Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion

...

USN-8414-2 openssl, openssl1.0 vulnerabilities

USN-8414-1 fixed several vulnerabilities in OpenSSL. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Original advisory details: Frank Buss discovered that OpenSSL had a heap buffer over-read in ASN.1 content parsing. An...

CVE-2026-7383 Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion

Issue summary: A signed integer overflow when sizing the destination buffer for Unicode output in ASN1mbstringncopy can lead to a heap buffer overflow. Impact summary: A heap buffer overflow may lead to a crash or possibly attacker controlled code execution or other undefined behaviour. In...

CVE-2026-7383 Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion

Issue summary: A signed integer overflow when sizing the destination buffer for Unicode output in ASN1mbstringncopy can lead to a heap buffer overflow. Impact summary: A heap buffer overflow may lead to a crash or possibly attacker controlled code execution or other undefined behaviour. In...

UBUNTU-CVE-2026-7383

Issue summary: A signed integer overflow when sizing the destination buffer for Unicode output in ASN1mbstringncopy can lead to a heap buffer overflow. Impact summary: A heap buffer overflow may lead to a crash or possibly attacker controlled code execution or other undefined behaviour. In...

PT-2026-40293

In PHP versions 8.4. before 8.4.21 and 8.5. before 8.5.6, when an encoding name containing an embedded NUL byte is passed to mb convert encoding or related mbstring functions, the code incorrectly assumes that when strncasecmp returns 0 it means the strings have the same length. This can lead to...

BIT-LIBPHP-2020-7060 global buffer-overflow in mbfl_filt_conv_big5_wchar

When using certain mbstring functions to convert multibyte encodings, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause function mbflfiltconvbig5wchar to read past the allocated buffer. This may lead to information disclosur...

Zendframework potential Cross-site Scripting vector in `Zend_Service_ReCaptcha_MailHide`

ZendServiceReCaptchaMailHide had a potential XSS vulnerability. Due to the fact that the email address was never validated, and because its use of htmlentities did not include the encoding argument, it was potentially possible for a malicious user aware of the issue to inject a specially crafted...

GHSA-4V57-PWVF-X35J Zendframework potential Cross-site Scripting vector in `Zend_Service_ReCaptcha_MailHide`

ZendServiceReCaptchaMailHide had a potential XSS vulnerability. Due to the fact that the email address was never validated, and because its use of htmlentities did not include the encoding argument, it was potentially possible for a malicious user aware of the issue to inject a specially crafted...

PT-2023-6693 · Bitrix +1 · Bitrix24 +1

Name of the Vulnerable Software and Affected Versions: Bitrix24 version 22.0.300 Description: A logic error in the mb strpos function allows attackers to bypass XSS sanitization by placing HTML tags at the beginning of the payload, potentially leading to a cross-site scripting XSS attack. This...

SUSE CVE-2019-9023

An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A number of heap-based buffer over-read instances are present in mbstring regular expression functions when supplied with invalid multibyte data. These occur in...

SUSE CVE-2019-9025

An issue was discovered in PHP 7.3.x before 7.3.1. An invalid multibyte string supplied as an argument to the mbsplit function in ext/mbstring/phpmbregex.c can cause PHP to execute memcpy with a negative argument, which could read and write past buffers allocated for the data...

The vulnerability of the mbstring() function in the PHP programming language allows attackers to access confidential data and also trigger a denial-of-service attack.

The vulnerability of the mbstring function in the PHP programming language is related to reading buffers beyond the memory boundaries. Exploiting this vulnerability can allow an attacker to gain access to confidential data, as well as cause service interruptions...

CVE-2019-9025

An issue was discovered in PHP 7.3.x before 7.3.1. An invalid multibyte string supplied as an argument to the mbsplit function in ext/mbstring/phpmbregex.c can cause PHP to execute memcpy with a negative argument, which could read and write past buffers allocated for the data...

PHP 7.3.0 Memory Corruption Vulnerability - Linux

An invalid multibyte string supplied as an argument to the mbsplit function in ext/mbstring/phpmbregex.c can cause PHP to execute memcpy with a negative argument, which could read and write past buffers allocated for the data. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might...

PHP 7.3.0 Memory Corruption Vulnerability - Windows

An invalid multibyte string supplied as an argument to the mbsplit function in ext/mbstring/phpmbregex.c can cause PHP to execute memcpy with a negative argument, which could read and write past buffers allocated for the data. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might...

CVE-2019-9025

Removed by vendor...

php: Heap-based buffer overflow in the mbstring extension via crafted string containing a HTML entity (arb code execution)

Heap-based buffer overflow in ext/mbstring/libmbfl/filters/mbfilterhtmlent.c in the mbstring extension in PHP 4.3.0 through 5.2.6 allows context-dependent attackers to execute arbitrary code via a crafted string containing an HTML entity, which is not properly handled during Unicode conversion,...

Directory traversal

Directory traversal vulnerability in the Shared Folders feature for VMWare ACE 1.0.2 and 2.0.2, Player 1.0.4 and 2.0.2, and Workstation 5.5.4 and 6.0.2 allows guest OS users to read and write arbitrary files on the host OS via a multibyte string that produces a wide character string containing...

CVE-2008-0923

Directory traversal vulnerability in the Shared Folders feature for VMWare ACE 1.0.2 and 2.0.2, Player 1.0.4 and 2.0.2, and Workstation 5.5.4 and 6.0.2 allows guest OS users to read and write arbitrary files on the host OS via a multibyte string that produces a wide character string containing...