Mandriva Update for php MDVSA-2011:053 (php)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Mandriva Linux Security Advisory : php (MDVSA-2011:053)

Multiple vulnerabilities has been identified and fixed in php : The zipnamelocate function in zipnamelocate.c in the Zip extension in PHP before 5.3.6 does not properly handle a ZIPARCHIVE::FLUNCHANGED argument, which might allow context-dependent attackers to cause a denial of service applicatio...

Mandriva Linux Security Advisory : php (MDVSA-2011:052)

Multiple vulnerabilities has been identified and fixed in php : The zipnamelocate function in zipnamelocate.c in the Zip extension in PHP before 5.3.6 does not properly handle a ZIPARCHIVE::FLUNCHANGED argument, which might allow context-dependent attackers to cause a denial of service applicatio...

CVE-2011-0173

Multiple format string vulnerabilities in AppleScript in Apple Mac OS X before 10.6.7 allow context-dependent attackers to execute arbitrary code or cause a denial of service application crash via format string specifiers in a 1 display dialog or 2 display alert command in a dialog in an...

Format string

Multiple format string vulnerabilities in AppleScript in Apple Mac OS X before 10.6.7 allow context-dependent attackers to execute arbitrary code or cause a denial of service application crash via format string specifiers in a 1 display dialog or 2 display alert command in a dialog in an...

CVE-2011-0173

CVE-2011-0173 describes multiple format-string vulnerabilities in AppleScript and AppleScript Studio dialogs (display dialog/display alert) on Mac OS X prior to 10.6.7. The issues can allow a context-dependent attacker to cause an arbitrary code execution or a denial of service (application crash...

CVE-2011-0173

Multiple format string vulnerabilities in AppleScript in Apple Mac OS X before 10.6.7 allow context-dependent attackers to execute arbitrary code or cause a denial of service application crash via format string specifiers in a 1 display dialog or 2 display alert command in a dialog in an...

PHP "phar/phar_object.c"格式字符串漏洞

BUGTRAQ ID: 46854 PHP是广泛使用的通用目的脚本语言，特别适合于Web开发，可嵌入到HTML中。 PHP的"phar/pharobject.c"函数在实现上存在格式字符串漏洞，远程攻击者可利用此漏洞绕过某些安全限制或取得提升的权限。 此漏洞源于在将用户提供的输入用作格式说明符发送到格式化的打印函数之前未正确过滤。 PHP PHP 5.3.x PHP PHP 5.2.x 厂商补丁： PHP --- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www.php.net...

PHP 5.3.6 closes five security holes !

The PHP developers have released PHP 5.3.6, a maintenance update to the PHP interpreter. Among over 60 bug fixes are a number of fixes for security related problems. A format string vulnerability in the phar extension of PHP 5.3.5, CVE-2011-1153, may allow attackers to view memory, cause a denial...

CVE-2011-1153

Multiple format string vulnerabilities in pharobject.c in the phar extension in PHP 5.3.5 and earlier allow context-dependent attackers to obtain sensitive information from process memory, cause a denial of service memory corruption, or possibly execute arbitrary code via format string specifiers...

Format string

Multiple format string vulnerabilities in pharobject.c in the phar extension in PHP 5.3.5 and earlier allow context-dependent attackers to obtain sensitive information from process memory, cause a denial of service memory corruption, or possibly execute arbitrary code via format string specifiers...

CVE-2011-1153

Multiple format string vulnerabilities in pharobject.c in the phar extension in PHP 5.3.5 and earlier allow context-dependent attackers to obtain sensitive information from process memory, cause a denial of service memory corruption, or possibly execute arbitrary code via format string specifiers...

CVE-2011-1153

CVE-2011-1153 involves multiple format string vulnerabilities in the php phar extension, specifically phar_object.c, affecting PHP 5.3.5 and earlier. The issue allows context-dependent attackers to obtain sensitive data from process memory, cause memory corruption (DoS), or potentially execute ar...

CVE-2011-1153

Multiple format string vulnerabilities in pharobject.c in the phar extension in PHP 5.3.5 and earlier allow context-dependent attackers to obtain sensitive information from process memory, cause a denial of service memory corruption, or possibly execute arbitrary code via format string specifiers...

SolarFTP USER Command Remote DoS Vulnerability

SolarFTP Server is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

HP OpenView NNM nnmRptConfig.exe Template Format String Code Execution (CVE-2011-0270)

The Network Node Manager NNM is an HP OpenView product which manages networks. It determines and displays physical and logical connectivity in networks, as well as information referring to protocols running over the network. A format string vulnerability has been reported in HP OpenView Network...

FreeBSD Ports: pecl-phar

The remote host is missing an update to the system as announced in the referenced advisory. VID da3d381b-0ee6-11e0-becc-0022156e8794 OpenVAS Vulnerability Test $ Description: Auto generated from VID da3d381b-0ee6-11e0-becc-0022156e8794 Authors: Thomas Reinke Copyright: Copyright c 2011 E-Soft Inc...

FreeBSD Ports: php5

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2011 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

SuSE 11.1 Security Update : iSCSI (SAT Patch Number 2879)

This update of iscscitarget/tgt fixes multiple overflows and a format string vulnerability : - CVE-2010-2221: CVSS v2 Base Score: 5.0 MEDIUM AV:N/AC:L/Au:N/C:N/I:N/A:P: Buffer Errors CWE-119 - CVE-2010-0743: CVSS v2 Base Score: 5.0 MEDIUM AV:N/AC:L/Au:N/C:N/I:N/A:P: Format String Vulnerability...

CVE-2011-0270

Format string vulnerability in nnmRptConfig.exe in HP OpenView Network Node Manager OV NNM 7.51 and 7.53 allows remote attackers to execute arbitrary code via format string specifiers in input data that involves an invalid template name...