Mandriva Linux Security Advisory : php (MDVSA-2008:126)

A number of vulnerabilities have been found and corrected in PHP : PHP 5.2.1 would allow context-dependent attackers to read portions of heap memory by executing certain scripts with a serialized data input string beginning with 'S:', which did not properly track the number of input bytes being...

Mandriva Update for php MDVSA-2008:126 (php)

Check for the Version of php OpenVAS Vulnerability Test Mandriva Update for php MDVSA-2008:126 php Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

Mandriva Update for php MDVSA-2008:127 (php)

Check for the Version of php OpenVAS Vulnerability Test Mandriva Update for php MDVSA-2008:127 php Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

Mandriva Update for php MDVSA-2008:127 (php)

Check for the Version of php OpenVAS Vulnerability Test Mandriva Update for php MDVSA-2008:127 php Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

Mandriva Update for php MDVSA-2008:126 (php)

Check for the Version of php OpenVAS Vulnerability Test Mandriva Update for php MDVSA-2008:126 php Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

Ubuntu 6.06 LTS / 7.04 / 7.10 / 8.04 LTS : php5 vulnerabilities (USN-628-1)

It was discovered that PHP did not properly check the length of the string parameter to the fnmatch function. An attacker could cause a denial of service in the PHP interpreter if a script passed untrusted input to the fnmatch function. CVE-2007-4782 Maksymilian Arciemowicz discovered a flaw in t...

USN-628-1: PHP vulnerabilities

It was discovered that PHP did not properly check the length of the string parameter to the fnmatch function. An attacker could cause a denial of service in the PHP interpreter if a script passed untrusted input to the fnmatch function. CVE-2007-4782 Maksymilian Arciemowicz discovered a flaw in t...

php session ID leakage

The outputaddrewritevar function in PHP before 5.2.5 rewrites local forms in which the ACTION attribute references a non-local URL, which allows remote attackers to obtain potentially sensitive information by reading the requests for this URL, as demonstrated by a rewritten form containing a loca...

Debian DSA-1444-2 : php5 - several vulnerabilities

It was discovered that the patch for CVE-2007-4659 could lead to regressions in some scenarios. The fix has been reverted for now, a revised update will be provided in a future PHP DSA. For reference the original advisory below : Several remote vulnerabilities have been discovered in PHP, a...

[SECURITY] [DSA 1444-1] New php5 packages fix several vulnerabilities

------------------------------------------------------------------------ Debian Security Advisory DSA-1444-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff January 03, 2008 http://www.debian.org/security/faq -...

Ubuntu 7.10 : php5 regression (USN-549-2)

USN-549-1 fixed vulnerabilities in PHP. However, some upstream changes were incomplete, which caused crashes in certain situations with Ubuntu 7.10. This update fixes the problem. We apologize for the inconvenience. It was discovered that the wordwrap function did not correctly check lengths...