Internet Bug Bounty: Use after free with assign by ref to overloaded objects

Reported: 2015-07-15 16:30 UTC Fixed: 2015-07-21 14:20 UTC Bug Report: https://bugs.php.net/bug.php?id=70083 Fixed in PHP 5.6: http://git.php.net/?p=php-src.git;a=commitdiff;h=f57cb13c566613eec0e1c2f6d96d18565436a9b7 Fixed in 7:...

PHP <= 5.4.3 (com_event_sink) Denial of Service

No description provided by source. ?php / PHP = 5.4.3 comeventsink Code Execution Proof of Concept Found by condis Website: http://cond.psychodela.pl Tested on: PHP 5.3.8 + Windows XP SP3 Professional PL PHP 5.3.10 + Windows XP SP3 Professional PL PHP 5.4.0 + Windows XP SP3 Professional PL PHP...

GDL 4.2 - Multiple Vulnerabilities

Title : GDL 4.2 Multiple Vulnerabilities - Down. Script : http://kmrg.itb.ac.id/ - http://kmrg.itb.ac.id/gdl42.zip - Author : ByEge - Home : http://byege.blogspot.com.tr/ - Tested : Apache/2.2.22 Win32 PHP/5.4.3 - Date : 26/02/2014 - Google Dork : "Powered by GDL 4.2" And "gdl.php?mod=browse" -...

php5. 4. 3 remote code execution vulnerabilities, and provide the right kind of work-vulnerability warning-the black bar safety net

PHP comprinttypeinfovulnerability through PHP code to call"exec"to run the SHELL command With this mention of the right is not very convenient? // Exploit Title: PHP 5.4 5.4.3 Code Execution 0day Win32 // Exploit author: 0in Maksymilian Motyl // Email: 0indotemailatgmail.com // Bug with Variant...

PHP 5.4.3 - apache_request_headers Function Buffer Overflow (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'PHP apacherequestheaders Function...

PHP 5.4.3 (cli) code read vulnerability

Exploit for php platform in category web applications ============================================================= Exploit Title: PHP 5.4.3 cli code read vulnerability Date: 2012/13/06 Author: cheki Software Link: http://php.net/downloads.php Version: PHP 5.4.3 cli built: May 9 2012 15:06:10...

CVE-2012-2376

Buffer overflow in the comprinttypeinfo function in PHP 5.4.3 and earlier on Windows allows remote attackers to execute arbitrary code via crafted arguments that trigger incorrect handling of COM object VARIANT types, as exploited in the wild in May 2012...

CVE-2012-2376

Buffer overflow in the comprinttypeinfo function in PHP 5.4.3 and earlier on Windows allows remote attackers to execute arbitrary code via crafted arguments that trigger incorrect handling of COM object VARIANT types, as exploited in the wild in May 2012...

PHP 5.4.3 Null Pointer Dereference

4.1.0 and PHP 5. For more details check : http://php.net/manual/en/class.variant.php PS2: After running this via webserver my Apache wasn't able to handle requests anymore and I had to restart him :...

PHP CGI Query String Parameters Command Execution

Added: 05/15/2012 CVE: CVE-2012-1823 BID: 53388 OSVDB: 81633 Background PHP is a widely used general-purpose scripting language that is especially suited for Web development. Problem When configured as a CGI script aka php-cgi, PHP does not properly handle query string parameters which are passed...

PHP 5.4.3 (Windows x86 Polish) - Code Execution

// Exploit Title: PHP 5.4 5.4.3 Code Execution 0day Win32 // Exploit author: 0in Maksymilian Motyl // Email: 0indotemailatgmail.com // Bug with Variant type parsing originally discovered by Condis // Tested on Windows XP SP3 fully patched Polish =================== offset-brute.html...

PHP 5.4.3 (Windows x86 Polish) - Code Execution

PHP 5.4.3 Windows x86 Polish - Code Execution...