24 matches found
EUVD-2011-0466
Malware in sbrugna...
libzip 0.9.3 _zip_name_locate NULL Pointer Dereference (incl PHP 5.3.5)
No description provided by source. Source: http://securityreason.com/securityalert/8146 libzip 0.9.3 zipnamelocate NULL Pointer Dereference incl PHP 5.3.5 Author: Maksymilian Arciemowicz http://securityreason.com/ http://cxib.net/ Date: - Dis.: 03.01.2011 - Pub.: 18.03.2011 CVE: CVE-2011-0421 CER...
PHP 5.3.5 grapheme_extract() NULL Pointer Dereference
No description provided by source...
DocuWiki 2012/01/25 CSRF / XSS
Exploit for php platform in category web applications DokuWiki Ver.2012/01/25 Latest Version CSRF Add User Exploit Discovered by : Khashayar Fereidani Team Website : HTTP://IRCRASH.COM IRCRASH Security Community Facebook : http://facebook.com/fereidani Twitter : https://twitter.com/!/IRCRASH...
DocuWiki 2012/01/25 Cross Site Request Forgery / Cross Site Scripting
DokuWiki Ver.2012/01/25 Latest Version CSRF Add User Exploit Discovered by : Khashayar Fereidani Team Website : HTTP://IRCRASH.COM IRCRASH Security Community Facebook : http://facebook.com/fereidani Twitter : https://twitter.com/!/IRCRASH Facebook Page :...
PHP 5.3.5 - socket_connect() Local Buffer Overflow
PHP 5.3.5 - socketconnect Local Buffer Overflow...
USN-1126-1: PHP vulnerabilities
Stephane Chazelas discovered that the /etc/cron.d/php5 cron job for PHP 5.3.5 allows local users to delete arbitrary files via a symlink attack on a directory under /var/lib/php5/. CVE-2011-0441 Raphael Geisert and Dan Rosenberg discovered that the PEAR installer allows local users to overwrite...
Code injection
The Debian GNU/Linux /etc/cron.d/php5 cron job for PHP 5.3.5 allows local users to delete arbitrary files via a symlink attack on a directory under /var/lib/php5/...
CVE-2011-0441
The Debian GNU/Linux /etc/cron.d/php5 cron job for PHP 5.3.5 allows local users to delete arbitrary files via a symlink attack on a directory under /var/lib/php5/...
CVE-2011-0441
CVE-2011-0441 is a local vulnerability in PHP 5.x packages (notably the Debian/Ubuntu php5 package) where the /etc/cron.d/php5 cron job can be abused by a local user to delete arbitrary files via a symlink attack on a directory under /var/lib/php5. The Debian advisory DSA 2195-1 and Ubuntu USN-13...
libzip 0.9.3 _zip_name_locate空指针引用(incl PHP 5.3.5)
CVE ID: CVE-2011-0421 libzip是读取、创建和修改zip文档的库。 libzip 0.9.3 zipnamelocate在实现上存在空指针引用漏洞,远程攻击者可利用此漏洞进行拒绝服务。 设置ZIPFLUNCHANGED标签后,libzip可使远程和本地攻击者进行拒绝服务攻击。对于空zip文件和ZIPFLUNCHANGED旗标,libzip会发生崩溃。目前对于PHP,安全影响只是远程拒绝服务。 PHP PHP 5.3.5 libzip libzip 0.9.3 厂商补丁: libzip ------...
libzip 0.9.3 _zip_name_locate NULL Pointer Dereference (incl PHP 5.3.5)
libzip 0.9.3 zipnamelocate NULL Pointer Dereference incl PHP 5.3.5 Author: Maksymilian Arciemowicz http://securityreason.com/ http://cxib.net/ Date: - Dis.: 03.01.2011 - Pub.: 18.03.2011 CVE: CVE-2011-0421 CERT: VU325039 Affected Software: - libzip 0.9.3 - PHP 5.3.5 fixed 5.3.6 Original URL:...
libzip 0.9.3 _zip_name_locate NULL Pointer Dereference (incl PHP 5.3.5)
Exploit for linux platform in category dos / poc libzip 0.9.3 zipnamelocate NULL Pointer Dereference incl PHP 5.3.5 Author: Maksymilian Arciemowicz http://securityreason.com/ http://cxib.net/ Date: - Dis.: 03.01.2011 - Pub.: 18.03.2011 CVE: CVE-2011-0421 CERT: VU325039 Affected Software: - libzip...
PHP 5.3.5 libzip 0.9.3 - _zip_name_locate Null Pointer Dereference
Source: http://securityreason.com/securityalert/8146 libzip 0.9.3 zipnamelocate NULL Pointer Dereference incl PHP 5.3.5 Author: Maksymilian Arciemowicz http://securityreason.com/ http://cxib.net/ Date: - Dis.: 03.01.2011 - Pub.: 18.03.2011 CVE: CVE-2011-0421 CERT: VU325039 Affected Software: -...
PHP 5.3.5 libzip 0.9.3 - _zip_name_locate Null Pointer Dereference
PHP 5.3.5 libzip 0.9.3 - zipnamelocate Null Pointer Dereference Source: http://securityreason.com/securityalert/8146 libzip 0.9.3 zipnamelocate NULL Pointer Dereference incl PHP 5.3.5 Author: Maksymilian Arciemowicz http://securityreason.com/ http://cxib.net/ Date: - Dis.: 03.01.2011 - Pub.:...
CVE-2011-1153
CVE-2011-1153 involves multiple format string vulnerabilities in the php phar extension, specifically phar_object.c, affecting PHP 5.3.5 and earlier. The issue allows context-dependent attackers to obtain sensitive data from process memory, cause memory corruption (DoS), or potentially execute ar...
CVE-2011-1153
Multiple format string vulnerabilities in pharobject.c in the phar extension in PHP 5.3.5 and earlier allow context-dependent attackers to obtain sensitive information from process memory, cause a denial of service memory corruption, or possibly execute arbitrary code via format string specifiers...
PHP 5.3.5 grapheme_extract() NULL Pointer Dereference
PHP 5.3.5 graphemeextract NULL Pointer Dereference Author: Maksymilian Arciemowicz http://securityreason.com/ http://cxib.net/ Date: - Dis.: 09.12.2010 - Pub.: 17.02.2011 CVE: CVE-2011-0420 CERT: VU210829 Affected Software: - PHP 5.3.5 Fixed: SVN Original URL:...
CVE-2011-0420
The graphemeextract function in the Internationalization extension Intl for ICU for PHP 5.3.5 allows context-dependent attackers to cause a denial of service crash via an invalid size argument, which triggers a NULL pointer dereference...
Null pointer dereference
The graphemeextract function in the Internationalization extension Intl for ICU for PHP 5.3.5 allows context-dependent attackers to cause a denial of service crash via an invalid size argument, which triggers a NULL pointer dereference...