Internet Bug Bounty: Use after free with assign by ref to overloaded objects

Reported: 2015-07-15 16:30 UTC Fixed: 2015-07-21 14:20 UTC Bug Report: https://bugs.php.net/bug.php?id=70083 Fixed in PHP 5.6: http://git.php.net/?p=php-src.git;a=commitdiff;h=f57cb13c566613eec0e1c2f6d96d18565436a9b7 Fixed in 7:...

PHP openssl_x509_parse() - Memory Corruption Vulnerability

No description provided by source. SektionEins GmbH www.sektioneins.de -= Security Advisory =- Advisory: PHP opensslx509parse Memory Corruption Vulnerability Release Date: 2013/12/13 Last Modified: 2013/12/13 Author: Stefan Esser stefan.esseratsektioneins.de Application: PHP 4.0.6 - PHP 4.4.9 PHP...

PHP - openssl_x509_parse() Memory Corruption

PHP - opensslx509parse Memory Corruption SektionEins GmbH www.sektioneins.de -= Security Advisory =- Advisory: PHP opensslx509parse Memory Corruption Vulnerability Release Date: 2013/12/13 Last Modified: 2013/12/13 Author: Stefan Esser stefan.esseratsektioneins.de Application: PHP 4.0.6 - PHP 4.4...

PHP openssl_x509_parse() Memory Corruption

SektionEins GmbH www.sektioneins.de -= Security Advisory =- Advisory: PHP opensslx509parse Memory Corruption Vulnerability Release Date: 2013/12/13 Last Modified: 2013/12/13 Author: Stefan Esser stefan.esseratsektioneins.de Application: PHP 4.0.6 - PHP 4.4.9 PHP 5.0.x PHP 5.1.x PHP 5.2.x PHP 5.3....

CVE-2012-4388

The sapiheaderop function in main/SAPI.c in PHP 5.4.0RC2 through 5.4.0 does not properly determine a pointer during checks for %0D sequences aka carriage return characters, which allows remote attackers to bypass an HTTP response-splitting protection mechanism via a crafted URL, related to improp...

php(5.3.10-5.4.0)_XSS_vulns.txt

============================================================================================= Vulnerable Software: PHP 5.3.10/5.4.0 php-5.3.10-Win32-VC9-x86.zip MD5 SUM: af452dfa681ae03ff42eea6d1c7348cd php-5.4.0-Win32-VC9-x86.zip MD5 SUM: b1b0abe883f84eb6d76793aabf1aa612 Downloaded...

PHP 5.3.10 / 5.4.0 Cross Site Scripting

============================================================================================= Vulnerable Software: PHP 5.3.10/5.4.0 php-5.3.10-Win32-VC9-x86.zip MD5 SUM: af452dfa681ae03ff42eea6d1c7348cd php-5.4.0-Win32-VC9-x86.zip MD5 SUM: b1b0abe883f84eb6d76793aabf1aa612 Downloaded...

PHP 'Content-Length'标头远程服务访问漏洞

BUGTRAQ ID: 52704 PHP是一种在电脑上运行的脚本语言，主要用途是在于处理动态网页，包含了命令行运行接口或者产生图形用户界面程序。 PHP在实现上存在远程拒绝服务漏洞，如果发送带有较大的Content-Length标头值的HTTP请求到内置的PHP网络服务器，攻击者可利用此漏洞耗尽可用的内存，拒绝服务合法用户。 0 PHP 5.5.0-DEV PHP 5.4.1RC1-DEV 厂商补丁： PHP --- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www.php.net !/usr/bin/python Title: PHP 5.4....

PHP 5.4.0 Built-in Web Server DoS PoC

No description provided by source. !/usr/bin/python Title: PHP 5.4.0 Built-in Web Server DoS PoC Date: 16 March 2012 Author: ls [email protected] Reference: https://bugs.php.net/bug.php?id=61461 Comments: Fixed in PHP 5.4.1RC1-DEV and 5.5.0-DEV The value of the Content-Length header is...

PHP 5.4.0 Built-in Web Server - Denial of Service (PoC)

!/usr/bin/python Title: PHP 5.4.0 Built-in Web Server DoS PoC Date: 16 March 2012 Author: ls [email protected] Reference: https://bugs.php.net/bug.php?id=61461 Comments: Fixed in PHP 5.4.1RC1-DEV and 5.5.0-DEV The value of the Content-Length header is passed directly to a pemalloc call in...

PHP 5.4.0 Built-in Web Server - Denial of Service (PoC)

PHP 5.4.0 Built-in Web Server - Denial of Service PoC !/usr/bin/python Title: PHP 5.4.0 Built-in Web Server DoS PoC Date: 16 March 2012 Author: ls [email protected] Reference: https://bugs.php.net/bug.php?id=61461 Comments: Fixed in PHP 5.4.1RC1-DEV and 5.5.0-DEV The value of the...

PHP 5.4.0 Denial Of Service

!/usr/bin/python Title: PHP 5.4.0 Built-in Web Server DoS PoC Date: 16 March 2012 Author: ls [email protected] Reference: https://bugs.php.net/bug.php?id=61461 Comments: Fixed in PHP 5.4.1RC1-DEV and 5.5.0-DEV The value of the Content-Length header is passed directly to a pemalloc call in...