K12253: PHP vulnerability CVE-2010-2225

Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...

PHP openssl_x509_parse() - Memory Corruption Vulnerability

No description provided by source. SektionEins GmbH www.sektioneins.de -= Security Advisory =- Advisory: PHP opensslx509parse Memory Corruption Vulnerability Release Date: 2013/12/13 Last Modified: 2013/12/13 Author: Stefan Esser stefan.esseratsektioneins.de Application: PHP 4.0.6 - PHP 4.4.9 PHP...

PHP - openssl_x509_parse() Memory Corruption

PHP - opensslx509parse Memory Corruption SektionEins GmbH www.sektioneins.de -= Security Advisory =- Advisory: PHP opensslx509parse Memory Corruption Vulnerability Release Date: 2013/12/13 Last Modified: 2013/12/13 Author: Stefan Esser stefan.esseratsektioneins.de Application: PHP 4.0.6 - PHP 4.4...

PHP openssl_x509_parse() Memory Corruption

SektionEins GmbH www.sektioneins.de -= Security Advisory =- Advisory: PHP opensslx509parse Memory Corruption Vulnerability Release Date: 2013/12/13 Last Modified: 2013/12/13 Author: Stefan Esser stefan.esseratsektioneins.de Application: PHP 4.0.6 - PHP 4.4.9 PHP 5.0.x PHP 5.1.x PHP 5.2.x PHP 5.3....

PHP 4.4.x<4.4.9, 5.2.x<5.2.7 FastCGI Module 多句点请求拒绝服务漏洞

No description provided by source...

PHP 5.2.x<5.2.14,5.3.x<5.3.3 addcslashes函数信息泄露漏洞

No description provided by source...

PHP 5.2.x<5.2.14 strrchr函数信息泄露漏洞

No description provided by source...

PHP &quot;substr_replace()&quot;释放后重用远程内存破坏漏洞

BUGTRAQ ID: 46843 CVE ID: CVE-2011-1148 PHP是广泛使用的通用目的脚本语言，特别适合于Web开发，可嵌入到HTML中。 PHP的"substrreplace"函数在实现上存在释放后重用远程内存破坏漏洞，远程攻击者可利用此漏洞在网络服务器中执行任意代码，造成拒绝服务。 此漏洞源于在将同一个变量多次发送到"substrreplace"函数时，PHP会使该函数中的三个变量使用同一个指针，所以当函数中的类型转换更改了该指针，该指针也会使其他变量无效。 PHP PHP 5.3.x PHP PHP 5.2.x 厂商补丁： PHP ---...

FreeBSD Ports: php5-filter

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2011 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

FreeBSD : php-filter -- Denial of Service (c623f058-10e7-11e0-becc-0022156e8794)

The following DoS condition in filter extension was fixed in PHP 5.3.4 and PHP 5.2.15 : Stack consumption vulnerability in the filtervar function in PHP 5.2.x through 5.2.14 and 5.3.x through 5.3.3, when FILTERVALIDATEEMAIL mode is used, allows remote attackers to cause a denial of service memory...

Null pointer dereference

The ZipArchive::getArchiveComment function in PHP 5.2.x through 5.2.14 and 5.3.x through 5.3.3 allows context-dependent attackers to cause a denial of service NULL pointer dereference and application crash via a crafted ZIP archive...

CVE-2010-3709

The ZipArchive::getArchiveComment function in PHP 5.2.x through 5.2.14 and 5.3.x through 5.3.3 allows context-dependent attackers to cause a denial of service NULL pointer dereference and application crash via a crafted ZIP archive...

CVE-2010-3710

Stack consumption vulnerability in the filtervar function in PHP 5.2.x through 5.2.14 and 5.3.x through 5.3.3, when FILTERVALIDATEEMAIL mode is used, allows remote attackers to cause a denial of service memory consumption and application crash via a long e-mail address string...

CVE-2010-3710

Stack consumption vulnerability in the filtervar function in PHP 5.2.x through 5.2.14 and 5.3.x through 5.3.3, when FILTERVALIDATEEMAIL mode is used, allows remote attackers to cause a denial of service memory consumption and application crash via a long e-mail address string...

CVE-2010-2225

Use-after-free vulnerability in the SplObjectStorage unserializer in PHP 5.2.x and 5.3.x through 5.3.2 allows remote attackers to execute arbitrary code or obtain sensitive information via serialized data, related to the PHP unserialize function...

PHP 5.2.x < 5.2.12 Multiple Vulnerabilities

Binary data 801091.prm...

Mandrake Security Advisory MDVSA-2009:090 (php)

The remote host is missing an update to php announced via advisory MDVSA-2009:090. OpenVAS Vulnerability Test $Id: mdksa2009090.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:090 php Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

Mandrake Security Advisory MDVSA-2009:090 (php)

The remote host is missing an update to php announced via advisory MDVSA-2009:090. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-on...

Input validation

The phpzipmakerelativepath function in phpzip.c in PHP 5.2.x before 5.2.9 allows context-dependent attackers to cause a denial of service crash via a ZIP file that contains filenames with relative paths, which is not properly handled during extraction...

CVE-2009-1272

The phpzipmakerelativepath function in phpzip.c in PHP 5.2.x before 5.2.9 allows context-dependent attackers to cause a denial of service crash via a ZIP file that contains filenames with relative paths, which is not properly handled during extraction...