8510 matches found
PHP 5.5.x < 5.5.34 / 5.6.x < 5.6.20 / 7.0.x < 7.0.5 Multiple Vulnerabilities
Binary data 9171.prm...
PHP 5.5.x < 5.5.34 Multiple Vulnerabilities
According to its banner, the version of PHP running on the remote web server is 5.5.x prior to 5.5.34. It is, therefore, affected by multiple vulnerabilities : - A buffer over-write condition exists in the finfoopen function due to improper validation of magic files. An unauthenticated, remote...
PHP 7.0.x < 7.0.5 Multiple Vulnerabilities
According to its banner, the version of PHP running on the remote web server is 7.0.x prior to 7.0.5. It is, therefore, affected by multiple vulnerabilities : - A buffer over-write condition exists in the finfoopen function due to improper validation of magic files. An unauthenticated, remote...
PHP 5.6.x < 5.6.20 Multiple Vulnerabilities
According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.20. It is, therefore, affected by multiple vulnerabilities : - A buffer over-write condition exists in the finfoopen function due to improper validation of magic files. An unauthenticated, remote...
PHP 5.5.33 / 7.0.4 - SNMP Format String
Exploit for multiple platform in category remote exploits // Should bypass ASLR/NX just fine // This exploit utilizes PHP's internal "%Z" zval // format specifier in order to achieve code-execution. // We fake an object-type zval in memory and then bounce // through it carefully. First though, we...
PHP 5.5.337.0.4 - SNMP Format String
PHP 5.5.337.0.4 - SNMP Format String // Should bypass ASLR/NX just fine // This exploit utilizes PHP's internal "%Z" zval // format specifier in order to achieve code-execution. // We fake an object-type zval in memory and then bounce // through it carefully. First though, we use the same // bug ...
PHP 5.5.33/7.0.4 - SNMP Format String
// Should bypass ASLR/NX just fine // This exploit utilizes PHP's internal "%Z" zval // format specifier in order to achieve code-execution. // We fake an object-type zval in memory and then bounce // through it carefully. First though, we use the same // bug to leak a pointer to the string itsel...
Internet Bug Bounty: php_snmp_error() Format String Vulnerability
PHP snmperrstr was passed directly to zendthrowexceptionex without a "%s". This issue appears to have been present across all PHP versions. In testing, I have been able to leverage this vulnerability for full code-execution by abusing PHP's internal "%Z" zval format specifier. In the interest of...
php -- multiple vulnerabilities
The PHP Group reports: Fileinfo: Fixed bug 71527 Buffer over-write in finfoopen with malformed magic file. mbstring: Fixed bug 71906 AddressSanitizer: negative-size-param -1 in mbflstrcut. Phar: Fixed bug 71860 Invalid memory write in phar on filename with \0 in name. SNMP: Fixed bug 71704...
GLSA-201603-12 : FlightGear, SimGear: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201603-12 FlightGear, SimGear: Multiple vulnerabilities Multiple format string vulnerabilities in FlightGear and SimGear allow user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via...
Gentoo Security Advisory GLSA 201603-12
Gentoo Linux Local Security Checks SPDX-FileCopyrightText: 2016 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.121454";...
FlightGear, SimGear: Multiple vulnerabilities
Background FlightGear is an open-source flight simulator. It supports a variety of popular platforms Windows, Mac, Linux, etc. and is developed by skilled volunteers from around the world. Source code for the entire project is available and licensed under the GNU General Public License. SimGear i...
PT-2016-3271 · Xmlsoft +5 · Libxml2 +5
Name of the Vulnerable Software and Affected Versions: libxml2 versions prior to 2.9.4 Description: The issue is related to a format string vulnerability in the libxml2 library. This vulnerability may allow attackers to have an unspecified impact through format string specifiers in unknown vector...
OpenSSL Multiple Vulnerabilities -01 (Mar 2016) - Linux
OpenSSL is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:openssl:openssl"; ifdescription...
OpenSSL Multiple Vulnerabilities -01 (Mar 2016) - Windows
OpenSSL is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:openssl:openssl"; ifdescription...
Advantech WebAccess webvrpcs Service BwOpcSvc.dll sprintf Uncontrolled Format String Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x13881 IOCTL in the BwOpcTool subsystem. An uncontrolled...
PHP 7.0.x < 7.0.1 Multiple Vulnerabilities
Binary data 9064.prm...
The vulnerability of the PHP interpreter allows attackers to execute arbitrary code.
The vulnerability of the zendthroworerror function in the Zend/zendexecuteAPI.c module of the PHP interpreter is related to the use of an uncontrolled format string. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code by using format string parameters that involv...
Internet Bug Bounty: PHP-FPM fpm_log.c memory leak and buffer overflow
The FastCGI Process Manager FPM SAPI of PHP was vulnerable to memory leak and buffer overflow in the access logging feature. PHP-FPM offers customization of the access log lines based on format string variables which can be specified with the access.format option of the FPM configuration file. Th...
CVE-2015-8617
Format string vulnerability in the zendthroworerror function in Zend/zendexecuteAPI.c in PHP 7.x before 7.0.1 allows remote attackers to execute arbitrary code via format string specifiers in a string that is misused as a class name, leading to incorrect error handling...