PHP 'ext/filter/sanitizing_filters.c' integer overflow vulnerability

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. An integer overflow vulnerability exists in PHP's ext/filter/sanitizingfilters.c file. An attacker could exploit this vulnerability to cause a...

Important: Red Hat Security Advisory: php55-php security update

Updated php55-php packages that fix multiple security issues are now available for Red Hat Software Collections 2. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

PHP: Multiple vulnerabilities

Background PHP is a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML. Description Multiple vulnerabilities have been discovered in PHP. Please review the CVE identifiers referenced below for details. Impact A remote attacke...

[SECURITY] Fedora 20 Update: php-5.5.21-1.fc20

PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...

PHP 5.6.5 Released With Several Security Fixes

Several new versions of PHP have been released, fixing a number of security vulnerabilities and other bugs in the popular scripting language. PHP 5.6.5 is the newest version of the language, and it has patches for a handful of vulnerabilities, including a use-after-free flaw that could lead to...

[USN-2391-1] php5 vulnerabilities

========================================================================== Ubuntu Security Notice USN-2391-1 October 30, 2014 php5 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

Google detected Malware on PHP.net website; Flagged as 'Suspicious' site

If you are today trying to visit the php.net website, an official website of the PHP scripting language, you will likely see the above shown result, instead of the original website. Chrome and Firefox is currently flagging the site as "suspicious" and contains malware that can harm your computer...

[SECURITY] Fedora 18 Update: php-5.4.19-1.fc18

PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...

Fedora Update for mantis FEDORA-2013-5801

Check for the Version of mantis OpenVAS Vulnerability Test Fedora Update for mantis FEDORA-2013-5801 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

[SECURITY] Fedora 18 Update: mantis-1.2.15-1.fc18

Mantis is a free popular web-based issue tracking system. It is written in the PHP scripting language and works with MySQL, MS SQL, and PostgreSQL databases and a web server. Almost any web browser should be able to function as a client. Documentation can be found in: /usr/share/doc/mantis-1.2.15...

Scientific Linux Security Update : php53 on SL5.x i386/x86_64 (20120627)

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. It was discovered that the PHP XSL extension did not restrict the file writing capability of libxslt. A remote attacker could use this flaw to create or overwrite an arbitrary file that is writable by the user...

Fedora Update for php FEDORA-2012-7586

Check for the Version of php OpenVAS Vulnerability Test Fedora Update for php FEDORA-2012-7586 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of t...

PHP CGI Query String Parameters Command Execution

Added: 05/15/2012 CVE: CVE-2012-1823 BID: 53388 OSVDB: 81633 Background PHP is a widely used general-purpose scripting language that is especially suited for Web development. Problem When configured as a CGI script aka php-cgi, PHP does not properly handle query string parameters which are passed...

PHP 5.3.8 Released, Fixes Crypto Bug

A day after warning users about a serious bug in the cryptographic function in PHP 5.3.7 and telling them not to upgrade to that release, the maintainers of the scripting language pushed out version 5.3.8, which fixes the crypto problem as well as another security related issue. PHP 5.3.7, which...

Serious Crypto Bug Found in PHP 5.3.7

The maintainers of the PHP scripting language are warning users about a serious crypto problem in the latest release and advising them not to upgrade to PHP 5.3.7 until the bug is resolved. PHP 5.3.7 was just released last week and that version contained fixes for a slew of security...

Esselbach Storyteller CMS System Version 1.8 SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Esselbach Storyteller CMS System Version 1.8 page.php Remote SQL Injection Vulnerability Date: March, 9th 2011 GMT +7 Author: Shamus Software Link: http://www.esselbach.com/ Version : Esselbach Storyteller CMS System Version 1.8...

[SECURITY] Fedora 12 Update: php-5.3.3-1.fc12

PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated webpages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...

PHP tempnam()函数safe_mode验证绕过安全限制漏洞

BUGTRAQ ID: 38431 PHP是广泛使用的通用目的脚本语言，特别适合于Web开发，可嵌入到HTML中。 当目录路径没有以“/”结束时PHP的tempnam函数中没有正确的执行safemode验证，攻击者可以绕过安全限制获得对目录的读写访问。 PHP PHP 5.3.x PHP PHP 5.2.x 厂商补丁： PHP --- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://svn.php.net/viewvc/php/php-src/branches/PHP53/ext/session/session.c?view=log...

php: FastCGI module DoS via multiple dots preceding the extension

PHP 4.4.x before 4.4.9, and 5.x through 5.2.6, when used as a FastCGI module, allows remote attackers to cause a denial of service crash via a request with multiple dots preceding the extension, as demonstrated using foo..php...

Fedora Update for mantis FEDORA-2008-8925

Check for the Version of mantis OpenVAS Vulnerability Test Fedora Update for mantis FEDORA-2008-8925 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...