89 matches found
PHP SoapFault Type Confusion
Type Confusion Infoleak Vulnerability in unserialize with SoapFault Taoguang Chen - Write Date: 2015.3.1 - Release Date: 2015.4.28 A type confusion vulnerability was discovered in unserialize with SoapFault object's toString magic method that can be abused for leaking arbitrary memory blocks...
PHP Exception Type Confusion / Heap Overflow
Type Confusion Infoleak and Heap Overflow Vulnerability in unserialize with exception Taoguang Chen - Write Date: 2015.3.3 - Release Date: 2015.4.28 A type confusion vulnerability was discovered in exception object's toString/getTraceAsString method that can be abused for leaking arbitrary memory...
Sptoolkit Rebirth - Phishing Education Toolkit
The spt rebirth project is an open source phishing education toolkit that aims to help in securing the mind as opposed to securing computers. Organizations spend billions of dollars annually in an effort to safeguard information systems, but spend little to nothing on the under trained and...
PHP arbitrary file upload Vulnerability, CVE-2 0 1 5-2 3 4 8 analysis and use-vulnerability and early warning-the black bar safety net
Today, security researchers released a medium-risk vulnerabilities--PHP arbitrary file upload Vulnerability, CVE-2 0 1 5-2 3 4 8 in. Typically, the php developer will be the file name suffix, file typeContent-Type, Mime type, file size, etc. to be checked to limit the malicious php script is...
PHP 5.4.x < 5.4.39 Multiple Vulnerabilities
According to its banner, the version of PHP 5.4.x installed on the remote host is prior to 5.4.39. It is, therefore, affected by multiple vulnerabilities : - A use-after-free error exists related to function 'unserialize', which can allow a remote attacker to execute arbitrary code. Note that thi...
PHP unserialize() Use-After-Free
Use After Free Vulnerability in unserialize Taoguang Chen - Write Date: 2015.2.3 - Release Date: 2015.3.20 A use-after-free vulnerability was discovered in unserialize with a specially defined object's wakeup magic method that can be abused for leaking arbitrary memory blocks or execute arbitrary...
Internet Bug Bounty: ZIP Integer Overflow leads to writing past heap boundary
https://bugs.php.net/bug.php?id=69253 Integer overflow in the zipcdirnew function in zipdirent.c in libzip 0.11.2 and earlier, as used in the ZIP extension in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 and other products, allows remote attackers to cause a denial of service...
Internet Bug Bounty: Use after free vulnerability in unserialize() with DateInterval
Use After Free Vulnerability in unserialize with DateInterval Taoguang Chen - Write Date: 2015.2.28 - Release Date: 2015.3.20 A use-after-free vulnerability was discovered in unserialize with DateInterval object's wakeup magic method that can be abused for leaking arbitrary memory blocks or execu...
PHP 5.4.x < 5.4.35 / 5.5.x < 5.5.19 / 5.6.x < 5.6.3 Out-of-Bounds Read
Binary data 8908.prm...
PHP 5.4.x < 5.4.28 / 5.5.x < 5.5.12 Privilege Escalation
Binary data 9096.prm...
PHP DateTime - Use-After-Free
Use After Free Vulnerability in unserialize with DateTime CVE-2015-0273 Taoguang Chen - Write Date: 2015.1.29 - Release Date: 2015.2.20 A use-after-free vulnerability was discovered in unserialize with DateTime/DateTimeZone/DateInterval/DatePeriod objects's wakeup magic method that can be abused...
PHP DateTimeZone Type Confusion Infoleak
Type Confusion Infoleak Vulnerability in unserialize with DateTimeZone Taoguang Chen - Write Date: 2015.1.29 - Release Date: 2015.2.20 A Type Confusion Vulnerability was discovered in unserialize with DateTimeZone object's wakeup magic method that can be abused for leaking arbitrary memory blocks...
Medium: php54
Issue Overview: sapi/cgi/cgimain.c in the CGI component in PHP through 5.4.36, 5.5.x through 5.5.20, and 5.6.x through 5.6.4, when mmap is used to read a .php file, does not properly consider the mapping's length during processing of an invalid file that begins with a character and lacks a newlin...
Internet Bug Bounty: Use After Free Vulnerability in unserialize()
Use After Free Vulnerability in unserialize Taoguang Chen - Write Date: 2015.2.3 - Release Date: 2015.3.20 A use-after-free vulnerability was discovered in unserialize with a specially defined object's wakeup magic method that can be abused for leaking arbitrary memory blocks or execute arbitrary...
Internet Bug Bounty: Use after free vulnerability in unserialize() with DateTimeZone
A use-after-free vulnerability was discovered in unserialize with DateTime/DateTimeZone/DateInterval/DatePeriod objects's wakeup magic method that can be abused for leaking arbitrary memory blocks or execute arbitrary code remotely. Affected Versions ------------ Affected is PHP 5.6 5.6.6 Affecte...
PHP 5.4.x < 5.4.37 Multiple Vulnerabilities
According to its banner, the version of PHP 5.4.x installed on the remote host is prior to 5.4.37. It is, therefore, affected by multiple vulnerabilities: - The CGI component has an out-of-bounds read flaw in file 'cgimain.c' when nmap is used to process an invalid file that begins with a hash...
Fedora 19 : php-ZendFramework2-2.2.8-2.fc19 (2014-14043)
Security Fixes - ZF2014-05: Due to an issue that existed in PHP's LDAP extension, it is possible to perform an unauthenticated simple bind against a LDAP server by using a null byte for the password, regardless of whether or not the user normally requires a password. We have provided a patch in...
CVE-2014-3669
Integer overflow in the objectcustom function in ext/standard/varunserializer.c in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via an argument to the unserialize function...
CVE-2014-3668
Buffer overflow in the datefromISO8601 function in the mkgmtime implementation in libxmlrpc/xmlrpc.c in the XMLRPC extension in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2 allows remote attackers to cause a denial of service application crash via 1 a crafted first argument to t...
PHP: Multiple vulnerabilities
Background PHP is a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML. Description Multiple vulnerabilities have been discovered in PHP. Please review the CVE identifiers referenced below for details. Impact A...