PHP 5.4.x < 5.4.41 / 5.5.x < 5.5.25 Multiple Vulnerabilities

Binary data 8785.prm...

Libmimedir Special File Arbitrary Code Execution Vulnerability

libmimedir is a library of graphical objects based on the RFC implementation of 2425 and 2426. A security vulnerability exists in libmimedir. A remote attacker can construct a specially crafted VCF file with two null bytes added to the end of the file and trick the user into parsing it, which can...

CVE-2015-3205

libmimedir allows remote attackers to execute arbitrary code via a VCF file with two NULL bytes at the end of the file, related to "free" function calls in the "lexer's memory clean-up procedure."...

CVE-2015-3205

Libmimedir’s VCF parser is vulnerable to memory corruption when parsing a VCF file with two trailing NULL bytes, triggering risky free() calls during lexer memory cleanup. A PoC/exploit code demonstrates potential arbitrary code execution via crafted VCF inputs; exploitation status in the wild is...

[SECURITY] [DSA 3280-1] php5 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3280-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff June 07, 2015 http://www.debian.org/security/faq -...

PHP 5.4.x < 5.4.41 Multiple Vulnerabilities

According to its banner, the version of PHP 5.4.x running on the remote web server is prior to 5.4.41. It is, therefore, affected by multiple vulnerabilities : - Multiple unspecified flaws in pcrelib. CVE-2015-2325, CVE-2015-2326 - A flaw in the pharparsetarfile function in ext/phar/tar.c could...

Google Android Operating System < 4.4.0 Multiple Vulnerabilities

Binary data 8664.prm...

USN-2391-1: php5 vulnerabilities

Symeon Paraschoudis discovered that PHP incorrectly handled the mkgmtime function. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service. CVE-2014-3668 Symeon Paraschoudis discovered that PHP incorrectly handled unserializing objects. A remote...

USN-2391-1 php5 vulnerabilities

Symeon Paraschoudis discovered that PHP incorrectly handled the mkgmtime function. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service. CVE-2014-3668 Symeon Paraschoudis discovered that PHP incorrectly handled unserializing objects. A remote...

CVE-2014-8756

The NcrCtl4.NcrNet.1 control in Panasonic Network Camera Recorder before 4.04R03 allows remote attackers to execute arbitrary code via a crafted GetVOLHeader method call, which writes null bytes to an arbitrary address...

CVE-2014-8756

Panasonic Network Camera Recorder vulnerability CVE-2014-8756 affects the NcrCtl4.NcrNet.1 GetVOLHeader call, enabling remote code execution via an arbitrary write of null bytes to an attacker-controlled address. This is a browser/remote execution issue that requires user interaction (e.g., visit...

Panasonic Network Camera Recorder NcrCtl4.NcrNet.1 GetVOLHeader Arbitrary Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Panasonic Network Camera Recorder. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...

PHP 5.4.x < 5.4.32, 5.5.x < 5.5.15 Multiple Vulnerabilities (Aug 2014)

PHP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; ifdescription...

USN-2315-1 serf vulnerability

Ben Reser discovered that serf did not correctly handle SSL certificates with NUL bytes in the CommonName or SubjectAltNames fields. A remote attacker could exploit this to perform a machine-in-the-middle attack to view sensitive information or alter encrypted communications...

Apache Tomcat 3.x Null Byte Directory/File Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6721/info Apache Tomcat is prone to a directory/file disclosure vulnerability when used with JDK 1.3.1 or earlier. It has been reported that remote attackers may view directory contents even when an 'index.html' or other...

Zen Cart 1.3.9f (typefilter) - Local File Inclusion Vulnerability

No description provided by source. Zen Cart v1.3.9f typefilter Local File Inclusion Vulnerability Vendor: Zen Ventures, LLC Product web page: http://www.zen-cart.com Version affected: 1.3.9f Summary: Zen Cart is an online store management system. It is PHP-based, using a MySQL database and HTML...

Cosmicperl Directory Pro 2.0 Arbitrary File Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2793/info Webdirectory Pro is a web application used to create a searchable directory of links developed by Cosmicperl. Webdirectory Pro contains an input validation vulnerability which may lead to disclosure of sensitive...

MantisBT <= 1.2.3 (db_type) - Local File Inclusion Vulnerability

No description provided by source. MantisBT =1.2.3 dbtype Local File Inclusion Vulnerability Vendor: MantisBT Group Product web page: http://www.mantisbt.org Version affected: 1.2.4 Summary: MantisBT is a free popular web-based bugtracking system. It is written in the PHP scripting language and...

iManager Plugin 1.2.8 (lang) - Local File Inclusion Vulnerability

No description provided by source. iManager Plugin v1.2.8 lang Local File Inclusion Vulnerability Vendor: net4visions.com Product web page: http://www.net4visions.com Affected version: = 1.2.8 Build 02012008 Summary: With iManager you can manage your files/images on your webserver, and it provide...

PyPAM - Python bindings for PAM - Double Free Corruption

No description provided by source. === LSE Leading Security Experts - Security Advisory 2012-03-01 === PyPAM -- Python bindings for PAM - Double Free Corruption --------------------------------------------------------- Affected Versions ================= PyPAM = 0.4.2 Red Hat PyPAM = 0.5.0-12...