Page 45 of 589 results (0.018 seconds)

CVSS: 3.3EPSS: 0%CPEs: 3EXPL: 0

acinclude.m4, as used in the configure script in PHP 5.5.13 and earlier, allows local users to overwrite arbitrary files via a symlink attack on the /tmp/phpglibccheck file. acinclude.m4, utilizado en la secuencia de comandos de configuración en PHP 5.5.13 y anteriores, permite a usuarios locales sobrescribir archivos arbitrarios a través de un ataque de enlace simbólico sobre el archivo /tmp/phpglibccheck. • http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=91bcadd85e20e50d3f8c2e9721327681640e6f16 http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html http://marc.info/?l=bugtraq&m=141017844705317&w=2 http://marc.info/?l=bugtraq&m=141390017113542&w=2 http://openwall.com/lists/oss-security/2014/06/06/12 http://seclists.org/fulldisclosure/2014/Jun/21 http://support.apple.com/kb/HT6443 http://www-01.ibm.com/support/docview.wss?uid=swg21683486 http://www.oracl • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 5.0EPSS: 10%CPEs: 5EXPL: 0

The cdf_read_property_info function in cdf.c in the Fileinfo component in PHP before 5.4.29 and 5.5.x before 5.5.13 allows remote attackers to cause a denial of service (infinite loop or out-of-bounds memory access) via a vector that (1) has zero length or (2) is too long. La función cdf_read_property_info en cdf.c en el componente Fileinfo en PHP anterior a 5.4.29 y 5.5.x anterior a 5.5.13 permite a atacantes remotos causar una denegación de servicio (bucle infinito o acceso a memoria fuera de rango) a través de un vector que (1) tiene longitud cero o (2) es demasiado largo. A denial of service flaw was found in the way the File Information (fileinfo) extension parsed certain Composite Document Format (CDF) files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file. • http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2014-07/msg00002.html http://rhn.redhat.com/errata/RHSA-2014-1765.html http://rhn.redhat.com/errata/RHSA-2014-1766.html http://secunia.com/advisories/59061 http://secunia.com/advisories/59329 http://secunia.com/advisories/59418 http://secunia.com/advisories/60998 http://support.apple.com/kb/HT6443 http://www-01.ibm.com/support/docview.wss?uid=swg21 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •

CVSS: 5.0EPSS: 4%CPEs: 5EXPL: 0

The cdf_unpack_summary_info function in cdf.c in the Fileinfo component in PHP before 5.4.29 and 5.5.x before 5.5.13 allows remote attackers to cause a denial of service (performance degradation) by triggering many file_printf calls. La función cdf_unpack_summary_info en cdf.c en el componente Fileinfo en PHP anterior a 5.4.29 y 5.5.x anterior a 5.5.13 permite a atacantes remotos causar una denegación de servicio (degradación de rendimiento) mediante la provocación de muchas llamadas file_printf. A denial of service flaw was found in the way the File Information (fileinfo) extension parsed certain Composite Document Format (CDF) files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file. • http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2014-07/msg00002.html http://rhn.redhat.com/errata/RHSA-2014-1765.html http://rhn.redhat.com/errata/RHSA-2014-1766.html http://secunia.com/advisories/59061 http://secunia.com/advisories/59329 http://secunia.com/advisories/59418 http://secunia.com/advisories/60998 http://support.apple.com/kb/HT6443 http://www-01.ibm.com/support/docview.wss?uid=swg21 • CWE-399: Resource Management Errors CWE-407: Inefficient Algorithmic Complexity •

CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 1

sapi/fpm/fpm/fpm_unix.c in the FastCGI Process Manager (FPM) in PHP before 5.4.28 and 5.5.x before 5.5.12 uses 0666 permissions for the UNIX socket, which allows local users to gain privileges via a crafted FastCGI client. sapi/fpm/fpm/fpm_unix.c en FastCGI Process Manager (FPM) en PHP anterior a 5.4.28 y 5.5.x anterior a 5.5.12 utiliza permisos 0666 para el socket UNIX, lo que permite a usuarios locales ganar privilegios a través de un cliente FastCGI manipulado. • http://lists.opensuse.org/opensuse-updates/2015-10/msg00012.html http://secunia.com/advisories/59061 http://secunia.com/advisories/59329 http://support.apple.com/kb/HT6443 http://www.openwall.com/lists/oss-security/2014/04/29/5 http://www.php.net/ChangeLog-5.php http://www.php.net/archive/2014.php#id2014-05-01-1 https://bugs.launchpad.net/ubuntu/+source/php5/+bug/1307027 https://bugs.php.net/bug.php?id=67060 https://bugzilla.redhat.com/show_bug.cgi • CWE-269: Improper Privilege Management •

CVSS: 5.0EPSS: 0%CPEs: 6EXPL: 2

The BEGIN regular expression in the awk script detector in magic/Magdir/commands in file before 5.15 uses multiple wildcards with unlimited repetitions, which allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted ASCII file that triggers a large amount of backtracking, as demonstrated via a file with many newline characters. La expresión regular BEGIN en el detector de script de awk en el archivo magic/Magdir/commands anterior a 5.15 utiliza múltiples comodines con repeticiones ilimitadas, lo que permite a atacantes dependientes de contexto causar una denegación de servicio (consumo de CPU) a través de un archivo ASCII manipulado que provoca una gran cantidad de retroceso, como se demostró a través de un archivo con muchos caracteres de nueva línea. A denial of service flaw was found in the File Information (fileinfo) extension rules for detecting AWK files. A remote attacker could use this flaw to cause a PHP application using fileinfo to consume an excessive amount of CPU. • http://bugs.gw.com/view.php?id=164 http://rhn.redhat.com/errata/RHSA-2014-1765.html http://support.apple.com/kb/HT6443 http://www.debian.org/security/2014/dsa-2873 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=703993 https://github.com/file/file/commit/ef2329cf71acb59204dd981e2c6cce6c81fe467c https://access.redhat.com/security/cve/CVE-2013-7345 https://bugzilla.redhat.com/show_bug.cgi?id=1079846 • CWE-407: Inefficient Algorithmic Complexity •