68 matches found
PHP buffer overflow
Buffer overflow in PHP before 5.2.0 allows remote attackers to execute arbitrary code via crafted UTF-8 inputs to the 1 htmlentities or 2 htmlspecialchars functions...
php security update
CentOS Errata and Security Advisory CESA-2006:0730-01 Updated PHP packages that fix a security issue are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HT...
PHP buffer overflow
Buffer overflow in PHP before 5.2.0 allows remote attackers to execute arbitrary code via crafted UTF-8 inputs to the 1 htmlentities or 2 htmlspecialchars functions...
CVE-2006-5465
Buffer overflow in PHP before 5.2.0 allows remote attackers to execute arbitrary code via crafted UTF-8 inputs to the 1 htmlentities or 2 htmlspecialchars functions...
PHP HTMLEntities和HTMLSpecialChars函数缓冲区溢出漏洞
PHP是广泛使用的通用目的脚本语言,特别适合于Web开发,可嵌入到HTML中。 PHP在处理HTML实体时存在漏洞,远程攻击者可能利用此漏洞在PHP服务器上执行任意指令。 PHP的HTML实体编码器在每次到达当前缓冲区末尾的时候都会增加其输出缓冲区的大小,但这种检查假设HTML实体的最大长度为8个字符。尽管这种假设在大多数情况下都是正确的,但希腊字符集就可能包含有大于8个字符的实体,因此攻击者就可以通过在输入字符串中包含希腊theta UTF-8字符来触发缓冲区溢出。...
PHP functions buffer overflow
Buffer overflow in htmlentities and htmlspecialchars on UTF-8 encoding...
[Full-disclosure] TP-Book <= 1.00 Cross Site Scripting Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Advisory: TP-Book = 1.00 Cross Site Scripting Vulnerabilities Release Date: 2006/07/25 Last Modified: 2006/07/25 Author: Tamriel tamriel at gmx dot net Application: TP-Book = 1.00 Risk: Low Vendor Status: not contacted Vendor Site:...
hdweGUEST <= 2.1.1 Cross Site Scripting Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Advisory: hdweGUEST = 2.1.1 Cross Site Scripting Vulnerabilities Release Date: 2006/07/18 Last Modified: 2006/07/18 Author: Tamriel tamriel at gmx dot net Application: hdweGUEST 2.1.1 Risk: Low Vendor Status: contacted | no reply | no patch available...