Page 57 of 300 results (0.010 seconds)

CVSS: 5.0EPSS: 0%CPEs: 16EXPL: 1

The html_entity_decode function in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to obtain sensitive information (memory contents) or trigger memory corruption by causing a userspace interruption of an internal call, related to the call time pass by reference feature. La función html_entity_decode en PHP v5.2 hasta v5.2.13 y v5.3 hasta v5.3.2 permite a atacantes dependiendo del contexto obtener información sensible (contenido de memoria) o provocar una corrupción de memoria en una llamada interna, relativo a la característica de paso del tiempo de llamada por referencia. • http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html http://marc.info/?l=bugtraq&m=133469208622507&w=2 http://php-security.org/2010/05/06/mops-2010-010-php-html_entity_decode-interruption-information-leak-vulnerability/index.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.0EPSS: 0%CPEs: 16EXPL: 1

The addcslashes function in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to obtain sensitive information (memory contents) by causing a userspace interruption of an internal function, related to the call time pass by reference feature. La función addcslashes en PHP v5.2 hasta v5.2.13 y v5.3 hasta v5.3.2 permite a atacantes dependiendo del contexto obtener información sensible (contenido de memoria) provocando una interrupción de espacio de usuario en una función interna, relativo a la característica paso de tiempo de llamada por referencia. • http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html http://marc.info/?l=bugtraq&m=133469208622507&w=2 http://php-security.org/2010/05/03/mops-2010-006-php-addcslashes-interruption-information-leak-vulnerability/index.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 6.4EPSS: 0%CPEs: 16EXPL: 1

The sysvshm extension for PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to write to arbitrary memory addresses by using an object's __sleep function to interrupt an internal call to the shm_put_var function, which triggers access of a freed resource. La extensión sysvshm para PHP v5.2 hasta v5.2.13 y v5.3 hasta v5.3.2 permite a atacantes dependiendo del contexto escribir sobre direcciones de memoria de su elección utilizando un objeto función _sleep para interrumpir una llamada interna sobre la función shm_put_var, lo que provoca accesos a recursos liberados. • http://php-security.org/2010/05/05/mops-2010-009-php-shm_put_var-already-freed-resource-access-vulnerability/index.html • CWE-399: Resource Management Errors •

CVSS: 5.0EPSS: 2%CPEs: 35EXPL: 2

session.c in the session extension in PHP before 5.2.13, and 5.3.1, does not properly interpret ; (semicolon) characters in the argument to the session_save_path function, which allows context-dependent attackers to bypass open_basedir and safe_mode restrictions via an argument that contains multiple ; characters in conjunction with a .. (dot dot). session.c en la extesión session en PHP anteriores a v5.2.13, y v5.3.1, no interpreta de forma adecuada los carácteres ";" en el argumento sobre la función session_save_path, lo que permites a atacantes dependiendo del contexto saltar las restricciones open_basedir y safe_mode a través de un argumento que contiene varios caracteres ";" junto a ".." punto punto. • https://www.exploit-db.com/exploits/33625 http://secunia.com/advisories/38708 http://securityreason.com/achievement_securityalert/82 http://securityreason.com/securityalert/7008 http://securitytracker.com/id?1023661 http://svn.php.net/viewvc/php/php-src/branches/PHP_5_2/ext/session/session.c?r1=293036&r2=294272 http://svn.php.net/viewvc/php/php-src/branches/PHP_5_2/ext/session/session.c?view=log http://svn.php.net/viewvc/php/php-src/branches/PHP_5_3/ext/session/s • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 6.4EPSS: 0%CPEs: 13EXPL: 2

The Linear Congruential Generator (LCG) in PHP before 5.2.13 does not provide the expected entropy, which makes it easier for context-dependent attackers to guess values that were intended to be unpredictable, as demonstrated by session cookies generated by using the uniqid function. El Linear Congruential Generator (LCG) en PHP anteriores a v5.2.13 no provee la entropía esperada, lo que hace más fácil para atacantes dependiendo del contexto adivinar valores que deberían ser impredecibles, como se demostró con cookies de sesión generadas utilizando la función uniqid. • https://www.exploit-db.com/exploits/33677 http://secunia.com/advisories/38708 http://secunia.com/advisories/42410 http://www.php.net/ChangeLog-5.php http://www.php.net/releases/5_2_13.php http://www.redhat.com/support/errata/RHSA-2010-0919.html http://www.securityfocus.com/bid/38430 http://www.vupen.com/english/advisories/2010/0479 http://www.vupen.com/english/advisories/2010/3081 https://access.redhat.com/security/cve/CVE-2010-1128 https://bugzilla.redhat& • CWE-310: Cryptographic Issues •