[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

253164

 
 

909

 
 

197077

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 26884 Download | Alert*

The host is installed with PHP before 5.3.14 or 5.4.x before 5.4.4 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted parameter value. Successful exploitation allows remote attackers to cause a denial of service (out-of-bounds read and application crash).

The host is installed with Wireshark 1.4.x before 1.4.15 or 1.6.x before 1.6.10 or 1.8.x before 1.8.2 and is prone to integer overflow vulnerability. A flaw is present in the application, which fails to handle the dissect_xtp_ecntl function in epan/dissectors/packet-xtp.c in the XTP dissector. Successful exploitation allows remote attackers to cause a denial of service (loop or application crash).

The host is installed with Wireshark 1.4.x before 1.4.15 or 1.6.x before 1.6.10 or 1.8.x before 1.8.2 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the dissect_stun_message function in epan/dissectors/packet-stun.c in the STUN dissector. Successful exploitation allows remote attackers to cause a denial of service (application crash).

Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.36, 5.5.x before 5.5.20, and 5.6.x before 5.6.4 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages improper handling of duplicate keys within the serialized properties of an object, a different vulnerability than CVE-2004-1019.

gd_ctx.c in the GD component in PHP 5.4.x before 5.4.32 and 5.5.x before 5.5.16 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to overwrite arbitrary files via crafted input to an application that calls the (1) imagegd, (2) imagegd2, (3) imagegif, (4) imagejpeg, (5) imagepng, (6) imagewbmp, or (7) imagewebp function.

The phpinfo implementation in ext/standard/info.c in PHP before 5.4.30 and 5.5.x before 5.5.14 does not ensure use of the string data type for the PHP_AUTH_PW, PHP_AUTH_TYPE, PHP_AUTH_USER, and PHP_SELF variables, which might allow context-dependent attackers to obtain sensitive information from process memory by using the integer data type with crafted values, related to a "type confusion" vulner ...

Use-after-free vulnerability in ext/spl/spl_array.c in the SPL component in PHP through 5.5.14 allows context-dependent attackers to cause a denial of service or possibly have unspecified other impact via crafted ArrayIterator usage within applications in certain web-hosting environments.

Use-after-free vulnerability in ext/spl/spl_array.c in the SPL component in PHP through 5.5.14 allows context-dependent attackers to cause a denial of service or possibly have unspecified other impact via crafted ArrayIterator usage within applications in certain web-hosting environments.

The exif_ifd_make_value function in exif.c in the EXIF extension in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2 operates on floating-point arrays incorrectly, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a crafted JPEG image with TIFF thumbnail data that is improperly handled by t ...

The exif_ifd_make_value function in exif.c in the EXIF extension in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2 operates on floating-point arrays incorrectly, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a crafted JPEG image with TIFF thumbnail data that is improperly handled by t ...


Pages:      Start    1274    1275    1276    1277    1278    1279    1280    1281    1282    1283    1284    1285    1286    1287    ..   2688

© SecPod Technologies