PHP 5.2.11/5.3.0 - Multiple Vulnerabilities

No description provided by source. ?php / PHP 5.2.11/5.3.0 symlink openbasedir bypass by Maksymilian Arciemowicz http://securityreason.com/ cxib a.T securityreason d0t com CHUJWAMWMUZG / $fakedir=cx; $fakedep=16; $num=0; // offset of symlink.$num if!empty$GET'file' $file=$GET'file'; else...

PHP <= 5.2.11 'htmlspecialcharacters()' Malformed Multibyte Character Cross Site Scripting Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/37389/info PHP is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

PHP "multipart/form-data" Denial of Service Exploit (Python)

No description provided by source. !/usr/bin/python -- coding: utf-8 -- Author: Eren Turkay eren .-. pardus.org.tr, 2009/11/20 http://www.pardus.org.tr/eng/ Credits: Bogdan Calin from Acunetix Description: Exploit to cause denial of service on any host that runs PHP via temporary file exhaustion...

Mandriva Security Advisory MDVSA-2009:305 (php)

The remote host is missing an update to php announced via advisory MDVSA-2009:305. OpenVAS Vulnerability Test $Id: mdksa2009305.nasl 6587 2017-07-07 06:35:35Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:305 php Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

Mandriva Security Advisory MDVSA-2009:305 (php)

The remote host is missing an update to php announced via advisory MDVSA-2009:305. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-on...

Mandriva Security Advisory MDVSA-2009:303 (php)

The remote host is missing an update to php announced via advisory MDVSA-2009:303. OpenVAS Vulnerability Test $Id: mdksa2009303.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:303 php Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

PHP 5.2.11 / 5.3.0 symlink() open_basedir Bypass

This is exploit from Security Audit Lab - SecurityReason labs. Author : Maksymilian Arciemowicz Script for legal use only. PHP 5.2.11 5.3.0 symlink openbasedir bypass More: SecurityReason '; ifempty$file exit; if!iswritable"." die"not writable directory"; $level=0; for$as=0;$as$fakedep;$as++...

[ MDVSA-2009:284 ] gd

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2009:284 http://www.mandriva.com/security/ Package : gd Date : October 20, 2009 Affected: 2009.0, 2009.1, Corporate 3.0, Corporate 4.0, Enterprise Server 5.0, Multi Network Firewall 2.0 Problem Description: A...

CVE-2009-3546

The gdGetColors function in gdgd.c in PHP 5.2.11 and 5.3.x before 5.3.1, and the GD Graphics Library 2.x, does not properly verify a certain colorsTotal structure member, which might allow remote attackers to conduct buffer overflow or buffer over-read attacks via a crafted GD file, a different...

Buffer overflow

The gdGetColors function in gdgd.c in PHP 5.2.11 and 5.3.x before 5.3.1, and the GD Graphics Library 2.x, does not properly verify a certain colorsTotal structure member, which might allow remote attackers to conduct buffer overflow or buffer over-read attacks via a crafted GD file, a different...

CVE-2009-3546

The gdGetColors function in gdgd.c in PHP 5.2.11 and 5.3.x before 5.3.1, and the GD Graphics Library 2.x, does not properly verify a certain colorsTotal structure member, which might allow remote attackers to conduct buffer overflow or buffer over-read attacks via a crafted GD file, a different...

Cross site scripting

The popen API function in TSRM/tsrmwin32.c in PHP before 5.2.11 and 5.3.x before 5.3.1, when running on certain Windows operating systems, allows context-dependent attackers to cause a denial of service crash via a crafted 1 "e" or 2 "er" string in the second argument aka mode, possibly related t...

php5 -- Multiple security issues

Vendor reports Security Enhancements and Fixes in PHP 5.2.11: Fixed certificate validation inside phpopensslapplyverificationpolicy. Fixed sanity check for the color index in imagecolortransparent. Added missing sanity checks around exif processing. Fixed bug 44683 popen crashes when an invalid...