Internet Bug Bounty: Use after free with assign by ref to overloaded objects

Reported: 2015-07-15 16:30 UTC Fixed: 2015-07-21 14:20 UTC Bug Report: https://bugs.php.net/bug.php?id=70083 Fixed in PHP 5.6: http://git.php.net/?p=php-src.git;a=commitdiff;h=f57cb13c566613eec0e1c2f6d96d18565436a9b7 Fixed in 7:...

PHP < 5.3.11, 5.4.0 < 5.4.1 RC1 HTTP Header Injection Vulnerability

PHP is prone to an HTTP header injection vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...

Fedora 17 : maniadrive-1.2-38.fc17 / php-5.4.1-1.fc17 (2012-6869)

Upstream Security Enhancements : - Fixed bug 54374 Insufficient validating of upload name leading to corrupted $FILES indices. CVE-2012-1172. - Add openbasedir checks to readlinewritehistory and readlinereadhistory. Upstream announce: http://www.php.net/archive/2012.phpid2012-04-26-1 Note that...

PHP 5.4.1 getimagesize() Denial of Service Memory leak

Exploit for php platform in category dos / poc PHP 5.4.1 getimagesize Denial of Service Memory leak Details: Getimagesize function is used to determine the size of an image. It recives one parameter as URI. Getimagesize doesn't implement any function to verify if the remote file that is been...