1318 matches found
Pimcore CMS 1.4.9 2.1.0 - Multiple Vulnerabilities
Pimcore CMS 1.4.9 2.1.0 - Multiple Vulnerabilities Vulnerabilities in Pimcore 1.4.9 to 2.1.0 inclusive Discovered by Pedro Ribeiro [email protected] of Agile Information Security ==================================================================== Disclosure: 14/04/2014 / Last updated: 12/10/2014...
Amazon Linux AMI : php55 (ALAS-2014-372)
acinclude.m4, as used in the configure script in PHP 5.5.13 and earlier, allows local users to overwrite arbitrary files via a symlink attack on the /tmp/phpglibccheck file. A denial of service flaw was found in the way the File Information fileinfo extension parsed certain Composite Document...
Amazon Linux AMI : php (ALAS-2014-393)
A denial of service flaw was found in the way the File Information fileinfo extension parsed certain Composite Document Format CDF files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file. acinclude.m4, as used in the configure script...
CVE-2014-7235
htdocsari/includes/login.php in the ARI Framework module/Asterisk Recording Interface ARI in FreePBX before 2.9.0.9, 2.10.x, and 2.11 before 2.11.1.5 allows remote attackers to execute arbitrary code via the ariauth cookie, related to the PHP unserialize function, as exploited in the wild in...
CVE-2014-7235
htdocsari/includes/login.php in the ARI Framework module/Asterisk Recording Interface ARI in FreePBX before 2.9.0.9, 2.10.x, and 2.11 before 2.11.1.5 allows remote attackers to execute arbitrary code via the ariauth cookie, related to the PHP unserialize function, as exploited in the wild in...
CVE-2014-7235
CVE-2014-7235 affects the ARI Framework/FreePBX Asterisk Recording Interface login.php. An unauthenticated remote attacker can exploit via the ari_auth cookie to trigger unserialize-based code execution, with exploitation observed publicly and in the wild around 2014. Affected versions include Fr...
Design/Logic Flaw
The News ttnews extension before 3.5.2 for TYPO3 allows remote attackers to have unspecified impact via vectors related to an "insecure unserialize" issue...
CVE-2014-6290
The News ttnews extension before 3.5.2 for TYPO3 allows remote attackers to have unspecified impact via vectors related to an "insecure unserialize" issue...
PHP unserialize Call SPL ArrayObject and SPLObjectStorage Memory Corruption (CVE-2014-3515)
A memory corruption vulnerability exists in PHP. The vulnerability is due to type confusion in the unserialize function for SPL ArrayObject and SPLObjectStorage. An attacker can exploit this vulnerability if the application uses the vulnerable function...
PHP multiple vulnerabilities
The PHP Team reports: insecure temporary file use in the configure script unserialize SPL ArrayObject / SPLObjectStorage Type Confusion Heap buffer over-read in DateInterval fileinfo: cdfreadshortsector insufficient boundary check fileinfo: CDF infinite loop in nelements DoS fileinfo: fileinfo:...
Oracle Linux 5 / 6 : php53 / and / php (ELSA-2014-1012)
The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-1012 advisory. - core: type confusion issue in phpinfo. CVE-2014-4721 - date: fix heap-based buffer over-read in DateInterval. CVE-2013-6712 - core: fix heap-base...
php: unserialize() SPL ArrayObject / SPLObjectStorage type confusion flaw
A type confusion issue was found in the SPL ArrayObject and SPLObjectStorage classes' unserialize method. A remote attacker able to submit specially crafted input to a PHP application, which would then unserialize this input using one of the aforementioned methods, could use this flaw to execute...
php: unserialize() SPL ArrayObject / SPLObjectStorage type confusion flaw
A type confusion issue was found in the SPL ArrayObject and SPLObjectStorage classes' unserialize method. A remote attacker able to submit specially crafted input to a PHP application, which would then unserialize this input using one of the aforementioned methods, could use this flaw to execute...
php53 and php security update
5.3.3-27.1 - core: type confusion issue in phpinfo. CVE-2014-4721 - date: fix heap-based buffer over-read in DateInterval. CVE-2013-6712 - core: fix heap-based buffer overflow in DNS TXT record parsing. CVE-2014-4049 - core: unserialize SPL ArrayObject / SPLObjectStorage type confusion flaw...
SugarCRM <= 6.3.1 unserialize() PHP Code Execution
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...
CubeCart 5.2.0 (cubecart.class.php) PHP Object Injection Vulnerability
No description provided by source. ------------------------------------------------------------------------- CubeCart = 5.2.0 cubecart.class.php PHP Object Injection Vulnerability ------------------------------------------------------------------------- - Software Link: http://www.cubecart.com/ -...
SugarCRM CE <= 6.3.1 "unserialize()" PHP Code Execution
No description provided by source. ?php / ------------------------------------------------------- SugarCRM CE = 6.3.1 unserialize PHP Code Execution ------------------------------------------------------- author...........: Egidio Romano aka EgiX mail.............: n0b0d13satgmaildotcom software...
RunCms <= 1.5.2 (debug_show.php) Remote SQL Injection Exploit
No description provided by source. ?php printr' -------------------------------------------------------------------------- RunCms = 1.5.2 /class/debug/debugshow.php sql injection / credentials disclosure exploit by rgod mail: retrog at alice dot it site: http://retrogod.altervista.org dork: Runcm...
PHP 4 unserialize() ZVAL Reference Counter Overflow (Cookie)
No description provided by source. $Id: phpunserializezvalcookie.rb 10394 2010-09-20 08:06:27Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...
CakePHP <= 1.3.5 / 1.2.8 unserialize() Vulnerability
No description provided by source. Source: http://securityreason.com/securityalert/8026 CakePHP = 1.3.5 / 1.2.8 unserialize Vulnerability felix |at| malloc.im =========================================================================== ==== Overview: CakePHP is a rapid development framework for PH...