Scientific Linux Security Update : php on SL5.x i386/x86_64

It was discovered that the PHP escapeshellcmd function did not properly escape multi-byte characters which are not valid in the locale used by the script. This could allow an attacker to bypass quoting restrictions imposed by escapeshellcmd and execute arbitrary commands if the PHP script was usi...

Scientific Linux Security Update : php on SL3.x, SL4.x, SL5.x i386/x86_64

CVE-2009-2687 php: exifreaddata crash on corrupted JPEG files CVE-2009-3292 php: exif extension: Multiple missing sanity checks in EXIF file processing CVE-2009-3291 php: openssl extension: Incorrect verification of SSL certificate with NUL in name CVE-2009-3546 gd: insufficient input validation ...

codeigniter -- SQL injection vulnerability

The CodeIgniter changelog reports: An improvement was made to the MySQL and MySQLi drivers to prevent exposing a potential vector for SQL injection on sites using multi-byte character sets in the database client connection. An incompatibility in PHP versions 5.0.7 with mysqlsetcharset creates a...

videoDB 3.1.0 SQL Injection

DORK:allinurl:borrow.php?diskid= DORK:allintitle:videodb Vendor: http://www.videodb.net/blog/ $ ----------- | S3C0VERUN | & ------------@ along with this i was able in some sites to determine that you can overwrite the databse contents and also if you look in the source you se there password the...

RHEL 4 : bash (RHSA-2011:0261)

Updated bash packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity ratin...

Debian DSA-2001-1 : php5 - multiple vulnerabilities

Several remote vulnerabilities have been discovered in PHP 5, an hypertext preprocessor. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-4142 The htmlspecialchars function does not properly handle invalid multi-byte sequences. - CVE-2009-4143 Memory...

USN-870-1: PyGreSQL vulnerability

Steffen Joeris discovered that PyGreSQL 3.8 did not use PostgreSQL's safe string and bytea functions in its own escaping functions. As a result, applications written to use PyGreSQL's escaping functions are vulnerable to SQL injections when processing certain multi-byte character sequences. Becau...

Moderate: Red Hat Security Advisory: php security and bug fix update

Updated php packages that fix several security issues and a bug are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web...

RHEL 3 / 5 : php (RHSA-2008:0544)

Updated PHP packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web...

CVE-2007-3527

Integer overflow in Firebird 2.0.0 allows remote authenticated users to cause a denial of service CPU consumption via certain database operations with multi-byte character sets that trigger an attempt to use the value 65536 for a 16-bit integer, which is treated as 0 and causes an infinite loop o...

CVE-2007-3527

Integer overflow in Firebird 2.0.0 allows remote authenticated users to cause a denial of service CPU consumption via certain database operations with multi-byte character sets that trigger an attempt to use the value 65536 for a 16-bit integer, which is treated as 0 and causes an infinite loop o...

Integer overflow

Integer overflow in Firebird 2.0.0 allows remote authenticated users to cause a denial of service CPU consumption via certain database operations with multi-byte character sets that trigger an attempt to use the value 65536 for a 16-bit integer, which is treated as 0 and causes an infinite loop o...

CVE-2007-3527

CVE-2007-3527 : Firebird 2.0.0 contains an integer overflow that can be triggered by certain multi-byte character set operations, allowing remote authenticated users to cause a denial of service via CPU consumption due to an infinite loop when a 16-bit integer is set to 65536. The vulnerability a...

CVE-2007-3527

Integer overflow in Firebird 2.0.0 allows remote authenticated users to cause a denial of service CPU consumption via certain database operations with multi-byte character sets that trigger an attempt to use the value 65536 for a 16-bit integer, which is treated as 0 and causes an infinite loop o...

Buffer overflow

Buffer overflow in the On-Access Scanner in McAfee VirusScan Enterprise before 8.0i Patch 12 allows user-assisted remote attackers to execute arbitrary code via a long filename containing multi-byte Unicode characters...

CVE-2007-2152

Buffer overflow in the On-Access Scanner in McAfee VirusScan Enterprise before 8.0i Patch 12 allows user-assisted remote attackers to execute arbitrary code via a long filename containing multi-byte Unicode characters...

[Full-disclosure] iDefense Security Advisory 04.17.07: McAfee VirusScan On-Access Scanner Long Unicode File Name Buffer Overflow

McAfee VirusScan On-Access Scanner Long Unicode File Name Buffer Overflow iDefense Security Advisory 04.17.07 http://labs.idefense.com/intelligence/vulnerabilities/ Apr 17, 2007 I. BACKGROUND McAfee VirusScan is an AntiVirus application that offers protection against the latest computer virus...

GLSA-200606-13 : MySQL: SQL Injection

The remote host is affected by the vulnerability described in GLSA-200606-13 MySQL: SQL Injection MySQL is vulnerable to an injection flaw in mysqlrealescape when used with multi-byte characters. Impact : Due to a flaw in the multi-byte character process, an attacker is still able to inject...

MySQL: SQL Injection

Background MySQL is a popular multi-threaded, multi-user SQL server. Description MySQL is vulnerable to an injection flaw in mysqlrealescape when used with multi-byte characters. Impact Due to a flaw in the multi-byte character process, an attacker is still able to inject arbitary SQL statements...

CVE-2006-2753

SQL injection vulnerability in MySQL 4.1.x before 4.1.20 and 5.0.x before 5.0.22 allows context-dependent attackers to execute arbitrary SQL commands via crafted multibyte encodings in character sets such as SJIS, BIG5, and GBK, which are not properly handled when the mysqlrealescape function is...