PHP <= 5.2.3 EXT/Session HTTP Response Header Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/24268/info PHP is prone to an HTTP-response-header-injection vulnerability because it fails to sanitize user-supplied input. An attacker can exploit this issue to inject additional cookie attributes into session cookies...

PHP 5.2.4及之前版本存在多个漏洞

PHP是一款流行的网络编程语言。 PHP存在多个安全问题，远程攻击者可以利用漏洞进行缓冲区溢出，拒绝服务，和安全绕过攻击。 -dl处理文件名存在问题，可导致跨站脚本攻击。 -dl处理MAXPATHLEN参数大小存在问题，可导致拒绝服务攻击。 -tmlentities/htmlspecialchars处理部分多字节序列存在问题。 -fnmatch, setlocale和glob函数的glibc实现存在缓冲区溢出。 Slackware Linux 10.2 Slackware Linux 10.1 Slackware Linux 12.0 Slackware Linux 11.0...

PHP 5.2.3 - EXT/Session HTTP Response Header Injection

source: https://www.securityfocus.com/bid/24268/info PHP is prone to an HTTP-response-header-injection vulnerability because it fails to sanitize user-supplied input. An attacker can exploit this issue to inject additional cookie attributes into session cookies. This may lead to other attacks. Th...