Lucene search
K

151 matches found

seebug.org
seebug.org
added 2011/03/18 12:0 a.m.59 views

PHP "substr_replace()"释放后重用远程内存破坏漏洞

BUGTRAQ ID: 46843 CVE ID: CVE-2011-1148 PHP是广泛使用的通用目的脚本语言,特别适合于Web开发,可嵌入到HTML中。 PHP的"substrreplace"函数在实现上存在释放后重用远程内存破坏漏洞,远程攻击者可利用此漏洞在网络服务器中执行任意代码,造成拒绝服务。 此漏洞源于在将同一个变量多次发送到"substrreplace"函数时,PHP会使该函数中的三个变量使用同一个指针,所以当函数中的类型转换更改了该指针,该指针也会使其他变量无效。 PHP PHP 5.3.x PHP PHP 5.2.x 厂商补丁: PHP ---...

7.5CVSS8.2AI score0.04609EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2011/03/18 12:0 a.m.88 views

PHP 5.3 < 5.3.6 Multiple Vulnerabilities

According to its banner, the version of PHP 5.3.x installed on the remote host is older than 5.3.6. - A NULL pointer can be dereferenced in the function 'zipnamelocate' when processing empty archives and can lead to application crashes or code execution. Exploitation requires the...

7.5CVSS8.9AI score0.17881EPSS
Exploits25References23
OpenVAS
OpenVAS
added 2011/01/24 12:0 a.m.35 views

FreeBSD Ports: pecl-phar

The remote host is missing an update to the system as announced in the referenced advisory. VID da3d381b-0ee6-11e0-becc-0022156e8794 OpenVAS Vulnerability Test $ Description: Auto generated from VID da3d381b-0ee6-11e0-becc-0022156e8794 Authors: Thomas Reinke Copyright: Copyright c 2011 E-Soft Inc...

6.8CVSS9.4AI score0.12652EPSS
Exploits1
OpenVAS
OpenVAS
added 2011/01/24 12:0 a.m.33 views

FreeBSD Ports: php5-filter

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2011 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

4.3CVSS7.9AI score0.03091EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2011/01/14 12:0 a.m.27 views

Mandriva Update for php-phar MDVSA-2011:004 (php-phar)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

6.8CVSS5.2AI score0.12652EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2011/01/13 12:0 a.m.59 views

FreeBSD : php-filter -- Denial of Service (c623f058-10e7-11e0-becc-0022156e8794)

The following DoS condition in filter extension was fixed in PHP 5.3.4 and PHP 5.2.15 : Stack consumption vulnerability in the filtervar function in PHP 5.2.x through 5.2.14 and 5.3.x through 5.3.3, when FILTERVALIDATEEMAIL mode is used, allows remote attackers to cause a denial of service memory...

4.3CVSS7.5AI score0.03091EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2011/01/11 3:0 a.m.33 views

CVE-2010-4645

strtod.c, as used in the zendstrtod function in PHP 5.2 before 5.2.17 and 5.3 before 5.3.5, and other products, allows context-dependent attackers to cause a denial of service infinite loop via a certain floating-point value in scientific notation, which is not properly handled in x87 FPU...

5CVSS7.2AI score0.15103EPSS
Exploits1References2
Prion
Prion
added 2011/01/11 3:0 a.m.22 views

Design/Logic Flaw

strtod.c, as used in the zendstrtod function in PHP 5.2 before 5.2.17 and 5.3 before 5.3.5, and other products, allows context-dependent attackers to cause a denial of service infinite loop via a certain floating-point value in scientific notation, which is not properly handled in x87 FPU...

5CVSS6.8AI score0.15103EPSS
Exploits1References28Affected Software1
CVE
CVE
added 2011/01/11 1:0 a.m.237 views

CVE-2010-4645

The CVE-2010-4645 entry concerns PHP’s strtod.c in the zend_strtod path, affecting PHP 5.2.x before 5.2.17 and 5.3.x before 5.3.5, and other products. The flaw arises from improper handling of a specific floating-point value in scientific notation (notably 2.2250738585072011e-308) in x87 FPU regi...

5CVSS8.5AI score0.15103EPSS
Exploits1References28Affected Software1
Tenable Nessus
Tenable Nessus
added 2011/01/07 12:0 a.m.137 views

PHP 5.2 < 5.2.17 / 5.3 < 5.3.5 String To Double Conversion DoS

According to its banner, the version of PHP 5.x installed on the remote host is older than 5.2.17 or 5.3.5. Such versions may experience a crash while performing string to double conversion for certain numeric values. Only x86 32-bit PHP processes are known to be affected by this issue regardless...

5CVSS8.1AI score0.15103EPSS
Exploits1References5
FreeBSD
FreeBSD
added 2010/12/13 12:0 a.m.33 views

pecl-phar -- format string vulnerability

Entry for CVE-2010-2094 says: Multiple format string vulnerabilities in the phar extension in PHP 5.3 before 5.3.2 allow context-dependent attackers to obtain sensitive information memory contents and possibly execute arbitrary code via a crafted phar:// URI that is not properly handled by the 1...

6.8CVSS7.3AI score0.12652EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2010/12/10 12:0 a.m.52 views

PHP 5.3 < 5.3.4 Multiple Vulnerabilities

Binary data 801074.prm...

6.8CVSS7.6AI score0.18878EPSS
Exploits20References19
Prion
Prion
added 2010/12/07 10:0 p.m.25 views

Double free

Double free vulnerability in the imapdoopen function in the IMAP extension ext/imap/phpimap.c in PHP 5.2 before 5.2.15 and 5.3 before 5.3.4 allows attackers to cause a denial of service memory corruption or possibly execute arbitrary code via unspecified vectors...

5CVSS8AI score0.06008EPSS
Exploits0References22Affected Software1
UbuntuCve
UbuntuCve
added 2010/12/07 10:0 p.m.31 views

CVE-2010-4150

Double free vulnerability in the imapdoopen function in the IMAP extension ext/imap/phpimap.c in PHP 5.2 before 5.2.15 and 5.3 before 5.3.4 allows attackers to cause a denial of service memory corruption or possibly execute arbitrary code via unspecified vectors...

5CVSS7.1AI score0.06008EPSS
Exploits0References1
CVE
CVE
added 2010/12/07 9:0 p.m.146 views

CVE-2010-4150

CVE-2010-4150 : A double-free in the IMAP extension (ext/imap/php_imap.c) of PHP causes memory corruption, enabling denial of service and potentially arbitrary code execution. Affected versions: PHP 5.2 before 5.2.15 and PHP 5.3 before 5.3.4. The issue stems from improper handling in imap_do_open...

5CVSS6.6AI score0.06008EPSS
Exploits0References22Affected Software1
Tenable Nessus
Tenable Nessus
added 2010/11/22 12:0 a.m.42 views

Mandriva Linux Security Advisory : php (MDVSA-2010:239)

A possible double free flaw was found in the imap extension for php CVE-2010-4150. A GC corrupting flaw was found in Zend/zendgc.c for php-5.3.x that under certain circumstances could cause a segmention fault crash. Packages for 2009.0 are provided as of the Extended Maintenance Program. Please...

5CVSS6.8AI score0.06008EPSS
Exploits0References4
NVD
NVD
added 2010/11/10 3:0 a.m.22 views

CVE-2010-4156

The mbstrcut function in Libmbfl 1.1.0, as used in PHP 5.3.x through 5.3.3, allows context-dependent attackers to obtain potentially sensitive information via a large value of the third parameter aka the length parameter...

5CVSS5.8AI score0.12786EPSS
Exploits1References18
Prion
Prion
added 2010/11/10 3:0 a.m.22 views

Code injection

The mbstrcut function in Libmbfl 1.1.0, as used in PHP 5.3.x through 5.3.3, allows context-dependent attackers to obtain potentially sensitive information via a large value of the third parameter aka the length parameter...

5CVSS6.3AI score0.12786EPSS
Exploits1References18Affected Software1
CVE
CVE
added 2010/11/10 1:0 a.m.101 views

CVE-2010-4156

CVE-2010-4156 affects Libmbfl 1.1.0 as used in PHP 5.3.x up to 5.3.3. The mb_strcut function can disclose memory when the length parameter is large, enabling context-dependent attackers to access potentially sensitive information. The connected documents confirm the issue and list affected adviso...

5CVSS5.7AI score0.12786EPSS
Exploits1References18Affected Software1
Cvelist
Cvelist
added 2010/11/10 1:0 a.m.24 views

CVE-2010-4156

The mbstrcut function in Libmbfl 1.1.0, as used in PHP 5.3.x through 5.3.3, allows context-dependent attackers to obtain potentially sensitive information via a large value of the third parameter aka the length parameter...

5.6AI score0.12786EPSS
Exploits1References18
Rows per page
Query Builder