30 matches found
CVE-2024-8932
In PHP versions 8.1. before 8.1.31, 8.2. before 8.2.26, 8.3. before 8.3.14, uncontrolled long string inputs to ldapescape function on 32-bit systems can cause an integer overflow, resulting in an out-of-bounds write...
CVE-2024-8932
CVE-2024-8932 affects PHP 8.1.x up to 8.1.31, PHP 8.2.x up to 8.2.26, and PHP 8.3.x up to 8.3.14. The issue arises from unchecked, very long inputs to ldap_escape() on 32‑bit systems, causing an integer overflow and an out‑of‑bounds write. Impact is information disclosure/DoS potential as describ...
CVE-2024-8932 OOB access in ldap_escape
In PHP versions 8.1. before 8.1.31, 8.2. before 8.2.26, 8.3. before 8.3.14, uncontrolled long string inputs to ldapescape function on 32-bit systems can cause an integer overflow, resulting in an out-of-bounds write...
CVE-2024-8932
In PHP versions 8.1. before 8.1.31, 8.2. before 8.2.26, 8.3. before 8.3.14, uncontrolled long string inputs to ldapescape function on 32-bit systems can cause an integer overflow, resulting in an out-of-bounds write...
CVE-2024-8932
In PHP versions 8.1. before 8.1.31, 8.2. before 8.2.26, 8.3. before 8.3.14, uncontrolled long string inputs to ldapescape function on 32-bit systems can cause an integer overflow, resulting in an out-of-bounds write...
CVE-2020-1916
An incorrect size calculation in ldapescape may lead to an integer overflow when overly long input is passed in, resulting in an out-of-bounds write. This issue affects HHVM prior to 4.56.2, all versions between 4.57.0 and 4.78.0, 4.79.0, 4.80.0, 4.81.0, 4.82.0, 4.83.0...
Integer overflow
An incorrect size calculation in ldapescape may lead to an integer overflow when overly long input is passed in, resulting in an out-of-bounds write. This issue affects HHVM prior to 4.56.2, all versions between 4.57.0 and 4.78.0, 4.79.0, 4.80.0, 4.81.0, 4.82.0, 4.83.0...
CVE-2020-1916
An incorrect size calculation in ldapescape may lead to an integer overflow when overly long input is passed in, resulting in an out-of-bounds write. This issue affects HHVM prior to 4.56.2, all versions between 4.57.0 and 4.78.0, 4.79.0, 4.80.0, 4.81.0, 4.82.0, 4.83.0...
CVE-2020-1916
CVE-2020-1916 involves an incorrect size calculation in ldap_escape that can cause an integer overflow and an out-of-bounds write. Affected software is HHVM versions prior to 4.56.2, and all versions between 4.57.0 and 4.83.0 (including 4.78.x, 4.79.x, 4.80.x, 4.81.x, 4.82.x, 4.83.x). The root ca...
Internet Bug Bounty: ldap_escape could produce string larger than 2Gb
https://bugs.php.net/bug.php?id=72975...