Page 85 of 609 results (0.031 seconds)

CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 1

The chunk_split function in string.c in PHP 5.2.3 does not properly calculate the needed buffer size due to precision loss when performing integer arithmetic with floating point numbers, which has unknown attack vectors and impact, possibly resulting in a heap-based buffer overflow. NOTE: this is due to an incomplete fix for CVE-2007-2872. La función chunk_split en string.c en PHP 5.2.3 no calcula adecuadamente el tamaño de búfer necesario debido a la pérdida de precisión cuando se realizan operaciones de entero con números con punto flotante, lo cual tiene vectores de ataque e impacto desconocido, posiblemente como resultado de un desbordamiento de búfer basado en pila. NOTA: esto puede ser debido a un parche incompleto para CVE-2007-2872. • http://cvs.php.net/viewvc.cgi/php-src/ext/standard/string.c?r1=1.445.2.14.2.58&r2=1.445.2.14.2.59 http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html http://secunia.com/advisories/26642 http://secunia.com/advisories/26838 http://secunia.com/advisories/27102 http://secunia.com/advisories/27864 http://secunia.com/advisories/28658 http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml http://www.php.net/ChangeLog-5.php#5.2.4 htt • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-399: Resource Management Errors •

CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0

Multiple integer overflows in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, allow remote attackers to obtain sensitive information (memory contents) or cause a denial of service (thread crash) via a large len value to the (1) strspn or (2) strcspn function, which triggers an out-of-bounds read. NOTE: this affects different product versions than CVE-2007-3996. Múltiples desbordamientos de entero en PHP 4 anterior a 4.4.8, y PHP 5 anterior a 5.2.4, permite a atacantes remotos obtener información sensible (contenido de memoria) o provocar denegación de servicio (caida de hilo) a través de un valor de len grande en la función (1) strspn o (2) strcspn, lo cual dispara un lectura fuera de límite. NOTA: estos afecta a diferentes versiones de producto que al CVE-2007-3996. • http://secunia.com/advisories/26642 http://secunia.com/advisories/26822 http://secunia.com/advisories/26838 http://secunia.com/advisories/27102 http://secunia.com/advisories/27377 http://secunia.com/advisories/27864 http://secunia.com/advisories/28249 http://secunia.com/advisories/28318 http://secunia.com/advisories/28936 http://secunia.com/advisories/30288 http://secweb.se/en/advisories/php-strcspn-information-leak-vulnerability http://slackware.com/security/viewer.php?l=slackware& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-189: Numeric Errors •

CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0

Buffer overflow in the php_openssl_make_REQ function in PHP before 5.2.4 has unknown impact and attack vectors. Desbordamiento de búfer en la función php_openssl_make_REQ de PHP versiones anteriores a 5.2.4 tiene impacto desconocido y vectores de ataque. • http://secunia.com/advisories/26642 http://secunia.com/advisories/26822 http://secunia.com/advisories/26838 http://secunia.com/advisories/27102 http://secunia.com/advisories/27377 http://secunia.com/advisories/27864 http://secunia.com/advisories/28249 http://www.debian.org/security/2008/dsa-1444 http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml http://www.php.net/ChangeLog-5.php#5.2.4 http://www.php.net/releases/5_2_4.php http://www.trustix. • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.5EPSS: 3%CPEs: 1EXPL: 0

The zend_alter_ini_entry function in PHP before 5.2.4 does not properly handle an interruption to the flow of execution triggered by a memory_limit violation, which has unknown impact and attack vectors. La función zend_alter_ini_entry de PHP versiones anteriores a 5.2.4 no gestiona apropiadamente una interrupción al flujo de ejecución disparado por una violación memory_limit, que tiene un impacto desconocido y vectores de ataque. • http://secunia.com/advisories/26642 http://secunia.com/advisories/26822 http://secunia.com/advisories/26838 http://secunia.com/advisories/27102 http://secunia.com/advisories/27377 http://secunia.com/advisories/28249 http://www.debian.org/security/2008/dsa-1444 http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml http://www.php.net/ChangeLog-5.php#5.2.4 http://www.php.net/releases/5_2_4.php http://www.trustix.org/errata/2007/0026 http://www •

CVSS: 7.5EPSS: 4%CPEs: 69EXPL: 0

The money_format function in PHP 5 before 5.2.4, and PHP 4 before 4.4.8, permits multiple (1) %i and (2) %n tokens, which has unknown impact and attack vectors, possibly related to a format string vulnerability. La función money_format en PHP versiones 5 anteriores a 5.2.4, y PHP versiones 4 anteriores a 4.4.8, permite múltiples tokens (1) %i y (2) %n, que tienen un impacto desconocido y vectores de ataque, posiblemente relacionados con una vulnerabilidad de cadena de formato. • http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html http://rhn.redhat.com/errata/RHSA-2007-0889.html http://secunia.com/advisories/26642 http://secunia.com/advisories/26822 http://secunia.com/advisories/26838 http://secunia.com/advisories/26871 http://secunia.com/advisories/26895 http://secunia.com/advisories/26930 http://secunia.com/advisories/26967 http://secunia.com/advisories/27102 http://secunia.com/advisories/27377 http://secunia.com/advisories/2 •