that can be abused for...

Internet Bug Bounty: GMP Deserialization Type Confusion Vulnerability [MyBB <= 1.8.3 RCE Vulnerability]

GMP Deserialization Type Confusion Vulnerability MyBB - Write Date: 2015.4.28 A type-confusion vulnerability was discovered in GMP deserialization with crafted object's wakeup magic method that can be abused for updating any already assigned properties of any already created objects, this result ...

Code injection

PHP through 5.6.27 and 7.x through 7.0.12 mishandles property modification during wakeup processing, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data, as demonstrated by Exception::toString with DateInterval::wakeup...

CVE-2016-9138

PHP through 5.6.27 and 7.x through 7.0.12 mishandles property modification during wakeup processing, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data, as demonstrated by Exception::toString with DateInterval::wakeup...

SUSE SLES11 Security Update : PHP5 (SUSE-SU-2014:0064-1)

This update fixes the following issues : - memory corruption in opensslparsex509 CVE-2013-6420 - Heap buffer over-read in DateInterval CVE-2013-6712 - man-in-the-middle attacks by specially crafting certificates CVE-2013-4248 Note that Tenable Network Security has extracted the preceding...

PHP DateInterval unserialize() function memory misreference vulnerability

PHP DateInterval is an application to get the number of intervals between the system time and a specified time. A memory misreference vulnerability exists in the PHP DateInterval unserialize function, which allows an attacker to exploit the vulnerability to obtain arbitrary memory-sensitive...

Internet Bug Bounty: Use after free vulnerability in unserialize() with DateInterval

Use After Free Vulnerability in unserialize with DateInterval Taoguang Chen - Write Date: 2015.2.28 - Release Date: 2015.3.20 A use-after-free vulnerability was discovered in unserialize with DateInterval object's wakeup magic method that can be abused for leaking arbitrary memory blocks or execu...

PHP DateTime Use-After-Free

Use After Free Vulnerability in unserialize with DateTime CVE-2015-0273 Taoguang Chen - Write Date: 2015.1.29 - Release Date: 2015.2.20 A use-after-free vulnerability was discovered in unserialize with DateTime/DateTimeZone/DateInterval/DatePeriod objects's wakeup magic method that can be abused...

Oracle Solaris Third-Party Patch Update : php (cve_2013_4248_input_validation)

The remote Solaris system is missing necessary patches to address security updates : - The opensslx509parse function in openssl.c in the OpenSSL module in PHP before 5.4.18 and 5.5.x before 5.5.2 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of a...

php: heap-based buffer over-read in DateInterval

A buffer over-read flaw was found in the way the DateInterval class parsed interval specifications. An attacker able to make a PHP application parse a specially crafted specification using DateInterval could possibly cause the PHP interpreter to crash...