10 matches found
EUVD-2007-0900
Malware in sbrugna...
EUVD-2007-1880
Malware in sbrugna...
CVE-2007-1885
Integer overflow in the strreplace function in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 allows context-dependent attackers to execute arbitrary code via a single character search string in conjunction with a long replacement string, which overflows a 32 bit length counter. NOTE: this is probably...
Directory traversal
module.php in ezContents 2.0.3 allows remote attackers to bypass the directory traversal protection mechanism to include and execute arbitrary local files via "....//" doubled dot dot slash sequences in the link parameter, which is not properly filtered using the strreplace function...
CVE-2008-7055
module.php in ezContents 2.0.3 allows remote attackers to bypass the directory traversal protection mechanism to include and execute arbitrary local files via "....//" doubled dot dot slash sequences in the link parameter, which is not properly filtered using the strreplace function...
MySQL secondary vulnerability of simple prevention-vulnerability warning-the black bar safety net
This article is mainly for PHP MySQL simple operation proposed to produce a secondary vulnerability causes, and prevention programmes. A, ask questions As is known, the database operation for some special characters such as single quotes“'”, backslash“\”and other meta-characters have a strict...
Integer overflow
Integer overflow in the strreplace function in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 allows context-dependent attackers to execute arbitrary code via a single character search string in conjunction with a long replacement string, which overflows a 32 bit length counter. NOTE: this is probably...
CVE-2007-1886
CVE-2007-1886 : PHP 4.4.5 and 5.2.1 have an integer overflow in the str_replace function (off-by-one) that attackers can trigger with a single-character search and replacement string. Affected component: PHP core string handling. Reported impact in sources: partial confidentiality, partial integr...
PHP Str_Replace()整数溢出漏洞
PHP是一款广泛使用的WEB开发脚本语言。 PHP strreplace内存分配存在整数溢出,远程攻击者可利用此漏洞以应用程序进程权限执行任意指令。 当strreplace调用后,代码会根据搜索路径长度切换到两个不同代码路径。单个字符搜索字符串会又不同函数处理,因为这可导致效率更高。有效方法部分代码如下: ZSTRLENPresult = len + charcount tolen - 1; ZSTRVALPresult = target = emallocZSTRLENPresult + 1; ZTYPEPresult = ISSTRING;...
security flaw
Multiple buffer overflows in PHP before 5.2.1 allow attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors in the 1 session, 2 zip, 3 imap, and 4 sqlite extensions; 5 stream filters; and the 6 strreplace, 7 mail, 8 ibasedeleteuser, 9 ibaseadduser, and 1...