89 matches found
PHP 5.5.x < 5.5.9 GD Extension Multiple Vulnerabilities
Binary data 8125.prm...
PHP 5.5.x < 5.5.9 GD Extension Multiple Vulnerabilities
According to its banner, the version of PHP 5.5.x installed on the remote host is a version prior to 5.5.9. It is, therefore, potentially affected by the following vulnerabilities related to the GD extension : - A heap-based buffer overflow error exists related to the functions 'gdImageCrop' and...
PHP OpenSSL Extension 'openssl_x509_parse()'内存破坏漏洞
BUGTRAQ ID: 64225 CVECAN ID: CVE-2013-6420 PHP 5.3.27之前版本、5.4.22之前版本、5.5.6之前版本解析x.509证书时,"asn1timetotimet"函数ext/openssl/openssl.c出错,攻击者通过特制的x.509证书利用此漏洞可破坏内存。 0 PHP PHP 5.5.x PHP PHP 5.4.x PHP PHP 5.3.x 厂商补丁: PHP --- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.php.net...
PHP 5.5.x < 5.5.7 OpenSSL openssl_x509_parse() Memory Corruption
According to its banner, the version of PHP 5.5.x installed on the remote host is a version prior to 5.5.7. It is, therefore, potentially affected by a memory corruption flaw in the way the opensslx509parse function of the PHP OpenSSL extension parsed X.509 certificates. A remote attacker could u...
PHP 5.5.x < 5.5.1 xml.c Buffer Overflow
Binary data 6999.prm...
PHP 5.5.x < 5.5.1 xml.c Buffer Overflow
According to its banner, the version of PHP 5.5.x installed on the remote host is a version prior to 5.5.1. It is, therefore, potentially affected by a buffer overflow error that exists in the file 'ext/xml/xml.c'. Note that this plugin does not attempt to exploit this vulnerability, but instead...
Fedora 17 : php-pecl-radius-1.2.7-1.fc17 (2013-11992)
Version 1.2.7 - Fix a security issue in radiusgetvendorattr by enforcing checks of the VSA length field against the buffer size. Adam Version 1.2.6 - Support added for PHP 5.4 and 5.5. Johannes - Fixed bug 60885 Radius module causing Apache segmentation fault. Adam - Fixed a crash when calling...
Fedora 19 : php-pecl-radius-1.2.7-1.fc19 (2013-11911)
RPM change : - provide the ZTS extension Version 1.2.7 - Fix a security issue in radiusgetvendorattr by enforcing checks of the VSA length field against the buffer size. Adam Version 1.2.6 - Support added for PHP 5.4 and 5.5. Johannes - Fixed bug 60885 Radius module causing Apache segmentation...
code injection in `Wrapper::buildClientWrapperCode` via manipulation of the `$client` argument
security fix: hardened the Client::send method against misuse of the $method argument issue 81. Abusing its value, it was possible to force the client to access local files or connect to undesired urls instead of the intended target server's url the one used in the Client constructor. This weakne...