151 matches found
PHP "substr_replace()"释放后重用远程内存破坏漏洞
BUGTRAQ ID: 46843 CVE ID: CVE-2011-1148 PHP是广泛使用的通用目的脚本语言,特别适合于Web开发,可嵌入到HTML中。 PHP的"substrreplace"函数在实现上存在释放后重用远程内存破坏漏洞,远程攻击者可利用此漏洞在网络服务器中执行任意代码,造成拒绝服务。 此漏洞源于在将同一个变量多次发送到"substrreplace"函数时,PHP会使该函数中的三个变量使用同一个指针,所以当函数中的类型转换更改了该指针,该指针也会使其他变量无效。 PHP PHP 5.3.x PHP PHP 5.2.x 厂商补丁: PHP ---...
PHP 5.3 < 5.3.6 Multiple Vulnerabilities
According to its banner, the version of PHP 5.3.x installed on the remote host is older than 5.3.6. - A NULL pointer can be dereferenced in the function 'zipnamelocate' when processing empty archives and can lead to application crashes or code execution. Exploitation requires the...
FreeBSD Ports: pecl-phar
The remote host is missing an update to the system as announced in the referenced advisory. VID da3d381b-0ee6-11e0-becc-0022156e8794 OpenVAS Vulnerability Test $ Description: Auto generated from VID da3d381b-0ee6-11e0-becc-0022156e8794 Authors: Thomas Reinke Copyright: Copyright c 2011 E-Soft Inc...
FreeBSD Ports: php5-filter
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2011 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Mandriva Update for php-phar MDVSA-2011:004 (php-phar)
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
FreeBSD : php-filter -- Denial of Service (c623f058-10e7-11e0-becc-0022156e8794)
The following DoS condition in filter extension was fixed in PHP 5.3.4 and PHP 5.2.15 : Stack consumption vulnerability in the filtervar function in PHP 5.2.x through 5.2.14 and 5.3.x through 5.3.3, when FILTERVALIDATEEMAIL mode is used, allows remote attackers to cause a denial of service memory...
CVE-2010-4645
strtod.c, as used in the zendstrtod function in PHP 5.2 before 5.2.17 and 5.3 before 5.3.5, and other products, allows context-dependent attackers to cause a denial of service infinite loop via a certain floating-point value in scientific notation, which is not properly handled in x87 FPU...
Design/Logic Flaw
strtod.c, as used in the zendstrtod function in PHP 5.2 before 5.2.17 and 5.3 before 5.3.5, and other products, allows context-dependent attackers to cause a denial of service infinite loop via a certain floating-point value in scientific notation, which is not properly handled in x87 FPU...
CVE-2010-4645
The CVE-2010-4645 entry concerns PHP’s strtod.c in the zend_strtod path, affecting PHP 5.2.x before 5.2.17 and 5.3.x before 5.3.5, and other products. The flaw arises from improper handling of a specific floating-point value in scientific notation (notably 2.2250738585072011e-308) in x87 FPU regi...
PHP 5.2 < 5.2.17 / 5.3 < 5.3.5 String To Double Conversion DoS
According to its banner, the version of PHP 5.x installed on the remote host is older than 5.2.17 or 5.3.5. Such versions may experience a crash while performing string to double conversion for certain numeric values. Only x86 32-bit PHP processes are known to be affected by this issue regardless...
pecl-phar -- format string vulnerability
Entry for CVE-2010-2094 says: Multiple format string vulnerabilities in the phar extension in PHP 5.3 before 5.3.2 allow context-dependent attackers to obtain sensitive information memory contents and possibly execute arbitrary code via a crafted phar:// URI that is not properly handled by the 1...
PHP 5.3 < 5.3.4 Multiple Vulnerabilities
Binary data 801074.prm...
Double free
Double free vulnerability in the imapdoopen function in the IMAP extension ext/imap/phpimap.c in PHP 5.2 before 5.2.15 and 5.3 before 5.3.4 allows attackers to cause a denial of service memory corruption or possibly execute arbitrary code via unspecified vectors...
CVE-2010-4150
Double free vulnerability in the imapdoopen function in the IMAP extension ext/imap/phpimap.c in PHP 5.2 before 5.2.15 and 5.3 before 5.3.4 allows attackers to cause a denial of service memory corruption or possibly execute arbitrary code via unspecified vectors...
CVE-2010-4150
CVE-2010-4150 : A double-free in the IMAP extension (ext/imap/php_imap.c) of PHP causes memory corruption, enabling denial of service and potentially arbitrary code execution. Affected versions: PHP 5.2 before 5.2.15 and PHP 5.3 before 5.3.4. The issue stems from improper handling in imap_do_open...
Mandriva Linux Security Advisory : php (MDVSA-2010:239)
A possible double free flaw was found in the imap extension for php CVE-2010-4150. A GC corrupting flaw was found in Zend/zendgc.c for php-5.3.x that under certain circumstances could cause a segmention fault crash. Packages for 2009.0 are provided as of the Extended Maintenance Program. Please...
CVE-2010-4156
The mbstrcut function in Libmbfl 1.1.0, as used in PHP 5.3.x through 5.3.3, allows context-dependent attackers to obtain potentially sensitive information via a large value of the third parameter aka the length parameter...
Code injection
The mbstrcut function in Libmbfl 1.1.0, as used in PHP 5.3.x through 5.3.3, allows context-dependent attackers to obtain potentially sensitive information via a large value of the third parameter aka the length parameter...
CVE-2010-4156
CVE-2010-4156 affects Libmbfl 1.1.0 as used in PHP 5.3.x up to 5.3.3. The mb_strcut function can disclose memory when the length parameter is large, enabling context-dependent attackers to access potentially sensitive information. The connected documents confirm the issue and list affected adviso...
CVE-2010-4156
The mbstrcut function in Libmbfl 1.1.0, as used in PHP 5.3.x through 5.3.3, allows context-dependent attackers to obtain potentially sensitive information via a large value of the third parameter aka the length parameter...