EUVD-2011-4096

Malware in sbrugna...

Denial Of Service (DoS)

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. It was discovered that the PHP XSL extension did not restrict the file writing capability of libxslt. A remote attacker could use this flaw to create or overwrite an arbitrary file that is writable by the user...

php 5.3.8 - Multiple Vulnerabilities

No description provided by source. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 PHP 5.3.8 Multiple vulnerabilities Author: Maksymilian Arciemowicz Website: http://cxsecurity.com/ Date: 14.01.2012 CVE: CVE-2011-4153 zendstrndup Original link: http://cxsecurity.com/research/103 --- 1. Multiple NUL...

Oracle Linux 5 : php (ELSA-2012-1045)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2012-1045 advisory. - fix issue in CVE-2012-0057 patch - fix memory handling in CVE-2012-0789 patch - add security fixes for CVE-2012-0057, CVE-2011-4153, CVE-2012-0789,...

CentOS Update for php CESA-2012:1045 centos5

Check for the Version of php OpenVAS Vulnerability Test CentOS Update for php CESA-2012:1045 centos5 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

RHEL 5 : php53 (RHSA-2012:1047)

Updated php53 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

php: zend_strndup() NULL pointer dereference may cause DoS

PHP 5.3.8 does not always check the return value of the zendstrndup function, which might allow remote attackers to cause a denial of service NULL pointer dereference and application crash via crafted input to an application that performs strndup operations on untrusted string data, as demonstrat...

Moderate: Red Hat Security Advisory: php53 security update

Updated php53 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

php: zend_strndup() NULL pointer dereference may cause DoS

PHP 5.3.8 does not always check the return value of the zendstrndup function, which might allow remote attackers to cause a denial of service NULL pointer dereference and application crash via crafted input to an application that performs strndup operations on untrusted string data, as demonstrat...

PHP 5.3.8 'tidy_diagnose()'空指针引用拒绝服务漏洞

Bugtraq ID: 51992 CVE ID：CVE-2012-0781 PHP是一种HTML内嵌式的语言 PHP 5.3.8中的tidydiagnose函数不正确过滤特制的输入，远程攻击者可以利用漏洞向应用程序提交恶意输入使Tidy::diagnose对非法对象进行操作，可触发空指针引用而使应用程序崩溃 0 PHP 5.3.8 厂商解决方案 PHP ----- 用户可参考如下供应商提供安全公告获得补丁信息： http://svn.php.net/viewvc?view=revision&revision=319254 Red Hat Enterprise Linux...

PHP 5.3.8 zend_strndup 拒绝服务漏洞

No description provided by source...

PHP ‘tidy_diagnose’函数拒绝服务漏洞

CVE-2012-0781 PHP是一款免费开放源代码的WEB脚本语言包，可使用在Microsoft Windows、Linux和Unix操作系统下。 PHP 5.3.8版本中的tidydiagnose函数中存在漏洞。远程攻击者可利用该漏洞借助对应用程序的特制输入，造成拒绝服务（空指针解引用进而应用程序崩溃），该应用程序试图在无效对象上执行Tidy::diagnose操作。 0 php:5.3.8 目前厂商还没有提供此漏洞的相关补丁或者升级程序，建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://us.php.net/sites.php -----BEGIN PGP...

PHP 5.3.8 Multiple vulnerabilities

PHP 5.3.8 Multiple vulnerabilities Author: Maksymilian Arciemowicz Website: http://cxsecurity.com/ Date: 14.01.2012 CVE: CVE-2011-4153 zendstrndup Original link: http://cxsecurity.com/research/103 --- 1. Multiple NULL Pointer Dereference with zendstrndup CVE-2011-4153 --- As we can see in...

PHP DoS

NULL pointer dereference because on unchecked zendstrndup return value...

CVE-2011-4153

PHP 5.3.8 does not always check the return value of the zendstrndup function, which might allow remote attackers to cause a denial of service NULL pointer dereference and application crash via crafted input to an application that performs strndup operations on untrusted string data, as demonstrat...

Null pointer dereference

PHP 5.3.8 does not always check the return value of the zendstrndup function, which might allow remote attackers to cause a denial of service NULL pointer dereference and application crash via crafted input to an application that performs strndup operations on untrusted string data, as demonstrat...

CVE-2011-4153

PHP 5.3.8 does not always check the return value of the zendstrndup function, which might allow remote attackers to cause a denial of service NULL pointer dereference and application crash via crafted input to an application that performs strndup operations on untrusted string data, as demonstrat...

CVE-2011-4153

CVE-2011-4153 is associated with PHP 5.3.8 where zend_strndup return value is not consistently checked, potentially enabling remote denial of service (NULL pointer dereference) via crafted input in applications performing strndup on untrusted data. Connected documents confirm affected environment...

CVE-2011-4153

PHP 5.3.8 does not always check the return value of the zendstrndup function, which might allow remote attackers to cause a denial of service NULL pointer dereference and application crash via crafted input to an application that performs strndup operations on untrusted string data, as demonstrat...

PHP "zend_strndup()"多个空指针引用拒绝服务漏洞

BUGTRAQ ID: 51417 CVE ID: CVE-2011-4153 PHP是一种在电脑上运行的脚本语言，主要用途是在于处理动态网页，包含了命令行运行接口或者产生图形用户界面程序。 PHP在检验zendstrndup调用的返回值的实现上存在多个拒绝服务漏洞，攻击者可利用这些漏洞造成受影响应用崩溃，拒绝服务合法用户。 0 PHP 5.3.8 厂商补丁： PHP --- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://www.php.net...