380 matches found
Critical: php
Issue Overview: The asn1timetotimet function in ext/openssl/openssl.c in PHP before 5.3.28, 5.4.x before 5.4.23, and 5.5.x before 5.5.7 does not properly parse 1 notBefore and 2 notAfter timestamps in X.509 certificates, which allows remote attackers to execute arbitrary code or cause a denial of...
Fedora 17 : php-5.4.17-2.fc17 (2013-12354)
04 Jul 2013, PHP 5.4.17 Core : - Fixed bug 64988 Class loading order affects ESTRICT warning. Laruence - Fixed bug 64966 segfault in zenddofcallcommonhelperSPEC. Laruence - Fixed bug 64960 Segfault in gczvalpossibleroot. Laruence - Fixed bug 64936 doc comments picked up from previous scanner run...
Fedora 18 : php-5.4.17-2.fc18 (2013-12315)
04 Jul 2013, PHP 5.4.17 Core : - Fixed bug 64988 Class loading order affects ESTRICT warning. Laruence - Fixed bug 64966 segfault in zenddofcallcommonhelperSPEC. Laruence - Fixed bug 64960 Segfault in gczvalpossibleroot. Laruence - Fixed bug 64936 doc comments picked up from previous scanner run...
php security, bug fix and enhancement update
5.3.3-22 - php-xml provides php-xmlreader and php-xmlwriter 874987 - fix possible NULL derefence and buffer overflow 879179 - fix zend garbage collector 848186, 868375 5.3.3-21 - fix CVE reference in previous changelog entry 5.3.3-20 - remove reproducer from security fix for CVE-2012-0781 5.3.3-1...
CVE-2012-3818
The fpm exporter in Revelation 0.4.13-2 and earlier encrypts the version number but not the password when exporting a file, which might allow local users to obtain sensitive information...
CVE-2012-3818
The fpm exporter in Revelation 0.4.13-2 and earlier encrypts the version number but not the password when exporting a file, which might allow local users to obtain sensitive information...
DEBIAN-CVE-2012-3818
The fpm exporter in Revelation 0.4.13-2 and earlier encrypts the version number but not the password when exporting a file, which might allow local users to obtain sensitive information...
UBUNTU-CVE-2012-3818
The fpm exporter in Revelation 0.4.13-2 and earlier encrypts the version number but not the password when exporting a file, which might allow local users to obtain sensitive information...
Information disclosure
The fpm exporter in Revelation 0.4.13-2 and earlier encrypts the version number but not the password when exporting a file, which might allow local users to obtain sensitive information...
CVE-2012-3818
The fpm exporter in Revelation 0.4.13-2 and earlier encrypts the version number but not the password when exporting a file, which might allow local users to obtain sensitive information...
CVE-2012-3818
The CVE-2012-3818 issue affects the fpm exporter in Revelation (versions up to and including 0.4.13-2). The root cause is that the exporter encrypts the version number but leaves the password unencrypted when exporting a file, which could allow local users to obtain sensitive information. The con...
CVE-2012-3818
The fpm exporter in Revelation 0.4.13-2 and earlier encrypts the version number but not the password when exporting a file, which might allow local users to obtain sensitive information...
CVE-2012-3818
The fpm exporter in Revelation 0.4.13-2 and earlier encrypts the version number but not the password when exporting a file, which might allow local users to obtain sensitive information...
Fedora 16 : maniadrive-1.2-32.fc16.3 / php-5.3.11-1.fc16 / php-eaccelerator-0.9.6.1-9.fc16.3 (2012-6907)
Upstream Security Enhancements : - Fixed bug 54374 Insufficient validating of upload name leading to corrupted $FILES indices. CVE-2012-1172. - Add openbasedir checks to readlinewritehistory and readlinereadhistory. - Fixed bug 61043 Regression in magicquotesgpc fix for CVE-2012-0831. Upstream...
PHP Group Releases New Versions, But Patch Doesn't Fix CVE-2012-1823 Bug
UPDATE–The developers of PHP have released new versions of the scripting language to fix a remotely exploitable vulnerability announced earlier this week that enables an attacker to pass command-line arguments to the PHP binary. The flaw has been in the code for more than eight years and The PHP...
PHP 5.3 < 5.3.6 String To Double Conversion DoS
Binary data 801082.prm...
Mandriva Linux Security Advisory : php (MDVSA-2010:254)
This is a maintenance and security update that upgrades php to 5.3.4 for 2010.0/2010.1. Security Enhancements and Fixes in PHP 5.3.4 : - Paths with NULL in them foo\0bar.txt are now considered as invalid CVE-2006-7243. - Fixed bug 53512 NumberFormatter::setSymbol crash on bogus values CVE-2010-44...
Mandriva Update for php MDVA-2010:163 (php)
Check for the Version of php OpenVAS Vulnerability Test Mandriva Update for php MDVA-2010:163 php Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...
Mandriva Update for php MDVA-2010:163 (php)
Check for the Version of php OpenVAS Vulnerability Test Mandriva Update for php MDVA-2010:163 php Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...
MDVA-2010:163 : php
This is a maintenance update that upgrades php to the latest upstream versions for CS4/MES5/2008.0/2009.0/2009.1/2010.0. Additionally some of the third party extensions and required dependencies has been upgraded. Corporate Server 4.0 with php-5.1.6 had the old Hardening-Patch 0.4.14 applied...