49 matches found
PHP Out of Bounds Read Vulnerability (Jan 2015)
PHP is prone to an out of bounds read vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; ifdescription...
Out-of-bounds
sapi/cgi/cgimain.c in the CGI component in PHP through 5.4.36, 5.5.x through 5.5.20, and 5.6.x through 5.6.4, when mmap is used to read a .php file, does not properly consider the mapping's length during processing of an invalid file that begins with a character and lacks a newline character, whi...
CVE-2014-9427
sapi/cgi/cgimain.c in the CGI component in PHP through 5.4.36, 5.5.x through 5.5.20, and 5.6.x through 5.6.4, when mmap is used to read a .php file, does not properly consider the mapping's length during processing of an invalid file that begins with a character and lacks a newline character, whi...
FreeBSD : django -- multiple vulnerabilities (59e72db2-cae6-11e3-8420-00e0814cab4e)
The Django project reports : These releases address an unexpected code-execution issue, a caching issue which can expose CSRF tokens and a MySQL typecasting issue. While these issues present limited risk and may not affect all Django users, we encourage all users to evaluate their own risk and...
Unexpected code execution using reverse()
Django incorrectly handle dotted Python paths when using the django.core.urlresolvers.reverse function. An attacker can use this issue to cause Django to import arbitrary modules from the Python path, resulting in possible code execution...
django -- multiple vulnerabilities
The Django project reports: These releases address an unexpected code-execution issue, a caching issue which can expose CSRF tokens and a MySQL typecasting issue. While these issues present limited risk and may not affect all Django users, we encourage all users to evaluate their own risk and...
eGlibc - Signedness Code Execution
Exploit Title: eGlibc Signedness Vulnerability Date: November 2011 Exploit Author: c0ntex Vendor Homepage: http://www.eglibc.org Software Link: http://www.eglibc.org/home Version: eGlibc supplied by Ubuntu 10.4 LTS Tested on: Ubuntu 10.4 LTS CVE : CVE-2011-2702 A delicious, yet slightly cold...
RHEL 4 : glibc (RHSA-2012:0125)
The remote Redhat Enterprise Linux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2012:0125 advisory. - glibc: tzfileread integer overflow to buffer overflow CVE-2009-5029 - glibc: ldd unexpected code execution issue CVE-2009-5064 - glibc:...
Fedora 12 : openoffice.org-3.1.1-19.32.fc12 (2010-9576)
A security vulnerability in OpenOffice.org, related to python scripting, might lead to unexpected code execution when using the built-in scripting IDE for exploring python code. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security...