Mandriva Linux Security Advisory 2010-008 - The zend_restore_ini_entry_cb function in zend_ini.c in PHP 5.3.0, 5.2.10, and earlier versions allows context-specific attackers to obtain sensitive information (memory contents) and cause a PHP crash by using the ini_set function to declare a variable, then using the ini_restore function to restore the variable. The htmlspecialchars function in PHP before 5.2.12 does not properly handle (1) overlong UTF-8 sequences, (2) invalid Shift_JIS sequences, and (3) invalid EUC-JP sequences, which allows remote attackers to conduct cross-site scripting (XSS) attacks by placing a crafted byte sequence before a special character. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct these issues.
c5438a6562ebbc112246d9acf0442254a06cf7b21ae5ccf722fd2dc399400237Mandriva Linux Security Advisory 2010-007 - The (1) htmlentities and (2) htmlspecialchars functions in PHP before 5.2.5 accept partial multibyte sequences, which has unknown impact and attack vectors, a different issue than CVE-2006-5465. The zend_restore_ini_entry_cb function in zend_ini.c in PHP 5.3.0, 5.2.10, and earlier versions allows context-specific attackers to obtain sensitive information (memory contents) and cause a PHP crash by using the ini_set function to declare a variable, then using the ini_restore function to restore the variable. The htmlspecialchars function in PHP before 5.2.12 does not properly handle (1) overlong UTF-8 sequences, (2) invalid Shift_JIS sequences, and (3) invalid EUC-JP sequences, which allows remote attackers to conduct cross-site scripting (XSS) attacks by placing a crafted byte sequence before a special character. The updated packages have been patched to correct these issues.
a5e30a5cb2e7c44e5f7ca9485bed9a3fcf2dedcd62d54e21bee5b2d8140cdbabUbuntu Security Notice 882-1 - Maksymilian Arciemowicz discovered that PHP did not properly handle the ini_restore function. An attacker could exploit this issue to obtain random memory contents or to cause the PHP server to crash, resulting in a denial of service. It was discovered that the htmlspecialchars function did not properly handle certain character sequences, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data (such as passwords), within the same domain. Stefan Esser discovered that PHP did not properly handle session data. An attacker could exploit this issue to bypass safe_mode or open_basedir restrictions.
cd84529d17d2626ad3cfc09945cde3a151f1ded241b92b2d05de3bbf06264243Gentoo Linux Security Advisory 201001-3 - Multiple vulnerabilities were found in PHP, the worst of which leading to the remote execution of arbitrary code. Multiple vulnerabilities have been discovered in PHP. Please review the CVE identifiers referenced below and the associated PHP release notes for details. Versions less than 5.2.12 are affected.
aff1f9bdb3800d54675a65671b47a6ba413ece16b6ab47e89279c16cfaa490a7PHP suffers from an ini_restore() related memory information disclosure vulnerability.
2cb1b058ea1c9470f0fb1332b5e80ee970764c67f4f3fd6b726311532d1ceb21Debian Linux Security Advisory 1940-1 - Several remote vulnerabilities have been discovered in the PHP 5 hypertext preprocessor.
a5539a28cde8a1bb5d0403cbd15a3328e03796380d5dd7bb69921367844f4dac
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed