Design/Logic Flaw

Untrusted search path vulnerability in the wrapper scripts for the 1 rug, 2 zen-updater, 3 zen-installer, and 4 zen-remover programs on SUSE Linux 10.1 and Enterprise 10 allows local users to gain privileges via modified a LDLIBRARYPATH and b MONOGACPREFIX environment variables...

CVE-2007-4304

CerbNG for FreeBSD 4.8 does not properly implement VM protection when attempting to prevent system call wrapper races, which allows local users to have an unknown impact related to an "incorrect write protection of pages"...

Design/Logic Flaw

CerbNG for FreeBSD 4.8 does not properly implement VM protection when attempting to prevent system call wrapper races, which allows local users to have an unknown impact related to an "incorrect write protection of pages"...

CVE-2007-4304

CerbNG for FreeBSD 4.8 does not properly implement VM protection when attempting to prevent system call wrapper races, which allows local users to have an unknown impact related to an "incorrect write protection of pages"...

security flaw

Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.5 allow remote attackers to execute arbitrary code via a crafted XPCNativeWrapper...

security flaw

Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.5 allow remote attackers to execute arbitrary code via a crafted XPCNativeWrapper...

security flaw

Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.5 allow remote attackers to execute arbitrary code via a crafted XPCNativeWrapper...

Cross site scripting

Cross-site scripting XSS vulnerability in Simple CGI Wrapper scgiwrap in cPanel before 10.9.1, and 11.x before 11.4.19-R14378, allows remote attackers to inject arbitrary web script or HTML via the URI. NOTE: the provenance of this information is unknown; the details are obtained solely from thir...

CVE-2007-3367

Simple CGI Wrapper scgiwrap in cPanel before 10.9.1, and 11.x before 11.4.19-R14378, allows remote attackers to obtain sensitive information via a direct request, which reveals the path in an error message. NOTE: the provenance of this information is unknown; the details are obtained solely from...

Information disclosure

Simple CGI Wrapper scgiwrap in cPanel before 10.9.1, and 11.x before 11.4.19-R14378, allows remote attackers to obtain sensitive information via a direct request, which reveals the path in an error message. NOTE: the provenance of this information is unknown; the details are obtained solely from...

CVE-2007-3366

Cross-site scripting XSS vulnerability in Simple CGI Wrapper scgiwrap in cPanel before 10.9.1, and 11.x before 11.4.19-R14378, allows remote attackers to inject arbitrary web script or HTML via the URI. NOTE: the provenance of this information is unknown; the details are obtained solely from thir...

CVE-2007-3367

Simple CGI Wrapper scgiwrap in cPanel before 10.9.1, and 11.x before 11.4.19-R14378, allows remote attackers to obtain sensitive information via a direct request, which reveals the path in an error message. NOTE: the provenance of this information is unknown; the details are obtained solely from...

CVE-2007-3366

CVE-2007-3366 describes a Cross-site scripting (XSS) vulnerability in the Simple CGI Wrapper (scgiwrap) used by cPanel, affecting cPanel before 10.9.1 and 11.x before 11.4.19-R14378. The issue allows remote attackers to inject arbitrary web script or HTML via the request URI. The connected docume...

CVE-2007-3294

Multiple buffer overflows in libtidy, as used in the Tidy extension for PHP 5.2.3 and possibly other products, allow context-dependent attackers to execute arbitrary code via 1 a long second argument to the tidyparsestring function or 2 an unspecified vector to the tidyrepairstring function. NOTE...

MOPB-pecl.txt

?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept code from the Hardened-PHP Project // // C Copyright 2007 Stefan...

PHP 5.2.1 - 'hash_update_file()' Freed Resource Usage

?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept code from the Hardened-PHP Project // // C Copyright 2007 Stefan...

PHP BZip2/Zip Wrappers模块多个Safe_Mode和Open_Basedir限制绕过漏

PHP是一款广泛使用的WEB开发脚本语言。 PHP包含的BZip2/Zip Wrappers模块存在限制绕过问题，远程攻击者可利用此漏洞写任意文件信息到未授权位置或访问敏感信息。 bz2扩展定义的compress.bzip2:// URL Wrapper和PECL zip定义的zip:// URL没有执行任意safemode或openbasedir限制，可导致绕过安全限制，写任意文件信息到未授权位置或访问敏感信息。 PHP PHP 5.2.1 PHP PHP 5.1.6 PHP PHP 5.1.5 PHP PHP 5.1.4 PHP PHP 5.1.3 PHP PHP 5.1.3 PHP...

MOPB-21-2007:PHP compress.bzip2:// URL Wrapper safemode and open_basedir Bypass Vulnerability

Summary The compress.bzip2:// URL Wrapper defined by the bz2 extension does not perform any safemode or openbasedir checks and therefore allows access to archives outside the basedir or safemode restrictions. Affected versions Affected is PHP = 5.2.1 Detailed information No details needed Proof o...

CVE-2007-1460

The zip:// URL wrapper provided by the PECL zip extension in PHP before 4.4.7, and 5.2.0 and 5.2.1, does not implement safemode or openbasedir checks, which allows remote attackers to read ZIP archives located outside of the intended directories...

CVE-2007-1461

The compress.bzip2:// URL wrapper provided by the bz2 extension in PHP before 4.4.7, and 5.x before 5.2.2, does not implement safemode or openbasedir checks, which allows remote attackers to read bzip2 archives located outside of the intended directories...