46 matches found
SUSE CVE-2004-1018
Multiple integer handling errors in PHP before 4.3.10 allow attackers to bypass safe mode restrictions, cause a denial of service, or execute arbitrary code via 1 a negative offset value to the shmopwrite function, 2 an "integer overflow/underflow" in the pack function, or 3 an "integer...
SUSE CVE-2007-1376
The shmop functions in PHP before 4.4.5, and before 5.2.1 in the 5.x series, do not verify that their arguments correspond to a shmop resource, which allows context-dependent attackers to read and write arbitrary memory locations via arguments associated with an inappropriate resource, as...
SUSE CVE-2011-1092
Integer overflow in ext/shmop/shmop.c in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service crash and possibly read sensitive memory via a large third argument to the shmopread function...
Updated php packages fix security vulnerabilities
Updated php packages fix security vulnerabilities: - Integer overflow in mysqlirealescapestring - Symlinks are followed when creating PHAR archive - shmop can't read beyond 2147483647 bytes - Integer overflow on substrreplace - Heap buffer overflow via strrepeat - Integer Overflow when...
Fedora 31 : php (2020-62ee541bbb)
PHP version 7.3.17 16 Apr 2020 Core: - Fixed bug php79364 When copy empty array, next key is unspecified. cmb - Fixed bug php78210 Invalid pointer address. cmb, Nikita CURL: - Fixed bug php79199 curlcopyhandle memory leak. cmb Date: - Fixed bug php79396 DateTime hour incorrect during DST jump...
Fedora 30 : php (2020-96cb012029)
PHP version 7.3.17 16 Apr 2020 Core: - Fixed bug php79364 When copy empty array, next key is unspecified. cmb - Fixed bug php78210 Invalid pointer address. cmb, Nikita CURL: - Fixed bug php79199 curlcopyhandle memory leak. cmb Date: - Fixed bug php79396 DateTime hour incorrect during DST jump...
CVE-2007-1376
The shmop functions in PHP before 4.4.5, and before 5.2.1 in the 5.x series, do not verify that their arguments correspond to a shmop resource, which allows context-dependent attackers to read and write arbitrary memory locations via arguments associated with an inappropriate resource, as...
PHP < 4.4.5 / 5.2.1 (shmop Functions) Local Code Execution Exploit
No description provided by source. ?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept code from the Hardened-PHP...
USN-1126-1: PHP vulnerabilities
Stephane Chazelas discovered that the /etc/cron.d/php5 cron job for PHP 5.3.5 allows local users to delete arbitrary files via a symlink attack on a directory under /var/lib/php5/. CVE-2011-0441 Raphael Geisert and Dan Rosenberg discovered that the PEAR installer allows local users to overwrite...
Integer overflow
Integer overflow in ext/shmop/shmop.c in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service crash and possibly read sensitive memory via a large third argument to the shmopread function...
CVE-2011-1092
CVE-2011-1092 refers to an integer overflow in PHP 5.3.x before 5.3.6 (ext/shmop/shmop.c) that can cause a denial of service and potentially read sensitive memory via a large third argument to shmop_read. Public documents confirm PHP 5.3.x
PHP shmop 函数代码执行漏洞
No description provided by source...
SLES10: Security update for PHP5
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: apache2-modphp5 php5 php5-bcmath php5-bz2 php5-calendar php5-ctype php5-curl php5-dba php5-dbase php5-devel php5-dom php5-exif php5-fastcgi php5-ftp php5-gd...
SLES10: Security update for PHP5
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: apache2-modphp5 php5 php5-bcmath php5-bz2 php5-calendar php5-ctype php5-curl php5-dba php5-dbase php5-devel php5-dom php5-exif php5-fastcgi php5-ftp php5-gd...
SLES11: Security update for PHP5
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: apache2-modphp5 php5 php5-bcmath php5-bz2 php5-calendar php5-ctype php5-curl php5-dba php5-dbase php5-dom php5-exif php5-fastcgi php5-ftp php5-gd php5-gettex...
SLES10: Security update for PHP5
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: apache2-modphp5 php5 php5-bcmath php5-bz2 php5-calendar php5-ctype php5-curl php5-dba php5-dbase php5-devel php5-dom php5-exif php5-fastcgi php5-ftp php5-gd...
SLES10: Security update for PHP5
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: apache2-modphp5 php5 php5-bcmath php5-bz2 php5-calendar php5-ctype php5-curl php5-dba php5-dbase php5-devel php5-dom php5-exif php5-fastcgi php5-ftp php5-gd...
SLES10: Security update for PHP5
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: apache2-modphp5 php5 php5-bcmath php5-bz2 php5-calendar php5-ctype php5-curl php5-dba php5-dbase php5-devel php5-dom php5-exif php5-fastcgi php5-ftp php5-gd...
SLES10: Security update for PHP5
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: apache2-modphp5 php5 php5-bcmath php5-bz2 php5-calendar php5-ctype php5-curl php5-dba php5-dbase php5-devel php5-dom php5-exif php5-fastcgi php5-ftp php5-gd...
SLES11: Security update for PHP5
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: apache2-modphp5 php5 php5-bcmath php5-bz2 php5-calendar php5-ctype php5-curl php5-dba php5-dbase php5-dom php5-exif php5-fastcgi php5-ftp php5-gd php5-gettex...