Page 48 of 321 results (0.016 seconds)

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1

CVE-2012-0831 – php: PG(magic_quote_gpc) was not restored on shutdown

https://notcve.org/view.php?id=CVE-2012-0831

PHP before 5.3.10 does not properly perform a temporary change to the magic_quotes_gpc directive during the importing of environment variables, which makes it easier for remote attackers to conduct SQL injection attacks via a crafted request, related to main/php_variables.c, sapi/cgi/cgi_main.c, and sapi/fpm/fpm/fpm_main.c. PHP anterior a v5.3.10 no realizan de forma adecuada un cambio temporal a la directiva magic_quotes_gpc durante la importación de variables de entorno, lo que simplifica a atacantes remotos conducir ataques de inyección SQL a través de peticiones manipuladaas, relacionado con main/php_variables.c, sapi/cgi/cgi_main.c, y sapi/fpm/fpm/fpm_main.c. • http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080037.html http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080041.html http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00013.html http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00001.html http://rhn.redhat.com/errata/RHSA-2013-1307.html h • CWE-20: Improper Input Validation •

CVSS: 5.0EPSS: 15%CPEs: 45EXPL: 1

CVE-2012-0788 – PHP PDORow Object - Remote Denial of Service

https://notcve.org/view.php?id=CVE-2012-0788

The PDORow implementation in PHP before 5.3.9 does not properly interact with the session feature, which allows remote attackers to cause a denial of service (application crash) via a crafted application that uses a PDO driver for a fetch and then calls the session_start function, as demonstrated by a crash of the Apache HTTP Server. La implementación de PDORow en PHP anterior a v5.3.9 no interactúan adecuadamente con la función de la sesión, que permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) a través de una aplicación hecha a mano que utiliza un controlador para una DOP a buscar y luego llama a la función session_start , como lo demuestra una caída del servidor HTTP Apache. • https://www.exploit-db.com/exploits/36682 http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00013.html http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html http://secunia.com/advisories/48668 http://www.php.net/ChangeLog-5.php#5.3.9 https://bugs.php.net/bug.php?id=55776 https://bugzilla.redhat.com/show_bug.cgi?id=783605 • CWE-20: Improper Input Validation •

CVSS: 6.4EPSS: 0%CPEs: 47EXPL: 0

CVE-2012-0057 – php: XSLT file writing vulnerability

https://notcve.org/view.php?id=CVE-2012-0057

PHP before 5.3.9 has improper libxslt security settings, which allows remote attackers to create arbitrary files via a crafted XSLT stylesheet that uses the libxslt output extension. PHP en versiones anteriores a la 5.3.9 tiene configuraciones de seguridad libxslt inapropiadas, lo que permite a atacantes remotos crear ficheros arbitrarios a través de hojas de estilo XSLT que utilizan una extensión libxslt. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041 http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00013.html http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00001.html http://openwall.com/lists/oss-security/2012/01/13/10 http://openwall.com/lists/oss-security/2012/01/13/4 http://openwall.com/lists/oss-security/2012/01/13/5 http://openwall.com • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 5.0EPSS: 4%CPEs: 1EXPL: 4

CVE-2012-0781 – PHP 5.3.8 - Multiple Vulnerabilities

https://notcve.org/view.php?id=CVE-2012-0781

The tidy_diagnose function in PHP 5.3.8 might allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted input to an application that attempts to perform Tidy::diagnose operations on invalid objects, a different vulnerability than CVE-2011-4153. La función tidy_diagnose de PHP v5.3.8 podría permitir a atacantes remotos provocar una denegación de servicio (puntero a NULL y caída de la aplicación) a través del ingreso de determinados datos a una aplicación que intenta realizar operaciones tidy::diagnose sobre objetos no válidos. Se trata de una vulnerabilidad diferente a la CVE -2011-4153. • https://www.exploit-db.com/exploits/18370 http://archives.neohapsis.com/archives/bugtraq/2012-01/0092.html http://cxsecurity.com/research/103 http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00013.html http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html http://secunia.com/advisories/48668 http://www.exploit-db.com/exploits/18370 https://access.redhat.com/security/cve/CVE-2012-0781 https://bugzilla.redhat.com/show_bug.cgi?id=782951 • CWE-399: Resource Management Errors CWE-476: NULL Pointer Dereference •

CVSS: 5.0EPSS: 4%CPEs: 1EXPL: 4

CVE-2011-4153 – PHP 5.3.8 - Multiple Vulnerabilities

https://notcve.org/view.php?id=CVE-2011-4153

PHP 5.3.8 does not always check the return value of the zend_strndup function, which might allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted input to an application that performs strndup operations on untrusted string data, as demonstrated by the define function in zend_builtin_functions.c, and unspecified functions in ext/soap/php_sdl.c, ext/standard/syslog.c, ext/standard/browscap.c, ext/oci8/oci8.c, ext/com_dotnet/com_typeinfo.c, and main/php_open_temporary_file.c. PHP v5.3.8 no siempre comprueba el valor devuelto de la función zend_strndup, lo que podría permitir a atacantes remotos provocar una denegación de servicio (borrado de referencia a puntero nulo y caída de la aplicación) a través de una entrada especificamente diseñada para este fin a una aplicación que realiza operaciones de 'strndup' (duplicación) de cadenas de datos no confiables. Esto se puede demostrar con la función 'define' en zend_builtin_functions.c, y funciones no especificadas en ext/soap/php_sdl.c, ext/standard/syslog.c, ext/standard/browscap.c, ext/oci8/oci8.c, ext/com_dotnet/com_typeinfo.c y main/php_open_temporary_file.c. PHP version 5.3.8 suffers from multiple NULL pointer dereference vulnerabilities. • https://www.exploit-db.com/exploits/18370 http://archives.neohapsis.com/archives/bugtraq/2012-01/0092.html http://cxsecurity.com/research/103 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041 http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00013.html http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00001.html http://marc.info/?l=bugtraq&m=134012830914727&w=2&# • CWE-20: Improper Input Validation CWE-476: NULL Pointer Dereference •