CVE-2015-6838

CVE-2015-6838 affects PHP’s XSLTProcessor (ext/xsl/xsltprocessor.c). When libxml2 before 2.9.2 is used, the code does not guard the return value of valuePop(), allowing a NULL pointer dereference that can crash the application (denial of service). The vulnerability is documented as: PHP versions ...

Amazon Linux AMI : php54 (ALAS-2016-670)

A NULL pointer dereference flaw was found in the XSLTProcessor class in PHP. An attacker could use this flaw to cause a PHP application to crash if it performed Extensible Stylesheet Language XSL transformations using untrusted XSLT files and allowed the use of PHP functions to be used as XSLT...

Amazon Linux: Security Advisory (ALAS-2016-670)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Moderate: Red Hat Security Advisory: rh-php56-php security update

Updated rh-php56-php packages that fix multiple security issues are now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

SUSE SLES11 Security Update : php53 (SUSE-SU-2015:1818-1)

This update of PHP5 brings several security fixes. Security fixes : - CVE-2015-6831: A use after free vulnerability in unserialize has been fixed which could be used to crash php or potentially execute code. bnc942291 bnc942294 bnc942295 - CVE-2015-6836: A SOAP serializefunctioncall type confusio...

Amazon Linux AMI : php55 (ALAS-2015-602)

As reported upstream, A NULL pointer dereference flaw was found in the way PHP's Phar extension parsed Phar archives. A specially crafted archive could cause PHP to crash. CVE-2015-7803 A flaw was discovered in the way PHP performed object unserialization. Specially crafted input processed by the...

Medium: php55

Issue Overview: As reported upstream https://bugs.php.net/bug.php?id=69720, A NULL pointer dereference flaw was found in the way PHP's Phar extension parsed Phar archives. A specially crafted archive could cause PHP to crash. CVE-2015-7803 A flaw was discovered in the way PHP performed object...

openSUSE Security Update : php5 (openSUSE-2015-609)

The PHP5 script interpreter was updated to fix various security issues : - CVE-2015-6831: A use after free vulnerability in unserialize has been fixed which could be used to crash php or potentially execute code. bnc942291 bnc942294 bnc942295 - CVE-2015-6832: A dangling pointer in the...

Security update for php5 (important)

The PHP5 script interpreter was updated to fix various security issues: CVE-2015-6831: A use after free vulnerability in unserialize has been fixed which could be used to crash php or potentially execute code. bnc942291 bnc942294 bnc942295 CVE-2015-6832: A dangling pointer in the unserialization ...

CVE-2011-3881

WebKit, as used in Google Chrome before 15.0.874.102 and Android before 4.4, allows remote attackers to bypass the Same Origin Policy and conduct Universal XSS UXSS attacks via vectors related to 1 the DOMWindow::clear function and use of a selection object, 2 the...

Design/Logic Flaw

WebKit, as used in Google Chrome before 15.0.874.102 and Android before 4.4, allows remote attackers to bypass the Same Origin Policy and conduct Universal XSS UXSS attacks via vectors related to 1 the DOMWindow::clear function and use of a selection object, 2 the...

CVE-2011-3881

WebKit, as used in Google Chrome before 15.0.874.102 and Android before 4.4, allows remote attackers to bypass the Same Origin Policy and conduct Universal XSS UXSS attacks via vectors related to 1 the DOMWindow::clear function and use of a selection object, 2 the...

CVE-2011-3881

CVE-2011-3881 affects WebKit as used in Google Chrome <15.0.874.102 and Android

CVE-2009-1169

The txMozillaXSLTProcessor::TransformToDoc function in Mozilla Firefox before 3.0.8 and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via an XML file with a crafted XSLT transform...

xml2owl 0.1.1 showCode.php Remote Command Execution Vulnerability

Exploit for unknown platform in category web applications ================================================================= xml2owl 0.1.1 showCode.php Remote Command Execution Vulnerability =================================================================...

xml2owl 0.1.1 - showcode.php Remote Command Execution

xml2owl 0.1.1 - showcode.php Remote Command Execution --------------------------------------------------------------- / | |\ \ / | / |/ | | |/ \ | | | |||| /| / / --------------------------------------------------------------- Http://www.inj3ct-it.org Staffatinj3ct-itdotorg...

xml2owl 0.1.1 - 'showcode.php' Remote Command Execution

--------------------------------------------------------------- / | |\ \ / | / |/ | | |/ \ | | | |||| /| / / --------------------------------------------------------------- Http://www.inj3ct-it.org Staffatinj3ct-itdotorg --------------------------------------------------------------- Remote...