Internet Bug Bounty: memory corruption in wordwrap function

Please check: https://bugs.php.net/bug.php?id=73017...

PHP 5.1.x < 5.1.5 Multiple Vulnerabilities

According to its banner, the version of PHP 5.x installed on the remote host is older than 5.1.5. Such versions may be affected by the following vulnerabilities : - The c-client library 2000, 2001, or 2004 for PHP does not check the safemode or openbasedir functions. CVE-2006-1017 - A buffer...

PHP 5.2.x<5.2.14,5.3.x<5.3.3 strip_tags,setcookie,strtok,wordwrap,str_word_count,str_pad 函数信息

No description provided by source...

php 4.3.3 wordwrap 缓冲区溢出漏洞

No description provided by source...

SuSE9 Security Update : PHP4 (YOU Patch Number 12049)

This update fixes multiple bugs in php : - several problems in pcre CVE-2007-1660, CVE-2006-7225, CVE-2006-7224, CVE-2006-7226 CVE-2007-1659, CVE-2006-7230 - Flaws in processing multi byte sequences in htmlentities/htmlspecialchars. CVE-2007-5898 - overly long arguments to the dl function could...

Ubuntu Update for php5 vulnerabilities USN-549-1

Ubuntu Update for Linux kernel vulnerabilities USN-549-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN5491.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for php5 vulnerabilities USN-549-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

Gentoo Security Advisory GLSA 200605-08 (php)

The remote host is missing updates announced in advisory GLSA 200605-08. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-1578-1 : php4 - several vulnerabilities

Several vulnerabilities have been discovered in PHP version 4, a server-side, HTML-embedded scripting language. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-3799 The sessionstart function allows remote attackers to insert arbitrary attributes int...

openSUSE 10 Security Update : apache2-mod_php5 (apache2-mod_php5-4810)

This update fixes multiple bugs in php : - use system pcre library to fix several pcre vulnerabilities CVE-2007-1659, CVE-2006-7230, CVE-2007-1660, CVE-2006-7227 CVE-2005-4872, CVE-2006-7228 - Flaws in processing multi byte sequences in htmlentities/htmlspecialchars CVE-2007-5898 - overly long...

Debian DSA-1444-2 : php5 - several vulnerabilities

It was discovered that the patch for CVE-2007-4659 could lead to regressions in some scenarios. The fix has been reverted for now, a revised update will be provided in a future PHP DSA. For reference the original advisory below : Several remote vulnerabilities have been discovered in PHP, a...

[SECURITY] [DSA 1444-1] New php5 packages fix several vulnerabilities

------------------------------------------------------------------------ Debian Security Advisory DSA-1444-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff January 03, 2008 http://www.debian.org/security/faq -...

Ubuntu 7.10 : php5 regression (USN-549-2)

USN-549-1 fixed vulnerabilities in PHP. However, some upstream changes were incomplete, which caused crashes in certain situations with Ubuntu 7.10. This update fixes the problem. We apologize for the inconvenience. It was discovered that the wordwrap function did not correctly check lengths...

Ubuntu 5.04 / 5.10 / 6.06 LTS : php4, php5 vulnerabilities (USN-320-1)

The phpinfo PHP function did not properly sanitize long strings. A remote attacker could use this to perform cross-site scripting attacks against sites that have publicly-available PHP scripts that call phpinfo. Please note that it is not recommended to publicly expose phpinfo. CVE-2006-0996 An...

php floating point exception inside wordwrap

The wordwrap function in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, does not properly use the breakcharlen variable, which allows remote attackers to cause a denial of service divide-by-zero error and application crash, or infinite loop via certain arguments, as demonstrated by a 'chr0, 0, ""'...

php floating point exception inside wordwrap

The wordwrap function in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, does not properly use the breakcharlen variable, which allows remote attackers to cause a denial of service divide-by-zero error and application crash, or infinite loop via certain arguments, as demonstrated by a 'chr0, 0, ""'...

Moderate: Red Hat Security Advisory: php security update

Updated PHP packages that fix several security issues are now available for Red Hat Application Stack. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. The...

PHP: Multiple vulnerabilities

Background PHP is a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML. Description Several vulnerabilities were found in PHP. Mattias Bengtsson and Philip Olausson reported integer overflows in the gdImageCreate and...

php security update

CentOS Errata and Security Advisory CESA-2007:0889 Updated PHP packages that fix several security issues are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting languag...

php floating point exception inside wordwrap

The wordwrap function in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, does not properly use the breakcharlen variable, which allows remote attackers to cause a denial of service divide-by-zero error and application crash, or infinite loop via certain arguments, as demonstrated by a 'chr0, 0, ""'...

Moderate: Red Hat Security Advisory: php security update

Updated PHP packages that fix several security issues are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server...