Page 54 of 298 results (0.042 seconds)

CVSS: 5.0EPSS: 0%CPEs: 17EXPL: 1

The default session serializer in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 does not properly handle the PS_UNDEF_MARKER marker, which allows context-dependent attackers to modify arbitrary session variables via a crafted session variable name. El serializador de sesión por defecto en PHP v5.2 hasta v5.2.13 y v5.3 hasta v5.3.2 no maneja adecuadamente PS_UNDEF_MARKER marker, lo que permite dependiendo del contexto a atacantes modificar variables de sesión de su elección a través de un nombre de variable de sesión manipulado. • http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html http://php-security.org/2010/05/31/mops-2010-060-php-session-serializer-session-data-injection-vulnerability/index.html http://secunia.com/advisories/42410 http://www.debian.org/security/2010/dsa-2089 http://www.redhat.com/support/errata/RHSA-2010-0919.html http://www.vupen.com/english/advisories/2010/3081 https://access.redhat.com/security • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 5.0EPSS: 0%CPEs: 13EXPL: 0

The strrchr function in PHP 5.2 before 5.2.14 allows context-dependent attackers to obtain sensitive information (memory contents) or trigger memory corruption by causing a userspace interruption of an internal function or handler. La función strrchr en PHP v5.2 anterior a v5.2.14 permite dependiendo del contexto a atacantes obtener información sensible (contenido de la memoria) o desencadenar un consumo de memoria provocando una interrepcuón del espacio de usuario de un controlador o una función interna. • http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html http://marc.info/?l=bugtraq&m=133469208622507&w=2 http://support.apple.com/kb/HT4312 http://support.apple.com/kb/HT4435 http://www.php.net/releases/5_2_14.php https://bugzilla.redhat.com/show_bug.cgi?id=619324 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 4.3EPSS: 1%CPEs: 4EXPL: 0

The var_export function in PHP 5.2 before 5.2.14 and 5.3 before 5.3.3 flushes the output buffer to the user when certain fatal errors occur, even if display_errors is off, which allows remote attackers to obtain sensitive information by causing the application to exceed limits for memory, execution time, or recursion. La función var_export en PHP v5.2 anterior a v5.2.14 y v5.3 anterior a v5.3.3 vacía el búfer de salida para el usuario cuando se producen ciertos errores graves, incluso cuando display_errors está apagado, lo que permite a atacantes remotos obtener información sensible provocando que la aplicación exceda los límites de memoria, tiempo de ejecución, o recursividad. • http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html http://marc.info/?l=bugtraq&m=130331363227777&w=2 http://marc.info/?l=bugtraq&m=133469208622507&w=2 http://secunia.com/advisories/42410 http://support.apple.com/kb/HT4312 http:/ • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.5EPSS: 3%CPEs: 17EXPL: 1

Use-after-free vulnerability in the SplObjectStorage unserializer in PHP 5.2.x and 5.3.x through 5.3.2 allows remote attackers to execute arbitrary code or obtain sensitive information via serialized data, related to the PHP unserialize function. Vulnerabilidad de uso después de la liberación (Use-after-free) en deserializador SplObjectStorage en PHP v5.2.x y v5.3.x hasta v5.3.2 permite a atacantes remotos ejecutar código de su elección u obtener información sensible a través de datos serializados, relacionados con la función de PHP unserialize. • http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html http://marc.info/?l=bugtraq&m=133469208622507&w=2 http://pastebin.com/mXGidCsd http://secunia.com/advisories/40860 http://support.apple.com/kb/HT4312 http://twitter.com/i0n1c/statuses/16373156076 http://twitter.com/i0n1c/statuses/16447867829 http://www.debian& • CWE-399: Resource Management Errors •

CVSS: 6.4EPSS: 0%CPEs: 17EXPL: 7

The (1) parse_str, (2) preg_match, (3) unpack, and (4) pack functions; the (5) ZEND_FETCH_RW, (6) ZEND_CONCAT, and (7) ZEND_ASSIGN_CONCAT opcodes; and the (8) ArrayObject::uasort method in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allow context-dependent attackers to obtain sensitive information (memory contents) or trigger memory corruption by causing a userspace interruption of an internal function or handler. NOTE: vectors 2 through 4 are related to the call time pass by reference feature. Las funciones (1) parse_str, (2) preg_match (3), unpack, y (4) pack; los opcodes (5) ZEND_FETCH_RW, (6) ZEND_CONCAT, y (7) ZEND_ASSIGN_CONCAT, y el metodo (8) ArrayObject::uasort de PHP v5.2 a v5.2.13 y v5.3 a v5.3.2 permiten obtener a atacantes información sensible variable en función del contexto (el contenido de la memoria) u ocasionar una corrupción de memoria al causar una interrupción del espacio de usuario de un controlador o una función interna. NOTA: los vectores del 2 al 4 están relacionados con el paso del tiempo de llamada por referencia. • http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html http://marc.info/?l=bugtraq&m=133469208622507&w=2 http://www.php-security.org/2010/05/31/mops-2010-049-php-parse_str-interruption-memory-corruption-vulnerability/index.html http://www.php-security.org/2010/05/31/mops-2010-050-php-preg_match-interruption-information-leak-vulnerability/index.html http://www.php-security.org/2010/05/31/mops-2010& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •