EUVD-2007-1819

Malware in sbrugna...

Arbitrary Code Execution

php is vulnerable to arbitrary code execution. A number of buffer overflow flaws were found in the PHP session extension; the strreplace function; and the imapmailcompose function. If very long strings were passed to the strreplace function, an integer overflow could occur in memory allocation. I...

PHP <= 5.1.6 Imap_Mail_Compose() Function Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/23234/info PHP is prone to a buffer-overflow vulnerability because the application fails to perform boundary checks before copying user-supplied data to insufficiently sized memory buffers. An attacker can exploit this...

PHP 4.x < 4.4.5, 5.x < 5.2.1 Buffer Overflow Vulnerability

PHP is prone to a buffer overflow vulnerability because the application fails to perform boundary checks before copying user-supplied data to insufficiently sized memory buffers. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are...

PHP Imap_Mail_Compose 函数存在缓冲区溢出漏洞

No description provided by source...

Mandriva Update for php MDKSA-2007:048 (php)

Check for the Version of php OpenVAS Vulnerability Test Mandriva Update for php MDKSA-2007:048 php Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

MOPB-40-2007:PHP imap_mail_compose&#40;&#41; Boundary Stack Buffer Overflow Vulnerability

Summary The imapmailcompose function of PHP that can be used to construct multipart emails will overflow a stack buffer when it is passed an overlong boundary string. This can lead to arbitrary code execution. Affected versions Affected are PHP 4 4.4.5 and PHP 5 5.2.1 Detailed information The...

PHP Imap_Mail_Compose()函数缓冲区溢出漏洞

BUGTRAQ ID: 23234 PHP是广泛使用的通用目的脚本语言，特别适合于Web开发，可嵌入到HTML中。 PHP的imapmailcompose函数实现上存在缓冲区溢出漏洞，本地攻击者可能利用此漏洞提升权限。 imapmailcompose函数在名为tmp的栈缓冲区中创建固定大小的多部邮件： PHPFUNCTIONimapmailcompose ... char tmp8 MAILTMPLEN, mystring=NULL, t=NULL, tempstring=NULL;...

CVE-2007-1825

Buffer overflow in the imapmailcompose function in PHP 5 before 5.2.1, and PHP 4 before 4.4.5, allows remote attackers to execute arbitrary code via a long boundary string in a type.parameters field. NOTE: as of 20070411, it appears that this issue might be subsumed by CVE-2007-0906.3...

CVE-2007-1825

Buffer overflow in the imapmailcompose function in PHP 5 before 5.2.1, and PHP 4 before 4.4.5, allows remote attackers to execute arbitrary code via a long boundary string in a type.parameters field. NOTE: as of 20070411, it appears that this issue might be subsumed by CVE-2007-0906.3...

Buffer overflow

Buffer overflow in the imapmailcompose function in PHP 5 before 5.2.1, and PHP 4 before 4.4.5, allows remote attackers to execute arbitrary code via a long boundary string in a type.parameters field. NOTE: as of 20070411, it appears that this issue might be subsumed by CVE-2007-0906.3...

PHP 5.1.6 - &#039;Imap_Mail_Compose()&#039; Remote Buffer Overflow

source: https://www.securityfocus.com/bid/23234/info PHP is prone to a buffer-overflow vulnerability because the application fails to perform boundary checks before copying user-supplied data to insufficiently sized memory buffers. An attacker can exploit this issue to execute arbitrary machine...

Important: Red Hat Security Advisory: php security update

Updated PHP packages that fix several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. A...

php security update

CentOS Errata and Security Advisory CESA-2007:0081-01 Updated PHP packages that fix several security issues are now available for Red Hat Enterprise Linux 2.1. This update has been rated as having important security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting...

Mandrake Linux Security Advisory : php (MDKSA-2007:048)

A number of vulnerabilities were discovered in PHP language. Many buffer overflow flaws were discovered in the PHP session extension, the strreplace function, and the imapmailcompose function. An attacker able to use a PHP application using any of these functions could trigger these flaws and...

RHEL 4 : php (RHSA-2007:0076)

The remote Redhat Enterprise Linux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2007:0076 advisory. - security flaw CVE-2007-0906, CVE-2007-0907, CVE-2007-0908, CVE-2007-0909, CVE-2007-0910, CVE-2007-0988 - php session extension information...

CVE-2007-0906

Multiple buffer overflows in PHP before 5.2.1 allow attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors in the 1 session, 2 zip, 3 imap, and 4 sqlite extensions; 5 stream filters; and the 6 strreplace, 7 mail, 8 ibasedeleteuser, 9 ibaseadduser, and 1...

CVE-2007-0906

Multiple buffer overflows in PHP before 5.2.1 allow attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors in the 1 session, 2 zip, 3 imap, and 4 sqlite extensions; 5 stream filters; and the 6 strreplace, 7 mail, 8 ibasedeleteuser, 9 ibaseadduser, and 1...