13 matches found
EUVD-2016-8254
Malware in sbrugna...
CVE-2016-7398
A type confusion vulnerability in the mergeparam function of phphttpparams.c in PHP's pecl-http extension 3.1.0beta2 PHP 7 and earlier as well as 2.6.0beta2 PHP 5 and earlier allows attackers to crash PHP and possibly execute arbitrary code via crafted HTTP requests...
Synology WebDAV Server Path Traversal Vulnerability
Synology WebDAV Server is an HTTP expansion service that allows users to edit and manage files stored on remote servers. A path traversal vulnerability exists in Synology WebDAV Server, which stems from an improper restriction of the pathname of a restricted directory by the webapi component, and...
Microsoft Warns of Critical Windows Zero-Day Flaws
Microsoft is warning of critical zero-day flaws in its Windows operating system that could enable remote code execution. The unpatched flaws are being exploited by attackers in “limited, targeted” attacks, the company said. According to Microsoft, two remote code execution vulnerabilities exist i...
DEBIAN-CVE-2016-7398
A type confusion vulnerability in the mergeparam function of phphttpparams.c in PHP's pecl-http extension 3.1.0beta2 PHP 7 and earlier as well as 2.6.0beta2 PHP 5 and earlier allows attackers to crash PHP and possibly execute arbitrary code via crafted HTTP requests...
Type confusion
A type confusion vulnerability in the mergeparam function of phphttpparams.c in PHP's pecl-http extension 3.1.0beta2 PHP 7 and earlier as well as 2.6.0beta2 PHP 5 and earlier allows attackers to crash PHP and possibly execute arbitrary code via crafted HTTP requests...
UBUNTU-CVE-2016-7398
A type confusion vulnerability in the mergeparam function of phphttpparams.c in PHP's pecl-http extension 3.1.0beta2 PHP 7 and earlier as well as 2.6.0beta2 PHP 5 and earlier allows attackers to crash PHP and possibly execute arbitrary code via crafted HTTP requests...
CVE-2016-7398
A type confusion vulnerability in the mergeparam function of phphttpparams.c in PHP's pecl-http extension 3.1.0beta2 PHP 7 and earlier as well as 2.6.0beta2 PHP 5 and earlier allows attackers to crash PHP and possibly execute arbitrary code via crafted HTTP requests...
CVE-2016-7398
A type confusion vulnerability in the mergeparam function of phphttpparams.c in PHP's pecl-http extension 3.1.0beta2 PHP 7 and earlier as well as 2.6.0beta2 PHP 5 and earlier allows attackers to crash PHP and possibly execute arbitrary code via crafted HTTP requests...
[SECURITY] Fedora 24 Update: php-pecl-http-2.5.6-1.fc24
The HTTP extension aims to provide a convenient and powerful set of functionality for major applications. The HTTP extension eases handling of HTTP URLs, dates, redirects, headers and messages in a HTTP context both incoming and outgoing. It also provid es means for client negotiation of preferre...
[SECURITY] Fedora 22 Update: php-pecl-http-2.5.6-1.fc22
The HTTP extension aims to provide a convenient and powerful set of functionality for major applications. The HTTP extension eases handling of HTTP URLs, dates, redirects, headers and messages in a HTTP context both incoming and outgoing. It also provid es means for client negotiation of preferre...
Microsoft Considering Public-Key Pinning for Internet Explorer
Microsoft is considering adding public-key pinning–an important defense against man-in-the-middle attacks–to Internet Explorer. The feature is designed to help protect users against the types of MITM attacks that rely on forged certificates, which comprise a large portion of those attacks...
Mozilla to Support Key Pinning in Firefox 32
Mozilla is planning to add support for public-key pinning in its Firefox browser in an upcoming version. In version 32, which would be the next stable version of the browser, Firefox will have key pins for a long list of sites, including many of Mozilla’s own sites, all of the sites pinned in...