40 matches found
Debian: Security Advisory (DSA-2427-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian Security Advisory DSA 2427-1 (imagemagick - several vulnerabilities)
Two security vulnerabilities related to EXIF processing were discovered in ImageMagick, a suite of programs to manipulate images. CVE-2012-0247When parsing a maliciously crafted image with incorrect offset and count in the ResolutionUnit tag in EXIF IFD0, ImageMagick writes two bytes to an invali...
DSA-2427-1 imagemagick - several
Bulletin has no description...
php: integer overflow in exif_process_IFD_TAG() may lead to DoS or arbitrary memory disclosure
Integer overflow in the exifprocessIFDTAG function in exif.c in the exif extension in PHP 5.4.0beta2 on 32-bit platforms allows remote attackers to read the contents of arbitrary memory locations or cause a denial of service via a crafted offsetval value in an EXIF header in a JPEG file, a...
Mandriva Linux Security Advisory : php (MDVSA-2009:302)
Some vulnerabilities were discovered and corrected in php-5.3.1 : - Added maxfileuploads INI directive, which can be set to limit the number of file uploads per-request to 20 by default, to prevent possible DOS via temporary file exhaustion. Ilia - Added missing sanity checks around exif...
Mandriva Linux Security Advisory : php (MDVSA-2009:248)
Multiple vulnerabilities was discovered and corrected in php : The phpopensslapplyverificationpolicy function in PHP before 5.2.11 does not properly perform certificate validation, which has unknown impact and attack vectors, probably related to an ability to spoof certificates CVE-2009-3291...
php: exif extension: Multiple missing sanity checks in EXIF file processing
Unspecified vulnerability in PHP before 5.2.11, and 5.3.x before 5.3.1, has unknown impact and attack vectors related to "missing sanity checks around exif processing."...
PHP 5.3.x < 5.3.1 Multiple Vulnerabilities
Binary data 801090.prm...
PHP 5.3.x < 5.3.1 Multiple Vulnerabilities
Binary data 5242.prm...
New PHP Release Limits File Uploads
The latest release PHP 5.3.1 features the addition of the “maxfileuploads” INI directive, which can be used to limit the number of file uploads for each request to 20 by default. By limiting the number of uploads per-request, users can prevent possible denial of service DoS attacks. Missing sanit...
FreeBSD Ports: php5
The remote host is missing an update to the system as announced in the referenced advisory. VID 437a68cf-b752-11de-b6eb-00e0815b8da8 OpenVAS Vulnerability Test $ Description: Auto generated from VID 437a68cf-b752-11de-b6eb-00e0815b8da8 Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...
FreeBSD : php5 -- Multiple security issues (437a68cf-b752-11de-b6eb-00e0815b8da8)
Vendor reports Security Enhancements and Fixes in PHP 5.2.11 : Fixed certificate validation inside phpopensslapplyverificationpolicy. Fixed sanity check for the color index in imagecolortransparent. Added missing sanity checks around exif processing. Fixed bug 44683 popen crashes when an invalid...
Mandrake Security Advisory MDVSA-2009:248 (php)
The remote host is missing an update to php announced via advisory MDVSA-2009:248. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-on...
Mandrake Security Advisory MDVSA-2009:248 (php)
The remote host is missing an update to php announced via advisory MDVSA-2009:248. OpenVAS Vulnerability Test $Id: mdksa2009248.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:248 php Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...
Mandriva Linux Security Advisory : php (MDVSA-2009:247)
Multiple vulnerabilities was discovered and corrected in php : The dbareplace function in PHP 5.2.6 and 4.x allows context-dependent attackers to cause a denial of service file truncation via a key with the NULL byte. NOTE: this might only be a vulnerability in limited circumstances in which the...
CVE-2009-3292
Unspecified vulnerability in PHP before 5.2.11, and 5.3.x before 5.3.1, has unknown impact and attack vectors related to "missing sanity checks around exif processing."...
Design/Logic Flaw
Unspecified vulnerability in PHP before 5.2.11, and 5.3.x before 5.3.1, has unknown impact and attack vectors related to "missing sanity checks around exif processing."...
CVE-2009-3292
CVE-2009-3292 is an input-sanitization vulnerability in PHP’s Exif processing. The issue is described as an unspecified vulnerability with unknown impact/attack vectors related to missing sanity checks around exif processing. Affected products/versions cited in connected docs include PHP prior to...
php5 -- Multiple security issues
Vendor reports Security Enhancements and Fixes in PHP 5.2.11: Fixed certificate validation inside phpopensslapplyverificationpolicy. Fixed sanity check for the color index in imagecolortransparent. Added missing sanity checks around exif processing. Fixed bug 44683 popen crashes when an invalid...
security flaw
Integer overflow in the exifprocessIFDTAG function in exif.c in PHP before 4.3.11 may allow remote attackers to execute arbitrary code via an IFD tag that leads to a negative byte count...