CVE-2014-9767 – php: ZipArchive:: extractTo allows for directory traversal when creating directories
https://notcve.org/view.php?id=CVE-2014-9767
Directory traversal vulnerability in the ZipArchive::extractTo function in ext/zip/php_zip.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 and ext/zip/ext_zip.cpp in HHVM before 3.12.1 allows remote attackers to create arbitrary empty directories via a crafted ZIP archive. Vulnerabilidad de salto de directorio en la función ZipArchive::extractTo en ext/zip/php_zip.c en PHP en versiones anteriores a 5.4.45, 5.5.x en versiones anteriores a 5.5.29 y 5.6.x en versiones anteriores a 5.6.13 y ext/zip/ext_zip.cpp en HHVM en versiones anteriores a 3.12.1 permite a atacantes remotos crear directorios vacios arbitrarios a través de un archivo ZIP manipulado. • http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00052.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00056.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00057.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00058.html http://php.net/ChangeLog-5.php http://rhn.redhat.com/errata/RHSA-2016-2750.html http://www.openwall.com/lists/oss-security/2016/03/16/20 http://www.securityfocus.com/bid/76652 http:/ • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2014-1439
https://notcve.org/view.php?id=CVE-2014-1439
The libxml_disable_entity_loader function in runtime/ext/ext_simplexml.cpp in HipHop Virtual Machine for PHP (HHVM) before 2.4.0 and 2.3.x before 2.3.3 does not properly disable a certain libxml handler, which allows remote attackers to conduct XML External Entity (XXE) attacks. La función libxml_disable_entity_loader en runtime/ext/ext_simplexml.cpp en HipHop Virtual Machine para PHP (HHVM) anterior a 2.4.0 y 2.3.x anterior a 2.3.3 no deshabilita debidamente cierto manejador libxml, lo que permite a atacantes remotos llevar a cabo ataques de entidades externas XML (XXE). • http://www.hhvm.com/blog/3287/hhvm-2-4-0 https://exchange.xforce.ibmcloud.com/vulnerabilities/90979 https://github.com/facebook/hhvm/commit/95f96e7287effe2fcdfb9a5338d1a7e4f55b083b •