47 matches found
SUSE CVE-2004-1018
Multiple integer handling errors in PHP before 4.3.10 allow attackers to bypass safe mode restrictions, cause a denial of service, or execute arbitrary code via 1 a negative offset value to the shmopwrite function, 2 an "integer overflow/underflow" in the pack function, or 3 an "integer...
SUSE CVE-2007-1376
The shmop functions in PHP before 4.4.5, and before 5.2.1 in the 5.x series, do not verify that their arguments correspond to a shmop resource, which allows context-dependent attackers to read and write arbitrary memory locations via arguments associated with an inappropriate resource, as...
SUSE CVE-2011-1092
Integer overflow in ext/shmop/shmop.c in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service crash and possibly read sensitive memory via a large third argument to the shmopread function...
The vulnerability of the ext/shmop/shmop.c component of the PHP programming language interpreter allows a attacker to cause a service failure or disclose protected information.
The vulnerability of the ext/shmop/shmop.c component of the PHP programming language interpreter is related to errors in number processing. Exploiting this vulnerability can allow an attacker to cause service failures or disclose sensitive information...
Updated php packages fix security vulnerabilities
Updated php packages fix security vulnerabilities: - Integer overflow in mysqlirealescapestring - Symlinks are followed when creating PHAR archive - shmop can't read beyond 2147483647 bytes - Integer overflow on substrreplace - Heap buffer overflow via strrepeat - Integer Overflow when...
Fedora 31 : php (2020-62ee541bbb)
PHP version 7.3.17 16 Apr 2020 Core: - Fixed bug php79364 When copy empty array, next key is unspecified. cmb - Fixed bug php78210 Invalid pointer address. cmb, Nikita CURL: - Fixed bug php79199 curlcopyhandle memory leak. cmb Date: - Fixed bug php79396 DateTime hour incorrect during DST jump...
Fedora 30 : php (2020-96cb012029)
PHP version 7.3.17 16 Apr 2020 Core: - Fixed bug php79364 When copy empty array, next key is unspecified. cmb - Fixed bug php78210 Invalid pointer address. cmb, Nikita CURL: - Fixed bug php79199 curlcopyhandle memory leak. cmb Date: - Fixed bug php79396 DateTime hour incorrect during DST jump...
CVE-2007-1376
The shmop functions in PHP before 4.4.5, and before 5.2.1 in the 5.x series, do not verify that their arguments correspond to a shmop resource, which allows context-dependent attackers to read and write arbitrary memory locations via arguments associated with an inappropriate resource, as...
PHP < 4.4.5 / 5.2.1 (shmop Functions) Local Code Execution Exploit
No description provided by source. ?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept code from the Hardened-PHP...
USN-1126-1: PHP vulnerabilities
Stephane Chazelas discovered that the /etc/cron.d/php5 cron job for PHP 5.3.5 allows local users to delete arbitrary files via a symlink attack on a directory under /var/lib/php5/. CVE-2011-0441 Raphael Geisert and Dan Rosenberg discovered that the PEAR installer allows local users to overwrite...
Integer overflow
Integer overflow in ext/shmop/shmop.c in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service crash and possibly read sensitive memory via a large third argument to the shmopread function...
CVE-2011-1092
CVE-2011-1092 refers to an integer overflow in PHP 5.3.x before 5.3.6 (ext/shmop/shmop.c) that can cause a denial of service and potentially read sensitive memory via a large third argument to shmop_read. Public documents confirm PHP 5.3.x
PHP shmop 函数代码执行漏洞
No description provided by source...
SLES10: Security update for PHP5
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: apache2-modphp5 php5 php5-bcmath php5-bz2 php5-calendar php5-ctype php5-curl php5-dba php5-dbase php5-devel php5-dom php5-exif php5-fastcgi php5-ftp php5-gd...
SLES10: Security update for PHP5
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: apache2-modphp5 php5 php5-bcmath php5-bz2 php5-calendar php5-ctype php5-curl php5-dba php5-dbase php5-devel php5-dom php5-exif php5-fastcgi php5-ftp php5-gd...
SLES11: Security update for PHP5
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: apache2-modphp5 php5 php5-bcmath php5-bz2 php5-calendar php5-ctype php5-curl php5-dba php5-dbase php5-dom php5-exif php5-fastcgi php5-ftp php5-gd php5-gettex...
SLES10: Security update for PHP5
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: apache2-modphp5 php5 php5-bcmath php5-bz2 php5-calendar php5-ctype php5-curl php5-dba php5-dbase php5-devel php5-dom php5-exif php5-fastcgi php5-ftp php5-gd...
SLES10: Security update for PHP5
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: apache2-modphp5 php5 php5-bcmath php5-bz2 php5-calendar php5-ctype php5-curl php5-dba php5-dbase php5-devel php5-dom php5-exif php5-fastcgi php5-ftp php5-gd...
SLES10: Security update for PHP5
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: apache2-modphp5 php5 php5-bcmath php5-bz2 php5-calendar php5-ctype php5-curl php5-dba php5-dbase php5-devel php5-dom php5-exif php5-fastcgi php5-ftp php5-gd...
SLES10: Security update for PHP5
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: apache2-modphp5 php5 php5-bcmath php5-bz2 php5-calendar php5-ctype php5-curl php5-dba php5-dbase php5-devel php5-dom php5-exif php5-fastcgi php5-ftp php5-gd...