Page 71 of 410 results (0.047 seconds)

CVSS: 4.3EPSS: 0%CPEs: 13EXPL: 0

CVE-2007-0988

https://notcve.org/view.php?id=CVE-2007-0988

The zend_hash_init function in PHP 5 before 5.2.1 and PHP 4 before 4.4.5, when running on a 64-bit platform, allows context-dependent attackers to cause a denial of service (infinite loop) by unserializing certain integer expressions, which only cause 32-bit arguments to be used after the check for a negative value, as demonstrated by an "a:2147483649:{" argument. La función zend_hash_init en PHP versión 5 anterior a 5.2.1 y PHP versión 4 anterior a 4.4.5, cuando se ejecuta en una plataforma de 64 bits, permite a los atacantes dependiendo del contexto causar una denegación de servicio (bucle infinito) al deserializar ciertas expresiones de enteros, que solo causa que argumentos de 32 bits sean usados después de la comprobación de un valor negativo, como es demostrado por un argumento "a:2147483649:{". • ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=228858 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01056506 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01086137 http://osvdb.org/32762 http://rhn.redhat.com/errata/RHSA-2007-0089.html http://secunia.com/advisories/24195 http://secunia.com/advisories/24217 http://secunia.c • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.5EPSS: 3%CPEs: 77EXPL: 0

CVE-2007-0905

https://notcve.org/view.php?id=CVE-2007-0905

PHP before 5.2.1 allows attackers to bypass safe_mode and open_basedir restrictions via unspecified vectors in the session extension. NOTE: it is possible that this issue is a duplicate of CVE-2006-6383. PHP anterior a 5.2.1 permite a atacantes remotos evitar las restricciones safe_mode y open_basedir mediante vectores no especificados en la extensión de sesión. NOTAL: es posible que este asunto sea un duplicado de CVE-2006-6383. • http://osvdb.org/32768 http://secunia.com/advisories/24089 http://secunia.com/advisories/24419 http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.010.html http://www.php.net/ChangeLog-5.php#5.2.1 http://www.php.net/releases/5_2_1.php http://www.securityfocus.com/bid/22496 http://www.trustix.org/errata/2007/0009 http://www.vupen.com/english/advisories/2007/0546 •

CVSS: 10.0EPSS: 4%CPEs: 77EXPL: 0

CVE-2007-0910

https://notcve.org/view.php?id=CVE-2007-0910

Unspecified vulnerability in PHP before 5.2.1 allows attackers to "clobber" certain super-global variables via unspecified vectors. La vulnerabilidad no especificada en PHP versión anterior a 5.2.1 permite a los atacantes "golpear" (clobber) ciertas variables super-globales por medio de vectores no especificados • ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc http://lists.suse.com/archive/suse-security-announce/2007-Mar/0003.html http://osvdb.org/32763 http://rhn.redhat.com/errata/RHSA-2007-0089.html http://secunia.com/advisories/24089 http://secunia.com/advisories/24195 http://secunia.com/advisories/24217 http://secunia.com/advisories/24236 http://secunia.com/advisories/24248 http://secunia.com/advisories/24284 http://secunia.com/advisories/24295 http •

CVSS: 7.5EPSS: 1%CPEs: 77EXPL: 0

CVE-2007-0906

https://notcve.org/view.php?id=CVE-2007-0906

Multiple buffer overflows in PHP before 5.2.1 allow attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors in the (1) session, (2) zip, (3) imap, and (4) sqlite extensions; (5) stream filters; and the (6) str_replace, (7) mail, (8) ibase_delete_user, (9) ibase_add_user, and (10) ibase_modify_user functions. NOTE: vector 6 might actually be an integer overflow (CVE-2007-1885). NOTE: as of 20070411, vector (3) might involve the imap_mail_compose function (CVE-2007-1825). Los múltiples desbordamientos de búfer en PHP versión anterior a 5.2.1 permiten a los atacantes causar una denegación de servicio y posiblemente ejecutar código arbitrario por medio de vectores no específicos en las extensiones (1) session, (2) zip, (3) imap y (4) sqlite; (5) filtros de flujo; y las funciones (6) str_replace, (7) mail, (8) ibase_delete_user, (9) ibase_add_user y (10) ibase_modify_user. NOTA: el vector 6 podría ser en realidad un desbordamiento de entero (CVE-2007-1885). • ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc http://lists.opensuse.org/opensuse-security-announce/2007-07/msg00006.html http://lists.suse.com/archive/suse-security-announce/2007-Mar/0003.html http://osvdb.org/34706 http://osvdb.org/34707 http://osvdb.org/34708 http://osvdb.org/34709 http://osvdb.org/34710 http://osvdb.org/34711 http://osvdb.org/34712 http://osvdb.org/34713 http://osvdb.org/34714 http://osvdb.org/34715 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.0EPSS: 2%CPEs: 13EXPL: 1

CVE-2007-0908 – PHP < 4.4.5/5.2.1 - WDDX Session Deserialization Information Leak

https://notcve.org/view.php?id=CVE-2007-0908

The WDDX deserializer in the wddx extension in PHP 5 before 5.2.1 and PHP 4 before 4.4.5 does not properly initialize the key_length variable for a numerical key, which allows context-dependent attackers to read stack memory via a wddxPacket element that contains a variable with a string name before a numerical variable. El deserializador WDDX en la extensión wddx en PHP versión 5 anterior a 5.2.1 y PHP versión 4 anterior a 4.4.5, no inicializa apropiadamente la variable key_length para una clave numérica, lo que permite a los atacantes dependiendo del contexto leer la memoria de pila por medio de un elemento wddxPacket que contiene un variable con un nombre de cadena anterior a una variable numérica. • https://www.exploit-db.com/exploits/3414 ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc http://lists.suse.com/archive/suse-security-announce/2007-Mar/0003.html http://osvdb.org/32766 http://rhn.redhat.com/errata/RHSA-2007-0089.html http://secunia.com/advisories/24089 http://secunia.com/advisories/24195 http://secunia.com/advisories/24217 http://secunia.com/advisories/24236 http://secunia.com/advisories/24248 http://secunia.com/advisories/2428 • CWE-20: Improper Input Validation •