CVSS: 6.4EPSS: 88%CPEs: 10EXPL: 1CVE-2011-4566 – php: integer overflow in exif_process_IFD_TAG() may lead to DoS or arbitrary memory disclosure
https://notcve.org/view.php?id=CVE-2011-4566
Integer overflow in the exif_process_IFD_TAG function in exif.c in the exif extension in PHP 5.4.0beta2 on 32-bit platforms allows remote attackers to read the contents of arbitrary memory locations or cause a denial of service via a crafted offset_val value in an EXIF header in a JPEG file, a different vulnerability than CVE-2011-0708. Un desbordamiento de entero en la función exif_process_IFD_TAG en el fichero exif.c de la extensión exif de PHP v5.4.0 beta2 en las plataformas de 32 bits permite a atacantes remotos leer los contenidos de ubicaciones de memoria aleatorias o causar una denegación de servicio a través de un valor de offset_val concreto en una cabecera EXIF en un archivo JPEG. Se trata de una vulnerabilidad diferente a CVE-2.011-0708. • http://lists.apple.com/archives/security-announce/2012/May/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html http://rhn.redhat.com/errata/RHSA-2012-0071.html http://secunia.com/advisories/47253 http://secunia.com/advisories/48668 http://support.apple.com/kb/HT5281 http://www.debian.org/security/2012/dsa-2399 http://www.mandriva.com/security/advisories?name=MDVSA-2011:197 http://www.redhat.com/support/errata/RHSA-2012-0019.html http:/& • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 5%CPEs: 4EXPL: 5CVE-2011-3336 – Libc - 'regcomp()' Stack Exhaustion Denial of Service
https://notcve.org/view.php?id=CVE-2011-3336
regcomp in the BSD implementation of libc is vulnerable to denial of service due to stack exhaustion. regcomp en la implementación BSD de libc, es vulnerable a una denegación de servicio debido al agotamiento de la pila. Mac OS X, Safari, Firefox and Kaspersky all suffer from a regular expression denial of service condition that was discovered long ago in regcomp(). • https://www.exploit-db.com/exploits/36288 http://seclists.org/fulldisclosure/2014/Mar/166 http://www.securityfocus.com/bid/50541 https://cxsecurity.com/issue/WLB-2011110082 https://www.securityfocus.com/archive/1/520390 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 10.0EPSS: 1%CPEs: 105EXPL: 0CVE-2011-3268
https://notcve.org/view.php?id=CVE-2011-3268
Buffer overflow in the crypt function in PHP before 5.3.7 allows context-dependent attackers to have an unspecified impact via a long salt argument, a different vulnerability than CVE-2011-2483. Desbordamiento de búfer en la función de cifrado en PHP antes de v5.3.7, permite a atacantes dependientes de contexto tener un impacto no especificado a través de un argumento "long salt", una vulnerabilidad diferente a CVE-2011-2483. • http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html http://osvdb.org/74738 http://support.apple.com/kb/HT5130 http://svn.php.net/viewvc/php/php-src/branches/PHP_5_3/ext/standard/php_crypt_r.c?r1=311300&r2=311390&pathrev=315218 http://www.mandriva.com/security/advisories?name=MDVSA-2011:165 http://www.php.net/ChangeLog-5.php#5.3.7 http://www.php.net/archive/2011.php#id2011-08-18-1 http://www.securityfocus.com/bid/49241 https://exch • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.0EPSS: 1%CPEs: 105EXPL: 0CVE-2011-3267
https://notcve.org/view.php?id=CVE-2011-3267
PHP before 5.3.7 does not properly implement the error_log function, which allows context-dependent attackers to cause a denial of service (application crash) via unspecified vectors. PHP antes de v5.3.7 no aplica correctamente la función error_log, lo que permite a atacantes dependientes del contexto provocar una denegación de servicio (caída de aplicación) a través de vectores no especificados. • http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html http://osvdb.org/74739 http://support.apple.com/kb/HT5130 http://www.mandriva.com/security/advisories?name=MDVSA-2011:165 http://www.php.net/ChangeLog-5.php#5.3.7 http://www.php.net/archive/2011.php#id2011-08-18-1 http://www.securityfocus.com/bid/49241 https://exchange.xforce.ibmcloud.com/vulnerabilities/69428 • CWE-399: Resource Management Errors •
CVSS: 5.0EPSS: 1%CPEs: 105EXPL: 5CVE-2011-3182 – PHP < 5.3.7 - Multiple Null Pointer Dereference Denial of Service Vulnerabilities
https://notcve.org/view.php?id=CVE-2011-3182
PHP before 5.3.7 does not properly check the return values of the malloc, calloc, and realloc library functions, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) or trigger a buffer overflow by leveraging the ability to provide an arbitrary value for a function argument, related to (1) ext/curl/interface.c, (2) ext/date/lib/parse_date.c, (3) ext/date/lib/parse_iso_intervals.c, (4) ext/date/lib/parse_tz.c, (5) ext/date/lib/timelib.c, (6) ext/pdo_odbc/pdo_odbc.c, (7) ext/reflection/php_reflection.c, (8) ext/soap/php_sdl.c, (9) ext/xmlrpc/libxmlrpc/base64.c, (10) TSRM/tsrm_win32.c, and (11) the strtotime function. PHP anterior a 5.3.7 no comprueba correctamente valores de retorno en las funciones malloc, calloc, y realloc, lo que permite a atacantes dependientes del contexto provocar una denegación de servicio (desreferenciar un puntero NULL y caída de la aplicación) o provocar un desbordamiento de búfer elevando la abilidad de proporcionar un valor de su elección para un argumento de una función, relacionado con (1) ext/curl/interface.c, (2) ext/date/lib/parse_date.c, (3) ext/date/lib/parse_iso_intervals.c, (4) ext/date/lib/parse_tz.c, (5) ext/date/lib/timelib.c, (6) ext/pdo_odbc/pdo_odbc.c, (7) ext/reflection/php_reflection.c, (8) ext/soap/php_sdl.c, (9) ext/xmlrpc/libxmlrpc/base64.c, (10) TSRM/tsrm_win32.c, y (11) la función strtotime. • https://www.exploit-db.com/exploits/36070 http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html http://marc.info/?l=full-disclosure&m=131373057621672&w=2 http://securityreason.com/achievement_securityalert/101 http://support.apple.com/kb/HT5130 http://www.mandriva.com/security/advisories?name=MDVSA-2011:165 http://www.openwall.com/lists/oss-security/2011/08/22/9 http://www.securityfocus.com/bid/49249 https://exchange.xforce.ibmcloud.com/vulnerabilities/69430 •