Computer Security

Search:Software:PHP 4.3
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



See also
  ENOMPHP : enomphp 4.0
  PHOTOPOST : PhotoPost PHP 4.6
  PHP : PHP 4.4
  APACHE : mod_php 4.3
  APACHE : mod_php 4.2
  PHP : PHP 4.1
  PHP : PHP 4.2
  PHP : PHP 4.0
Name:PHP : PHP 4.3

6!PHP 4 multiple function buffer overflows
document Buffer overflows in mb_* functions.
6!Multiple PHP bugs
updated since 27.02.2002
document Buffer overflows, integer overflows, DoS conditions, crossite scripting.
6!PHP integer overflow
document unserialize() function integer overflow.
6!PHP ip2long protection bypass
document Function can return positive result on malformed argument, it can be used to bypass argument validation.
 Windows PHP buffer overflow
document mysql_connect() buffer overflow.
6!PCRE regular expressions library integer overflow
updated since 22.08.2005
document pcre_compile.c {} regexp parameter integer overflow.
6!PHP calendar functions buffer overflow
document Buffer overflow in calendar functions, e.g. JDToGregorian() on large integer.
 PHP multiple vulnerabilities
updated since 13.04.2005
document Integer overflows on EXIF tags parsing.
 PHP getimagesize DoS
document Infinite loops with 100% CPU utilization.
 PHP readfile() DoS
document Denial of service during large file access.
7!Multiple PHP bugs
updated since 16.12.2004
document Integer overflow leading to memory content leak, safe mode protection bypass, openlog() buffer overflow, etc.
 PHP+cURL local file access protection bypass
document It's possible to address any local file by file:// URL.
6!PHP memory corruption
document Invalid exceptional conditions handling allows memory corruption leading to code execution.
 PHP strip_tags protection bypass
document Insertion null character into tag allow protection bypass for few browsers.
6!PHP for Windows shell characters filtration protection bypass
document escapeshellcmd()/escapeshellarg() do not work under Windows.
 php.ini PHP protection bypass
document It's possible tyo bypass protection (register_globals = on for example) of virtual host by requestin host without protection in same HTTP keep-alive connection before.
 Multiple PHP problems
updated since 26.03.2003
document Local integer overflow in socket_iovec_alloc() may be exploited if PHP is compiled with --enable-sockets option. Memory allocation troubles. Buffer overflow in openlog().
7!PHP CGI unauthorized access
document --enable-force-cgi-redirect option doesn't work. It allows remote file access and custom PHP code execution.
                    
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod
 


Rating@Mail.ru