[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

253164

 
 

909

 
 

197077

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 26369 Download | Alert*

Multiple integer signedness errors in the gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 allow remote attackers to cause a denial of service (application crash) or obtain sensitive information via an imagecrop function call with a negative value for the (1) x or (2) y dimension, a different vulnerability than CVE-2013-7226.

The gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 does not check return values, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via invalid imagecrop arguments that lead to use of a NULL pointer as a return value, a different vulnerability than CVE-2013-7226.

Integer overflow in the gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an imagecrop function call with a large x dimension value, leading to a heap-based buffer overflow.

The default soap.wsdl_cache_dir setting in (1) php.ini-production and (2) php.ini-development in PHP through 5.6.7 specifies the /tmp directory, which makes it easier for local users to conduct WSDL injection attacks by creating a file under /tmp with a predictable filename that is used by the get_sdl function in ext/soap/php_sdl.c.

The host is installed with Wireshark 1.6.x before 1.6.12 or 1.8.x before 1.8.4 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the dissect_rtcp_app function in epan/dissectors/packet-rtcp.c in the RTCP dissector. Successful exploitation allows remote attackers to cause a denial of service (infinite loop).

The host is installed with Wireshark 1.6.x before 1.6.12 or 1.8.x before 1.8.4 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the dissect_wtp_common function in epan/dissectors/packet-wtp.c in the WTP dissector. Successful exploitation allows remote attackers to cause a denial of service (integer overflow and infinite loop).

The host is installed with Wireshark 1.6.x before 1.6.12 or 1.8.x before 1.8.4 and is prone to integer overflow vulnerability. A flaw is present in the application, which fails to handle the dissect_iscsi_pdu function in epan/dissectors/packet-iscsi.c in the iSCSI dissector. Successful exploitation allows remote attackers to cause a denial of service (infinite loop).

The host is installed with Wireshark 1.8.x before 1.8.4 and is prone to integer overflow vulnerability. A flaw is present in the application, which fails to handle the dissect_sack_chunk function in epan/dissectors/packet-sctp.c in the SCTP dissector. Successful exploitation allows remote attackers to cause a denial of service (infinite loop).

The host is installed with Apache HTTP Server 2.2.x through 2.2.21 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly restrict header information during construction of Bad Request (aka 400) error documents. Successful exploitation could allow remote attackers to obtain the values of HTTPOnly cookies.

The host is installed with Apache HTTP Server 2.4.6 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle enablement of caching forward proxy. Successful exploitation could allow remote HTTP servers to cause denial of service (NULL pointer dereference and daemon crash).


Pages:      Start    1289    1290    1291    1292    1293    1294    1295    1296    1297    1298    1299    1300    1301    1302    ..   2636

© SecPod Technologies