exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 6 of 6 RSS Feed

CVE-2007-1380

Status Candidate

Overview

The php_binary serialization handler in the session extension in PHP before 4.4.5, and 5.x before 5.2.1, allows context-dependent attackers to obtain sensitive information (memory contents) via a serialized variable entry with a large length value, which triggers a buffer over-read.

Related Files

HP Security Bulletin 2007-14.29
Posted Jun 29, 2007
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - Potential vulnerabilities have been reported on the PHP Hypertext Processing Engine provided with the Secure Web Server for HP Tru64 UNIX Powered by Apache (SWS) and HP Internet Express for Tru64 UNIX (IX). The vulnerabilities could be exploited by remote users to execute arbitrary code, read arbitrary files, or cause a Denial of Service (DoS).

tags | advisory, remote, web, denial of service, arbitrary, php, vulnerability
systems | unix
advisories | CVE-2006-4625, CVE-2007-0988, CVE-2007-1286, CVE-2007-1380, CVE-2007-1700, CVE-2007-1701, CVE-2007-1710, CVE-2007-1835, CVE-2007-1884, CVE-2007-1885, CVE-2007-1886
SHA-256 | 6861c14a60cdcb3be9fbb86db51d051e29d27ca23a675ae1dc2fed91cb81e34d
OpenPKG Security Advisory 2007.19
Posted May 31, 2007
Authored by OpenPKG Foundation | Site openpkg.com

OpenPKG Security Advisory - Multiple vulnerabilities in PHP versions 5.2.2 and below have been addressed.

tags | advisory, php, vulnerability
advisories | CVE-2007-1380, CVE-2007-1375, CVE-2007-1376, CVE-2007-1521, CVE-2007-1484, CVE-2007-1583, CVE-2007-1700, CVE-2007-1718, CVE-2007-1461, CVE-2007-1887, CVE-2007-1888, CVE-2007-1717, CVE-2007-1835, CVE-2007-1890, CVE-2007-1824
SHA-256 | de25ea5eaff6e286c1e16000b5dfce7c3dedab43e0b8b25a85fcd5852260b7f1
Debian Linux Security Advisory 1283-1
Posted May 3, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1283-1 - Several remote vulnerabilities have been discovered in PHP, a server-side, HTML-embedded scripting language, which may lead to the execution of arbitrary code.

tags | advisory, remote, arbitrary, php, vulnerability
systems | linux, debian
advisories | CVE-2007-1286, CVE-2007-1375, CVE-2007-1376, CVE-2007-1380, CVE-2007-1453, CVE-2007-1454, CVE-2007-1521, CVE-2007-1583, CVE-2007-1700, CVE-2007-1711, CVE-2007-1718, CVE-2007-1777, CVE-2007-1824, CVE-2007-1887, CVE-2007-1889, CVE-2007-1900
SHA-256 | c54d56268b90168aacfce8d14ed3df2d22e9234134cbe834f81eef7a9f542934
Ubuntu Security Notice 455-1
Posted May 3, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 455-1 - A slew of vulnerabilities for PHP5 have been patched.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2007-1375, CVE-2007-1376, CVE-2007-1380, CVE-2007-1484, CVE-2007-1521, CVE-2007-1583, CVE-2007-1700, CVE-2007-1718, CVE-2007-1824, CVE-2007-1887, CVE-2007-1888, CVE-2007-1900
SHA-256 | 9221520c5009cf2bb524114fcbffb5b8b2f37131a7f6950913a67f0b3757c552
Debian Linux Security Advisory 1282-1
Posted May 3, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1282-1 - Several remote vulnerabilities have been discovered in PHP, a server-side, HTML-embedded scripting language, which may lead to the execution of arbitrary code.

tags | advisory, remote, arbitrary, php, vulnerability
systems | linux, debian
advisories | CVE-2007-1286, CVE-2007-1380, CVE-2007-1521, CVE-2007-1711, CVE-2007-1718, CVE-2007-1777
SHA-256 | 7ec224cc79934c8400f1eb14d8eb03497068b510b20f6a1dd71053bcb0573561
Gentoo Linux Security Advisory 200703-21
Posted Mar 21, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200703-21 - Several vulnerabilities were found in PHP by the Hardened-PHP Project and other researchers. These vulnerabilities include a heap-based buffer overflow in htmlentities() and htmlspecialchars() if called with UTF-8 parameters, and an off-by-one error in str_ireplace(). Other vulnerabilities were also found in the PHP4 branch, including possible overflows, stack corruptions and a format string vulnerability in the *print() functions on 64 bit systems. Versions less than 5.2.1-r3 are affected.

tags | advisory, overflow, php, vulnerability
systems | linux, gentoo
advisories | CVE-2006-5465, CVE-2007-0906, CVE-2007-0907, CVE-2007-0908, CVE-2007-0909, CVE-2007-0910, CVE-2007-0911, CVE-2007-0988, CVE-2007-1286, CVE-2007-1375, CVE-2007-1376, CVE-2007-1380, CVE-2007-1383
SHA-256 | 2a68bf4d09b8bcea9389593696b002f77d4faf366a29f85257aee2053ef4e678
Page 1 of 1
Back1Next

File Archive:

June 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    19 Files
  • 2
    Jun 2nd
    16 Files
  • 3
    Jun 3rd
    28 Files
  • 4
    Jun 4th
    0 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    19 Files
  • 7
    Jun 7th
    23 Files
  • 8
    Jun 8th
    11 Files
  • 9
    Jun 9th
    10 Files
  • 10
    Jun 10th
    4 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    27 Files
  • 20
    Jun 20th
    65 Files
  • 21
    Jun 21st
    10 Files
  • 22
    Jun 22nd
    8 Files
  • 23
    Jun 23rd
    6 Files
  • 24
    Jun 24th
    6 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close