CVE-2007-4888

The "You are not allowed..." error handler in XWiki 1.0 B1 and 1.0 B2 associates the doc variable with the entire document content and metadata regardless of a user's view rights, which allows remote authenticated users to read arbitrary documents via a custom skin that prints the content attribu...

Fedora Core 6 : kernel-2.6.20-1.2944.fc6 (2007-432)

Updated to upstream linux kernel 2.6.20.6: http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.5 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.6 CVE-2007-1357: The atalksumskb function in AppleTalk for Linux kernel 2.6.x before 2.6.21, and possibly 2.4.x, allows remote...

CVE-2007-1883

The CVE-2007-1883 entry describes a PHP vulnerability across multiple branches (PHP 4.0.0–4.4.6 and 5.0.0–5.2.1) where an interruption triggering a userspace error handler can change a parameter to an arbitrary pointer, allowing context-dependent attackers to read arbitrary memory via the iptcemb...

MOPB-37-2007:PHP iptcembed() Interruption Information Leak Vulnerability

Summary Whenever functions accept references which all do in the default configuration it is possible for a malicious user space error handler that interrupts the function to modify the function parameters after the function has already started executing. This might for example trick the function...

PHP 5.2.1 - Multiple functions Reference Information Disclosures

PHP 5.2.1 - Multiple functions Reference Information Disclosures source: https://www.securityfocus.com/bid/23202/info PHP is prone to an information-disclosure vulnerability due to a design error. The vulnerability resides in various functions that accept parameters as references. Successful...

CVE-2007-1582

The resource system in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows context-dependent attackers to execute arbitrary code by interrupting certain functions in the GD ext/gd extension and unspecified other extensions via a userspace error handler, which can be used to destroy and modify...

PHP 4.4.6/5.2.1 - ext/gd Already Freed Resources Usage

?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept code from the Hardened-PHP Project // // C Copyright 2007 Stefan...

MOPB-22-2007:PHP session_regenerate_id() Double Free Vulnerability

Summary The sessionregenerateid function that is used to generate a new session identifier fails to clear an already freed pointer to the former session identifier before calling the session identifier generator. When this generator triggers an error this can result in a double free that is easil...

CVE-2004-2498

Unspecified vulnerability in the error handler in Hitachi Web Page Generator and Web Page Generator Enterprise 4.01 and earlier, when using the default error template and debug mode is set to ON, allows remote attackers to determine internal directory structures via unknown attack vectors...

Microsoft ISA Server HTTP error handler XSS (TL#007)

Thor Larholm security advisory TL006 ------------------------------------- 16 July 2003 HTML format: http://pivx.com/larholm/adv/TL006 Topic: ISA Server HTTP error handler XSS. Discovery date: 25 June 2002. Severity: Medium Affected applications: ---------------------- Any Microsoft Internet...