Page 68 of 609 results (0.020 seconds)

CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 0

mysqlnd_wireprotocol.c in the Mysqlnd extension in PHP 5.3 through 5.3.2 allows remote attackers to (1) read sensitive memory via a modified length value, which is not properly handled by the php_mysqlnd_ok_read function; or (2) trigger a heap-based buffer overflow via a modified length value, which is not properly handled by the php_mysqlnd_rset_header_read function. mysqlnd_wireprotocol.c en la extensión Mysqlnd en PHP v5.3 hasta v5.3.2 permite a atacantes remotos (1)leer memoria sensible a através de un valor de longitud manipulado, no siendo manejado adecuadamente por la función php_mysqlnd_ok_read; o (2) desencadenando un desbordamiento de búfer basado en memoria dinámica a través de un valor de longitud modificado, no siendo manejado adecuadamente por la función php_mysqlnd_rset_header_read. • http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html http://php-security.org/2010/05/31/mops-2010-056-php-php_mysqlnd_ok_read-information-leak-vulnerability/index.html http://php-security.org/2010/05/31/mops-2010-057-php-php_mysqlnd_rset_header_read-buffer-overflow-vulnerability/index.html http://svn.php.net/viewvc/php/php-src/branches/PHP_5_3/NEWS?r1=298701&r2=298703&pathrev=298703 http:/&# • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.0EPSS: 0%CPEs: 13EXPL: 0

The strrchr function in PHP 5.2 before 5.2.14 allows context-dependent attackers to obtain sensitive information (memory contents) or trigger memory corruption by causing a userspace interruption of an internal function or handler. La función strrchr en PHP v5.2 anterior a v5.2.14 permite dependiendo del contexto a atacantes obtener información sensible (contenido de la memoria) o desencadenar un consumo de memoria provocando una interrepcuón del espacio de usuario de un controlador o una función interna. • http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html http://marc.info/?l=bugtraq&m=133469208622507&w=2 http://support.apple.com/kb/HT4312 http://support.apple.com/kb/HT4435 http://www.php.net/releases/5_2_14.php https://bugzilla.redhat.com/show_bug.cgi?id=619324 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 4.3EPSS: 1%CPEs: 4EXPL: 0

The var_export function in PHP 5.2 before 5.2.14 and 5.3 before 5.3.3 flushes the output buffer to the user when certain fatal errors occur, even if display_errors is off, which allows remote attackers to obtain sensitive information by causing the application to exceed limits for memory, execution time, or recursion. La función var_export en PHP v5.2 anterior a v5.2.14 y v5.3 anterior a v5.3.3 vacía el búfer de salida para el usuario cuando se producen ciertos errores graves, incluso cuando display_errors está apagado, lo que permite a atacantes remotos obtener información sensible provocando que la aplicación exceda los límites de memoria, tiempo de ejecución, o recursividad. • http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html http://marc.info/?l=bugtraq&m=130331363227777&w=2 http://marc.info/?l=bugtraq&m=133469208622507&w=2 http://secunia.com/advisories/42410 http://support.apple.com/kb/HT4312 http:/ • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.5EPSS: 3%CPEs: 17EXPL: 1

Use-after-free vulnerability in the SplObjectStorage unserializer in PHP 5.2.x and 5.3.x through 5.3.2 allows remote attackers to execute arbitrary code or obtain sensitive information via serialized data, related to the PHP unserialize function. Vulnerabilidad de uso después de la liberación (Use-after-free) en deserializador SplObjectStorage en PHP v5.2.x y v5.3.x hasta v5.3.2 permite a atacantes remotos ejecutar código de su elección u obtener información sensible a través de datos serializados, relacionados con la función de PHP unserialize. • http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html http://marc.info/?l=bugtraq&m=133469208622507&w=2 http://pastebin.com/mXGidCsd http://secunia.com/advisories/40860 http://support.apple.com/kb/HT4312 http://twitter.com/i0n1c/statuses/16373156076 http://twitter.com/i0n1c/statuses/16447867829 http://www.debian& • CWE-399: Resource Management Errors •

CVSS: 6.4EPSS: 0%CPEs: 17EXPL: 7

The (1) parse_str, (2) preg_match, (3) unpack, and (4) pack functions; the (5) ZEND_FETCH_RW, (6) ZEND_CONCAT, and (7) ZEND_ASSIGN_CONCAT opcodes; and the (8) ArrayObject::uasort method in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allow context-dependent attackers to obtain sensitive information (memory contents) or trigger memory corruption by causing a userspace interruption of an internal function or handler. NOTE: vectors 2 through 4 are related to the call time pass by reference feature. Las funciones (1) parse_str, (2) preg_match (3), unpack, y (4) pack; los opcodes (5) ZEND_FETCH_RW, (6) ZEND_CONCAT, y (7) ZEND_ASSIGN_CONCAT, y el metodo (8) ArrayObject::uasort de PHP v5.2 a v5.2.13 y v5.3 a v5.3.2 permiten obtener a atacantes información sensible variable en función del contexto (el contenido de la memoria) u ocasionar una corrupción de memoria al causar una interrupción del espacio de usuario de un controlador o una función interna. NOTA: los vectores del 2 al 4 están relacionados con el paso del tiempo de llamada por referencia. • http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html http://marc.info/?l=bugtraq&m=133469208622507&w=2 http://www.php-security.org/2010/05/31/mops-2010-049-php-parse_str-interruption-memory-corruption-vulnerability/index.html http://www.php-security.org/2010/05/31/mops-2010-050-php-preg_match-interruption-information-leak-vulnerability/index.html http://www.php-security.org/2010/05/31/mops-2010& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •