Page 11 of 104 results (0.005 seconds)

CVSS: 10.0EPSS: 12%CPEs: 41EXPL: 1

The exception::getTraceAsString function in Zend/zend_exceptions.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to execute arbitrary code via an unexpected data type, related to a "type confusion" issue. La función exception::getTraceAsString en Zend/zend_exceptions.c en PHP en versiones anteriores a 5.4.40, 5.5.x en versiones anteriores a 5.5.24 y 5.6.x en versiones anteriores a 5.6.8 permite a atacantes remotos ejecutar código arbitrario a través de un tipo de dato no esperado, relacionado con un caso "type confusion" . A flaw was discovered in the way PHP performed object unserialization. Specially crafted input processed by the unserialize() function could cause a PHP application to crash or, possibly, execute arbitrary code. • http://php.net/ChangeLog-5.php http://rhn.redhat.com/errata/RHSA-2015-1135.html http://rhn.redhat.com/errata/RHSA-2015-1186.html http://rhn.redhat.com/errata/RHSA-2015-1187.html http://rhn.redhat.com/errata/RHSA-2015-1218.html http://www.openwall.com/lists/oss-security/2015/06/16/12 http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html http://www.securityfocus.com/bid/75252 http://www.securitytracker.com/id/1032709 https://bugs.php. • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 7.5EPSS: 8%CPEs: 41EXPL: 1

The mget function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly maintain a certain pointer relationship, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string that is mishandled by a "Python script text executable" rule. La función mget en softmagic.c en file 5.x, tal como se utiliza en el componente Fileinfo en PHP en versiones anteriores a 5.4.40, 5.5.x en versiones anteriores a 5.5.24 y 5.6.x en versiones anteriores a 5.6.8, no mantiene correctamente una cierta relación de puntero, lo que permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) o posiblemente ejecutar código arbitrario a traves de una cadena manipulada que no es manejada correctamente por una regla "secuencia de comandos de texto ejecutable de Python". • http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=f938112c495b0d26572435c0be73ac0bfe642ecd http://php.net/ChangeLog-5.php http://rhn.redhat.com/errata/RHSA-2015-1135.html http://rhn.redhat.com/errata/RHSA-2015-1186.html http://rhn.redhat.com/errata/RHSA-2015-1187.html http://www.openwall.com/lists/oss-security/2015/06/16/12 http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html http://www.securityfocus.com/bid/75241 http://www.securitytracker.com/id • CWE-20: Improper Input Validation •

CVSS: 7.5EPSS: 8%CPEs: 41EXPL: 1

The mcopy function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly restrict a certain offset value, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string that is mishandled by a "Python script text executable" rule. La función mcopy en softmagic.c en file 5.x, tal como se utiliza en el componente Fileinfo en PHP en versiones anteriores a 5.4.40, 5.5.x en versiones anteriores a 5.5.24 y 5.6.x en versiones anteriores a 5.6.8, no restringe correctamente un cierto valor de desplazamiento, lo que permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) o posiblemente ejecutar código arbitrario a través de una cadena manipulada que no es manejada correctamente por una regla "secuencia de comandos de texto ejecutable de Python". • http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=f938112c495b0d26572435c0be73ac0bfe642ecd http://php.net/ChangeLog-5.php http://rhn.redhat.com/errata/RHSA-2015-1135.html http://rhn.redhat.com/errata/RHSA-2015-1186.html http://rhn.redhat.com/errata/RHSA-2015-1187.html http://www.openwall.com/lists/oss-security/2015/06/16/12 http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html http://www.securityfocus.com/bid/75233 http://www.securitytracker.com/id • CWE-20: Improper Input Validation •

CVSS: 10.0EPSS: 6%CPEs: 7EXPL: 0

PHP before 5.6.7 might allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to "type confusion" issues in (1) ext/soap/php_encoding.c, (2) ext/soap/php_http.c, and (3) ext/soap/soap.c, a different issue than CVE-2015-4600. PHP en versiones anteriores a 5.6.7 podría permitir a atacantes remotos provocar una denegación de servicio (caída de aplicación) o posiblemente ejecuar código arbitrario a través de un tipo de dato no esperado, relacionado con casos "type confusion" en (1) ext/soap/php_encoding.c, (2) ext/soap/php_http.c y (3) ext/soap/soap.c, un caso diferente a CVE-2015-4600. Multiple flaws were discovered in the way PHP's Soap extension performed object unserialization. Specially crafted input processed by the unserialize() function could cause a PHP application to disclose portion of its memory or crash. • http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=0c136a2abd49298b66acb0cad504f0f972f5bfe8 http://php.net/ChangeLog-5.php http://rhn.redhat.com/errata/RHSA-2015-1135.html http://rhn.redhat.com/errata/RHSA-2015-1218.html http://www.openwall.com/lists/oss-security/2015/06/16/12 http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html http://www.securityfocus.com/bid/75246 http://www.securitytracker.com/id/1032709 https://access.redhat.com/security/cve/CVE • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 10.0EPSS: 6%CPEs: 39EXPL: 1

The SoapClient implementation in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to "type confusion" issues in the (1) SoapClient::__getLastRequest, (2) SoapClient::__getLastResponse, (3) SoapClient::__getLastRequestHeaders, (4) SoapClient::__getLastResponseHeaders, (5) SoapClient::__getCookies, and (6) SoapClient::__setCookie methods. La implementación SoapClient en PHP en versiones anteriores a 5.4.40, 5.5.x en versiones anteriores a 5.5.24 y 5.6.x en versiones anteriores a 5.6.8 permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) o posiblemente ejecutar código arbitrario a través de un tipo de dato no esperado, relacionado con casos "type confusion" en los métodos (1) SoapClient::__getLastRequest, (2) SoapClient::__getLastResponse, (3) SoapClient::__getLastRequestHeaders, (4) SoapClient::__getLastResponseHeaders, (5) SoapClient::__getCookies y (6) SoapClient::__setCookie. Multiple flaws were discovered in the way PHP's Soap extension performed object unserialization. Specially crafted input processed by the unserialize() function could cause a PHP application to disclose portion of its memory or crash. • http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=0c136a2abd49298b66acb0cad504f0f972f5bfe8 http://php.net/ChangeLog-5.php http://rhn.redhat.com/errata/RHSA-2015-1135.html http://rhn.redhat.com/errata/RHSA-2015-1218.html http://www.openwall.com/lists/oss-security/2015/06/16/12 http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html http://www.securityfocus.com/bid/74413 http://www.securitytracker.com/id/1032709 https://bugs.php.net/bug.php?id=69152 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •