10 matches found
EUVD-2007-0900
Malware in sbrugna...
EUVD-2007-1880
Malware in sbrugna...
CVE-2007-1885
Integer overflow in the strreplace function in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 allows context-dependent attackers to execute arbitrary code via a single character search string in conjunction with a long replacement string, which overflows a 32 bit length counter. NOTE: this is probably...
CVE-2008-7055
module.php in ezContents 2.0.3 allows remote attackers to bypass the directory traversal protection mechanism to include and execute arbitrary local files via "....//" doubled dot dot slash sequences in the link parameter, which is not properly filtered using the strreplace function...
Directory traversal
module.php in ezContents 2.0.3 allows remote attackers to bypass the directory traversal protection mechanism to include and execute arbitrary local files via "....//" doubled dot dot slash sequences in the link parameter, which is not properly filtered using the strreplace function...
MySQL secondary vulnerability of simple prevention-vulnerability warning-the black bar safety net
This article is mainly for PHP MySQL simple operation proposed to produce a secondary vulnerability causes, and prevention programmes. A, ask questions As is known, the database operation for some special characters such as single quotes“'”, backslash“\”and other meta-characters have a strict...
Integer overflow
Integer overflow in the strreplace function in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 allows context-dependent attackers to execute arbitrary code via a single character search string in conjunction with a long replacement string, which overflows a 32 bit length counter. NOTE: this is probably...
CVE-2007-1886
CVE-2007-1886 : PHP 4.4.5 and 5.2.1 have an integer overflow in the str_replace function (off-by-one) that attackers can trigger with a single-character search and replacement string. Affected component: PHP core string handling. Reported impact in sources: partial confidentiality, partial integr...
PHP Str_Replace()整数溢出漏洞
PHP是一款广泛使用的WEB开发脚本语言。 PHP strreplace内存分配存在整数溢出,远程攻击者可利用此漏洞以应用程序进程权限执行任意指令。 当strreplace调用后,代码会根据搜索路径长度切换到两个不同代码路径。单个字符搜索字符串会又不同函数处理,因为这可导致效率更高。有效方法部分代码如下: ZSTRLENPresult = len + charcount tolen - 1; ZSTRVALPresult = target = emallocZSTRLENPresult + 1; ZTYPEPresult = ISSTRING;...
security flaw
Multiple buffer overflows in PHP before 5.2.1 allow attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors in the 1 session, 2 zip, 3 imap, and 4 sqlite extensions; 5 stream filters; and the 6 strreplace, 7 mail, 8 ibasedeleteuser, 9 ibaseadduser, and 1...