EUVD-2007-0982

Malware in sbrugna...

Denial Of Service (DoS)

php is vulnerable to denial of service. When unserializing untrusted data on 64-bit platforms, the zendhashinit function could be forced into an infinite loop, consuming CPU resources for a limited time, until the script timeout alarm aborted execution of the script...

Mandriva Update for php MDKSA-2007:048 (php)

Check for the Version of php OpenVAS Vulnerability Test Mandriva Update for php MDKSA-2007:048 php Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

Ubuntu Update for php5 vulnerabilities USN-424-1

Ubuntu Update for Linux kernel vulnerabilities USN-424-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN4241.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for php5 vulnerabilities USN-424-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

Ubuntu 5.10 / 6.06 LTS / 6.10 : php5 vulnerabilities (USN-424-1)

Multiple buffer overflows have been discovered in various PHP modules. If a PHP application processes untrusted data with functions of the session or zip module, or various string functions, a remote attacker could exploit this to execute arbitrary code with the privileges of the web server...

Ubuntu 5.10 / 6.06 LTS / 6.10 : php5 regression (USN-424-2)

USN-424-1 fixed vulnerabilities in PHP. However, some upstream changes were not included, which caused errors in the stream filters. This update fixes the problem. We apologize for the inconvenience. Multiple buffer overflows have been discovered in various PHP modules. If a PHP application...

Important: Red Hat Security Advisory: php security update

Updated PHP packages that fix several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. A...

security flaw

The zendhashinit function in PHP 5 before 5.2.1 and PHP 4 before 4.4.5, when running on a 64-bit platform, allows context-dependent attackers to cause a denial of service infinite loop by unserializing certain integer expressions, which only cause 32-bit arguments to be used after the check for a...

MOPB-05-2007:PHP unserialize() 64 bit Array Creation Denial of Service Vulnerability

Summary A user supplied serialized string might trigger on 64 bit systems a tight endless loop within zendhashinit exhausting CPU ressources. Affected versions Affected is PHP 4.4.4/5.2.0 and below. Detailed information Before PHP 4.3.11 was released it was discovered that there is a problem in t...

PHP zend_hash_init function infinite loop

Infinite loop on 64-bit platforms...

php security update

CentOS Errata and Security Advisory CESA-2007:0081-01 Updated PHP packages that fix several security issues are now available for Red Hat Enterprise Linux 2.1. This update has been rated as having important security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting...

Mandrake Linux Security Advisory : php (MDKSA-2007:048)

A number of vulnerabilities were discovered in PHP language. Many buffer overflow flaws were discovered in the PHP session extension, the strreplace function, and the imapmailcompose function. An attacker able to use a PHP application using any of these functions could trigger these flaws and...

CVE-2007-0988

The zendhashinit function in PHP 5 before 5.2.1 and PHP 4 before 4.4.5, when running on a 64-bit platform, allows context-dependent attackers to cause a denial of service infinite loop by unserializing certain integer expressions, which only cause 32-bit arguments to be used after the check for a...

CVE-2007-0988

The zendhashinit function in PHP 5 before 5.2.1 and PHP 4 before 4.4.5, when running on a 64-bit platform, allows context-dependent attackers to cause a denial of service infinite loop by unserializing certain integer expressions, which only cause 32-bit arguments to be used after the check for a...

CVE-2007-0988

CVE-2007-0988 affects PHP 5 before 5.2.1 and PHP 4 before 4.4.5 on 64-bit platforms. The vulnerability occurs in zend_hash_init during unserialization of certain integer expressions, causing the script to use 32-bit arguments after a negative value check and potentially enter an infinite loop, le...

security flaw

The zendhashinit function in PHP 5 before 5.2.1 and PHP 4 before 4.4.5, when running on a 64-bit platform, allows context-dependent attackers to cause a denial of service infinite loop by unserializing certain integer expressions, which only cause 32-bit arguments to be used after the check for a...

FreeBSD : php -- memory_limit related vulnerability (dd7aa4f1-102f-11d9-8a8a-000c41e2cdad)

Stefan Esser of e-matters discovered a condition within PHP that may lead to remote execution of arbitrary code. The memorylimit facility is used to notify functions when memory contraints have been met. Under certain conditions, the entry into this facility is able to interrupt functions such as...