Lucene search
K

35 matches found

seebug.org
seebug.org
added 2007/03/14 12:0 a.m.14 views

PHP <= 5.2.1 session_regenerate_id() Double Free Exploit

No description provided by source. ?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept code from the Hardened-PHP...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2007/03/12 12:0 a.m.38 views

PHP 5.2.0 (OSX) - EXT/Filter Space Trimming Buffer Underflow

?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept code from the Hardened-PHP Project // // C Copyright 2007 Stefan...

7.4AI score
Exploits0
UbuntuCve
UbuntuCve
added 2007/03/10 12:19 a.m.36 views

CVE-2007-1375

Integer overflow in the substrcompare function in PHP 5.2.1 and earlier allows context-dependent attackers to read sensitive memory via a large value in the length argument, a different vulnerability than CVE-2006-1991...

5CVSS5.9AI score0.08156EPSS
Exploits1References2
securityvulns
securityvulns
added 2007/03/10 12:0 a.m.39 views

MOPB-14-2007:PHP substr_compare() Information Leak Vulnerability

Summary PHP 5 comes with the substrcompare function that allows binary safe, optionally case insensitive, comparison of 2 strings from an offset, up to length characters. Due to an integer overflow while performing sanity checks on the arguments it is possible to compare offsets far outside the...

1.6AI score
Exploits0
seebug.org
seebug.org
added 2007/03/08 12:0 a.m.10 views

PHP <= 5.2.1 substr_compare() Information Leak Exploit

No description provided by source. ?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || // // | |/ || '|/ |/ -| ' / -/ |||| /| || / //...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2007/03/07 12:0 a.m.11 views

PHP <= 5.2.1 substr_compare() Information Leak Exploit

No description provided by source. ?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept code from the Hardened-PHP...

7.1AI score
Exploits0
0day.today
0day.today
added 2007/03/07 12:0 a.m.16 views

PHP <= 5.2.1 substr_compare() Information Leak Exploit

Exploit for multiple platform in category local exploits ====================================================== PHP = 5.2.1 substrcompare Information Leak Exploit ====================================================== ?php //////////////////////////////////////////////////////////////////////// /...

6.9AI score
Exploits0
Exploit DB
Exploit DB
added 2007/03/07 12:0 a.m.35 views

PHP 5.2.1 - &#039;substr_compare()&#039; Information Leak

?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept code from the Hardened-PHP Project // // C Copyright 2007 Stefan...

7AI score
Exploits0
exploitpack
exploitpack
added 2007/03/07 12:0 a.m.13 views

PHP 5.2.1 - substr_compare() Information Leak

PHP 5.2.1 - substrcompare Information Leak ?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept code from the...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/02/18 12:0 a.m.41 views

SUSE-SA:2006:031: PHP4,PHP5

The remote host is missing the patch for the advisory SUSE-SA:2006:031 PHP4,PHP5. This update fixes the following security issues in the PHP scripting language, both version 4 and 5: - Invalid characters in session names were not blocked. - CVE-2006-2657: A bug in zendhashdel allowed attackers to...

6.4CVSS8.2AI score0.1038EPSS
Exploits4
seebug.org
seebug.org
added 2006/10/29 12:0 a.m.12 views

PHP多个远程安全漏洞

PHP是广泛使用的通用目的脚本语言,特别适合于Web开发,可嵌入到HTML中。 PHP的substrcompare函数没有正确的验证偏移/长度参数。此外,PHP还没有正确的处理会话名称中的某些字符。攻击者可以利用这些漏洞远程执行任意代码。 PHP PHP 4.4.x 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.php.net/downloads.php...

7.1AI score
Exploits0
Ubuntu
Ubuntu
added 2006/07/19 10:58 p.m.118 views

USN-320-1: PHP vulnerabilities

The phpinfo PHP function did not properly sanitize long strings. A remote attacker could use this to perform cross-site scripting attacks against sites that have publicly-available PHP scripts that call phpinfo. Please note that it is not recommended to publicly expose phpinfo. CVE-2006-0996 An...

9.3CVSS8AI score0.20514EPSS
Exploits10
UbuntuCve
UbuntuCve
added 2006/04/24 11:2 p.m.34 views

CVE-2006-1991

The substrcompare function in string.c in PHP 5.1.2 allows context-dependent attackers to cause a denial of service memory access violation via an out-of-bounds offset argument...

6.4CVSS7.2AI score0.02186EPSS
Exploits1References2
Prion
Prion
added 2006/04/24 11:2 p.m.25 views

Design/Logic Flaw

The substrcompare function in string.c in PHP 5.1.2 allows context-dependent attackers to cause a denial of service memory access violation via an out-of-bounds offset argument...

6.4CVSS6.4AI score0.02186EPSS
Exploits1References12Affected Software1
Cvelist
Cvelist
added 2006/04/24 11:0 p.m.26 views

CVE-2006-1991

The substrcompare function in string.c in PHP 5.1.2 allows context-dependent attackers to cause a denial of service memory access violation via an out-of-bounds offset argument...

6.1AI score0.02186EPSS
Exploits1References12
Rows per page
Query Builder