[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250770

 
 

909

 
 

196157

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 26316 Download | Alert*

The host is installed with PHP before 5.3.14 or 5.4.x before 5.4.4 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted parameter value. Successful exploitation allows remote attackers to cause a denial of service (out-of-bounds read and application crash).

The host is installed with Wireshark 1.4.x before 1.4.15 or 1.6.x before 1.6.10 or 1.8.x before 1.8.2 and is prone to integer overflow vulnerability. A flaw is present in the application, which fails to handle the dissect_xtp_ecntl function in epan/dissectors/packet-xtp.c in the XTP dissector. Successful exploitation allows remote attackers to cause a denial of service (loop or application crash).

The host is installed with Wireshark 1.4.x before 1.4.15 or 1.6.x before 1.6.10 or 1.8.x before 1.8.2 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle the dissect_stun_message function in epan/dissectors/packet-stun.c in the STUN dissector. Successful exploitation allows remote attackers to cause a denial of service (application crash).

Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.36, 5.5.x before 5.5.20, and 5.6.x before 5.6.4 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages improper handling of duplicate keys within the serialized properties of an object, a different vulnerability than CVE-2004-1019.

gd_ctx.c in the GD component in PHP 5.4.x before 5.4.32 and 5.5.x before 5.5.16 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to overwrite arbitrary files via crafted input to an application that calls the (1) imagegd, (2) imagegd2, (3) imagegif, (4) imagejpeg, (5) imagepng, (6) imagewbmp, or (7) imagewebp function.

The phpinfo implementation in ext/standard/info.c in PHP before 5.4.30 and 5.5.x before 5.5.14 does not ensure use of the string data type for the PHP_AUTH_PW, PHP_AUTH_TYPE, PHP_AUTH_USER, and PHP_SELF variables, which might allow context-dependent attackers to obtain sensitive information from process memory by using the integer data type with crafted values, related to a "type confusion" vulner ...

Use-after-free vulnerability in ext/spl/spl_array.c in the SPL component in PHP through 5.5.14 allows context-dependent attackers to cause a denial of service or possibly have unspecified other impact via crafted ArrayIterator usage within applications in certain web-hosting environments.

Use-after-free vulnerability in ext/spl/spl_array.c in the SPL component in PHP through 5.5.14 allows context-dependent attackers to cause a denial of service or possibly have unspecified other impact via crafted ArrayIterator usage within applications in certain web-hosting environments.

The exif_ifd_make_value function in exif.c in the EXIF extension in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2 operates on floating-point arrays incorrectly, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a crafted JPEG image with TIFF thumbnail data that is improperly handled by t ...

The exif_ifd_make_value function in exif.c in the EXIF extension in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2 operates on floating-point arrays incorrectly, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a crafted JPEG image with TIFF thumbnail data that is improperly handled by t ...


Pages:      Start    1244    1245    1246    1247    1248    1249    1250    1251    1252    1253    1254    1255    1256    1257    ..   2631

© SecPod Technologies