203 matches found
Design/Logic Flaw
The CaseInsensitiveHashProvider.getHashCode function in the HashTable implementation in the ASP.NET subsystem in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, whic...
CVE-2011-3414
CVE-2011-3414 concerns a denial-of-service in the Microsoft .NET Framework ASP.NET HashTable mapping. The vulnerability arises from the CaseInsensitiveHashProvider.getHashCode function used by the HashTable implementation across .NET Framework 1.1 SP1, 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0, which can ...
CVE-2011-3414
The CaseInsensitiveHashProvider.getHashCode function in the HashTable implementation in the ASP.NET subsystem in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, whic...
CVE-2008-7274
IBM WebSphere Application Server WAS 6.1.0.9, when the JAAS Login functionality is enabled, allows attackers to perform an internal application hashtable login by 1 not providing a password or 2 providing an empty password...
Default credentials
IBM WebSphere Application Server WAS 6.1.0.9, when the JAAS Login functionality is enabled, allows attackers to perform an internal application hashtable login by 1 not providing a password or 2 providing an empty password...
CVE-2008-7274
IBM WebSphere Application Server WAS 6.1.0.9, when the JAAS Login functionality is enabled, allows attackers to perform an internal application hashtable login by 1 not providing a password or 2 providing an empty password...
MOPS-2010-006: PHP addcslashes() Interruption Information Leak Vulnerability
MOPS-2010-006: PHP addcslashes Interruption Information Leak Vulnerability May 3rd, 2010 PHP’s addcslashes function can be abused for information leak attacks, because of the call time pass by reference feature. Affected versions Affected is PHP 5.2 = 5.2.13 Affected is PHP 5.3 = 5.3.2 Credits Th...
MOPS-2010-008: PHP chunk_split() Interruption Information Leak Vulnerability
MOPS-2010-008: PHP chunksplit Interruption Information Leak Vulnerability May 4th, 2010 PHP’s chunksplit function can be abused for information leak attacks, because of the call time pass by reference feature. Affected versions Affected is PHP 5.2 = 5.2.13 Affected is PHP 5.3 = 5.3.2 Credits The...
CVE-2010-0733
Integer overflow in src/backend/executor/nodeHash.c in PostgreSQL 8.4.1 and earlier, and 8.5 through 8.5alpha2, allows remote authenticated users to cause a denial of service daemon crash via a SELECT statement with many LEFT JOIN clauses, related to certain hashtable size calculations...
PHP 4 unserialize() ZVAL Reference Counter Overflow (Cookie)
This module exploits an integer overflow vulnerability in the unserialize function of the PHP web server extension. This vulnerability was patched by Stefan in version 4.5.0 and applies all previous versions supporting this function. This particular module targets numerous web applications and is...
CVE-2007-1700
The session extension in PHP 4 before 4.4.5, and PHP 5 before 5.2.1, calculates the reference count for the session variables without considering the internal pointer from the session globals, which allows context-dependent attackers to execute arbitrary code via a crafted string in the...
MOPB-30-2007:PHP _SESSION unset() Vulnerability
Summary The session extension does not set the correct reference count value for the session variables, because it does not include the internal pointer from within the session globals. Due to this unsetting SESSION and HTTPSESSIONVARS will destroy the Hashtable containing the session data althou...
PHP < 4.4.5 / 5.2.1 _SESSION Deserialization Overwrite Exploit
No description provided by source. ?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept code from the Hardened-PHP...
PHP < 4.4.5/5.2.1 - '_SESSION unset()' Local Overflow
?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept code from the Hardened-PHP Project // // C Copyright 2007 Stefan...
MOPB-extfilter.txt
?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept code from the Hardened-PHP Project // // C Copyright 2007 Stefan...
PHP 5.2.0/5.2.1 Rejected Session ID Double Free Exploit
Exploit for linux platform in category local exploits ======================================================= PHP 5.2.0/5.2.1 Rejected Session ID Double Free Exploit ======================================================= ?php //////////////////////////////////////////////////////////////////////...
PHP 5.2.0/5.2.1 Rejected Session ID Double Free Exploit
No description provided by source. ?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept code from the Hardened-PHP...
PHP 4.4.4 - Unserialize() ZVAL Reference Counter Overflow (PoC)
PHP 4.4.4 - Unserialize ZVAL Reference Counter Overflow PoC ?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept code...
PHP 4 Userland ZVAL Reference Counter Overflow Exploit PoC
No description provided by source. ?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || // // | |/ || '|/ |/ -| ' / -/ |||| /| || / //...
PHP 4 - Userland ZVAL Reference Counter Overflow (PoC)
PHP 4 - Userland ZVAL Reference Counter Overflow PoC Refcount drops down to 0...