SuSE9 Security Update : PHP4 (YOU Patch Number 12049)

This update fixes multiple bugs in php : - several problems in pcre CVE-2007-1660, CVE-2006-7225, CVE-2006-7224, CVE-2006-7226 CVE-2007-1659, CVE-2006-7230 - Flaws in processing multi byte sequences in htmlentities/htmlspecialchars. CVE-2007-5898 - overly long arguments to the dl function could...

openSUSE 10 Security Update : apache2-mod_php5 (apache2-mod_php5-4810)

This update fixes multiple bugs in php : - use system pcre library to fix several pcre vulnerabilities CVE-2007-1659, CVE-2006-7230, CVE-2007-1660, CVE-2006-7227 CVE-2005-4872, CVE-2006-7228 - Flaws in processing multi byte sequences in htmlentities/htmlspecialchars CVE-2007-5898 - overly long...

FreeBSD : php -- multiple security vulnerabilities (392b5b1d-9471-11dc-9db7-001c2514716c)

PHP project reports : Security Enhancements and Fixes in PHP 5.2.5 : - Fixed dl to only accept filenames. Reported by Laurent Gaffie. - Fixed dl to limit argument size to MAXPATHLEN CVE-2007-4887. Reported by Laurent Gaffie. - Fixed htmlentities/htmlspecialchars not to accept partial multibyte...

php -- multiple security vulnerabilities

PHP project reports: Security Enhancements and Fixes in PHP 5.2.5: Fixed dl to only accept filenames. Reported by Laurent Gaffie. Fixed dl to limit argument size to MAXPATHLEN CVE-2007-4887. Reported by Laurent Gaffie. Fixed htmlentities/htmlspecialchars not to accept partial multibyte sequences...

CVE-2007-4887

The dl function in PHP 5.2.4 and earlier allows context-dependent attackers to cause a denial of service application crash via a long string in the library parameter. NOTE: there are limited usage scenarios under which this would be a vulnerability...

CVE-2007-4887

Technical details for CVE-2007-4887 are not publicly available in the provided documents. Monitor for updates.

CVE-2007-4825

Directory traversal vulnerability in PHP 5.2.4 and earlier allows attackers to bypass openbasedir restrictions and possibly execute arbitrary code via a .. dot dot in the dl function...

php524-basedir.txt

Application: PHP dll . / Bug: openbasedir bypass & code exec & denial of service/some people call this as a buffer overflow , but it's a denial of service./ special condition: default php-memory-limit ------------------------------------------------------- 1 Introduction 2 Bug 3 Proof of concept ...

The use of dl function breakthrough disable_functions command execution-vulnerability warning-the black bar safety net

Go:http://www. tantao. cn:8 0 8 0/? action=show&id=2 7 5 Article submission: TTorchidy jnchahaat163.com PHP is a powerful and widely used scripting language, a large part of the site is using PHP architecture. Because it provides a powerful file operation function and interact with the system...