43 matches found
EUVD-2007-1516
Malware in sbrugna...
EUVD-2007-1703
Malware in sbrugna...
CVE-2007-1824
Buffer overflow in the phpstreamfiltercreate function in PHP 5 before 5.2.1 allows remote attackers to cause a denial of service application crash via a php://filter/ URL that has a name ending in the '.' character...
CVE-2007-0911
Off-by-one error in the strireplace function in PHP 5.2.1 might allow context-dependent attackers to cause a denial of service crash...
PHP <= 5.2.1 hash_update_file() Freed Resource Usage Exploit
No description provided by source. ?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept code from the Hardened-PHP...
PHP 4.x < 4.4.5, 5.x < 5.2.1 Multiple Integer Overflow Vulnerabilities
PHP is prone to multiple integer overflow vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; ifdescriptio...
php 5.2.1 msg-receive 整数溢出漏洞
No description provided by source...
Mandriva Linux Security Advisory : php (MDVSA-2008:126)
A number of vulnerabilities have been found and corrected in PHP : PHP 5.2.1 would allow context-dependent attackers to read portions of heap memory by executing certain scripts with a serialized data input string beginning with 'S:', which did not properly track the number of input bytes being...
Wordpress 2.6.1 (SQL Column Truncation) Admin Takeover Exploit
Exploit for unknown platform in category web applications ============================================================== Wordpress 2.6.1 SQL Column Truncation Admin Takeover Exploit ============================================================== !/usr/bin/php =5.2.1 you'll need to be as well, in...
CVE-2007-2748
The substrcount function in PHP 5.2.1 and earlier allows context-dependent attackers to obtain sensitive information via unspecified vectors, a different affected function than CVE-2007-1375...
Crlf injection
CRLF injection vulnerability in the FILTERVALIDATEEMAIL filter in ext/filter in PHP 5.2.0 and 5.2.1 allows context-dependent attackers to inject arbitrary e-mail headers via an e-mail address with a '\n' character, which causes a regular expression to ignore the subsequent part of the address...
CVE-2007-1900
CVE-2007-1900 describes a CRLF injection vulnerability in the PHP 5.2.0–5.2.1 FILTER_VALIDATE_EMAIL filter, enabling context-dependent attackers to inject arbitrary email headers by including a newline in the address. The cited advisories indicate this affects PHP up to 5.2.1; a PHP 5.2.3 release...
Integer overflow
Integer overflow in the strreplace function in PHP 4.4.5 and PHP 5.2.1 allows context-dependent attackers to have an unknown impact via a single character search string in conjunction with a single character replacement string, which causes an "off by one overflow."...
Buffer overflow
Buffer overflow in the sqlitedecodebinary function in the bundled sqlite library in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 allows context-dependent attackers to execute arbitrary code via an empty value of the in parameter, as demonstrated by calling the sqliteudfdecodebinary function with a...
PHPDoc Confirm_Phpdoc_Compiled本地缓冲区溢出漏洞
phpDOC是一款用于建立PEAR文档的应用程序。 phpDOC存在缓冲区溢出问题,本地攻击者可以利用漏洞以应用程序进程权限执行任意指令。 由于对参数缺少正确的边界检查,提交超长字符串作为confirmphpdoccompiled参数可触发溢出,并以应用程序进程权限执行任意指令。 phpDocumentor phpDocumentor 1.3.1 phpDocumentor phpDocumentor 1.3 RC4 phpDocumentor phpDocumentor 1.3 RC3 phpDocumentor phpDocumentor 1.2.3 phpDocumentor...
readfile() Safe Mode Bypass PHP 5.2.1/ 5.1.6 / 4.4.4
SecurityRisk : DEN Remote Exploit : No Local Exploit : Yes Exploit Given : Yes Credit : The-WolF-kSA Date : 24.3.2007 Affected Software : PHP 5.2.1/ 5.1.6 / 4.4.4 readfile Safe Mode Bypass PHP 5.2.1/ 5.1.6 / 4.4.4 Author: ThE-WoLf-KsA Date: - -Written: 24.3.2007 - --- 0.Description --- - --- 1...
PHP 5.2.1 - Multiple functions 'Reference' Information Disclosures
source: https://www.securityfocus.com/bid/23202/info PHP is prone to an information-disclosure vulnerability due to a design error. The vulnerability resides in various functions that accept parameters as references. Successful exploits will allow attackers to obtain sensitive information...
Buffer overflow
Buffer overflow in the confirmphpdoccompiled function in the phpDOC extension PECL phpDOC in PHP 5.2.1 allows context-dependent attackers to execute arbitrary code via a long argument string...
CVE-2007-1709
CVE-2007-1709 describes a buffer overflow in the confirm_phpdoc_compiled function of the phpDOC PECL extension for PHP 5.2.1. The vulnerability allows a context-dependent, local attacker to execute arbitrary code via a long argument string. The affected component is the phpDOC extension in PHP 5....
CVE-2007-1709
Buffer overflow in the confirmphpdoccompiled function in the phpDOC extension PECL phpDOC in PHP 5.2.1 allows context-dependent attackers to execute arbitrary code via a long argument string...