EUVD-2017-6132

Malware in sbrugna...

K17313: PHP vulnerability CVE-2014-4721

Security Advisory Description The phpinfo implementation in ext/standard/info.c in PHP before 5.4.30 and 5.5.x before 5.5.14 does not ensure use of the string data type for the PHPAUTHPW, PHPAUTHTYPE, PHPAUTHUSER, and PHPSELF variables, which might allow context-dependent attackers to obtain...

SUSE CVE-2018-7409

In unixODBC before 2.3.5, there is a buffer overflow in the unicodetoansicopy function in DriverManager/info.c...

PT-2022-11634 · Halibut +2 · Halibut +2

Name of the Vulnerable Software and Affected Versions: Halibut version 1.2 Description: A use after free in info width internal in bk info.c allows an attacker to cause a segmentation fault or possibly have unspecified other impact via a crafted text document. Recommendations: For Halibut version...

Remote Code Execution

libvorbis is vulnerable to remote code execution. The vulnerability exists when freeing uninitialized memory in the function vorbisanalysisheaderout in info.c when vi-channels=0, a similar issue to Mozilla bug 550184...

Information Disclosure

php is vulnerable to information disclosure. The vulnerability exists as the phpinfo implementation in ext/standard/info.c does not ensure use of the string data type for the PHPAUTHPW, PHPAUTHTYPE, PHPAUTHUSER, and PHPSELF...

Heap overflow

printiso9660recurse in iso-info.c in GNU libcdio before 1.0.0 allows remote attackers to cause a denial of service heap-based buffer over-read or possibly have unspecified other impact via a crafted iso file...

CVE-2017-14632

Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing uninitialized memory in the function vorbisanalysisheaderout in info.c when vi-channels=0, a similar issue to Mozilla bug 550184...

Remote code execution

Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing uninitialized memory in the function vorbisanalysisheaderout in info.c when vi-channels=0, a similar issue to Mozilla bug 550184...

CVE-2017-14632

Xiph.Org libvorbis 1.3.5 is vulnerable to CVE-2017-14632: remote code execution via freeing uninitialized memory in vorbis_analysis_headerout() when vi->channels

CVE-2017-14632

Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing uninitialized memory in the function vorbisanalysisheaderout in info.c when vi-channels=0, a similar issue to Mozilla bug 550184...

Type confusion

The phpinfo implementation in ext/standard/info.c in PHP before 5.4.30 and 5.5.x before 5.5.14 does not ensure use of the string data type for the PHPAUTHPW, PHPAUTHTYPE, PHPAUTHUSER, and PHPSELF variables, which might allow context-dependent attackers to obtain sensitive information from process...

Stack overflow

Stack-based buffer overflow in the printiso9660recurse function in iso-info src/iso-info.c in GNU Compact Disc Input and Control Library libcdio 0.79 and earlier allows context-dependent attackers to cause a denial of service core dump and possibly execute arbitrary code via a disk or image that...

Heap overflow

lib/info.c in libvorbis 1.1.2, and possibly other versions before 1.2.0, allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via invalid 1 blocksize0 and 2 blocksize1 values, which trigger a "heap overwrite" in the 01inverse function in res0.c. NOTE...

CVE-2007-3106

lib/info.c in libvorbis 1.1.2, and possibly other versions before 1.2.0, allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via invalid 1 blocksize0 and 2 blocksize1 values, which trigger a "heap overwrite" in the 01inverse function in res0.c. NOTE...

security flaw

Cross-site scripting XSS vulnerability in phpinfo info.c in PHP 5.1.2 and 4.4.2 allows remote attackers to inject arbitrary web script or HTML via long array variables, including 1 a large number of dimensions or 2 long values, which prevents HTML tags from being removed...