exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 6 of 6 RSS Feed

CVE-2007-1380

Status Candidate

Overview

The php_binary serialization handler in the session extension in PHP before 4.4.5, and 5.x before 5.2.1, allows context-dependent attackers to obtain sensitive information (memory contents) via a serialized variable entry with a large length value, which triggers a buffer over-read.

Related Files

HP Security Bulletin 2007-14.29
Posted Jun 29, 2007
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - Potential vulnerabilities have been reported on the PHP Hypertext Processing Engine provided with the Secure Web Server for HP Tru64 UNIX Powered by Apache (SWS) and HP Internet Express for Tru64 UNIX (IX). The vulnerabilities could be exploited by remote users to execute arbitrary code, read arbitrary files, or cause a Denial of Service (DoS).

tags | advisory, remote, web, denial of service, arbitrary, php, vulnerability
systems | unix
advisories | CVE-2006-4625, CVE-2007-0988, CVE-2007-1286, CVE-2007-1380, CVE-2007-1700, CVE-2007-1701, CVE-2007-1710, CVE-2007-1835, CVE-2007-1884, CVE-2007-1885, CVE-2007-1886
SHA-256 | 6861c14a60cdcb3be9fbb86db51d051e29d27ca23a675ae1dc2fed91cb81e34d
OpenPKG Security Advisory 2007.19
Posted May 31, 2007
Authored by OpenPKG Foundation | Site openpkg.com

OpenPKG Security Advisory - Multiple vulnerabilities in PHP versions 5.2.2 and below have been addressed.

tags | advisory, php, vulnerability
advisories | CVE-2007-1380, CVE-2007-1375, CVE-2007-1376, CVE-2007-1521, CVE-2007-1484, CVE-2007-1583, CVE-2007-1700, CVE-2007-1718, CVE-2007-1461, CVE-2007-1887, CVE-2007-1888, CVE-2007-1717, CVE-2007-1835, CVE-2007-1890, CVE-2007-1824
SHA-256 | de25ea5eaff6e286c1e16000b5dfce7c3dedab43e0b8b25a85fcd5852260b7f1
Debian Linux Security Advisory 1283-1
Posted May 3, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1283-1 - Several remote vulnerabilities have been discovered in PHP, a server-side, HTML-embedded scripting language, which may lead to the execution of arbitrary code.

tags | advisory, remote, arbitrary, php, vulnerability
systems | linux, debian
advisories | CVE-2007-1286, CVE-2007-1375, CVE-2007-1376, CVE-2007-1380, CVE-2007-1453, CVE-2007-1454, CVE-2007-1521, CVE-2007-1583, CVE-2007-1700, CVE-2007-1711, CVE-2007-1718, CVE-2007-1777, CVE-2007-1824, CVE-2007-1887, CVE-2007-1889, CVE-2007-1900
SHA-256 | c54d56268b90168aacfce8d14ed3df2d22e9234134cbe834f81eef7a9f542934
Ubuntu Security Notice 455-1
Posted May 3, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 455-1 - A slew of vulnerabilities for PHP5 have been patched.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2007-1375, CVE-2007-1376, CVE-2007-1380, CVE-2007-1484, CVE-2007-1521, CVE-2007-1583, CVE-2007-1700, CVE-2007-1718, CVE-2007-1824, CVE-2007-1887, CVE-2007-1888, CVE-2007-1900
SHA-256 | 9221520c5009cf2bb524114fcbffb5b8b2f37131a7f6950913a67f0b3757c552
Debian Linux Security Advisory 1282-1
Posted May 3, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1282-1 - Several remote vulnerabilities have been discovered in PHP, a server-side, HTML-embedded scripting language, which may lead to the execution of arbitrary code.

tags | advisory, remote, arbitrary, php, vulnerability
systems | linux, debian
advisories | CVE-2007-1286, CVE-2007-1380, CVE-2007-1521, CVE-2007-1711, CVE-2007-1718, CVE-2007-1777
SHA-256 | 7ec224cc79934c8400f1eb14d8eb03497068b510b20f6a1dd71053bcb0573561
Gentoo Linux Security Advisory 200703-21
Posted Mar 21, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200703-21 - Several vulnerabilities were found in PHP by the Hardened-PHP Project and other researchers. These vulnerabilities include a heap-based buffer overflow in htmlentities() and htmlspecialchars() if called with UTF-8 parameters, and an off-by-one error in str_ireplace(). Other vulnerabilities were also found in the PHP4 branch, including possible overflows, stack corruptions and a format string vulnerability in the *print() functions on 64 bit systems. Versions less than 5.2.1-r3 are affected.

tags | advisory, overflow, php, vulnerability
systems | linux, gentoo
advisories | CVE-2006-5465, CVE-2007-0906, CVE-2007-0907, CVE-2007-0908, CVE-2007-0909, CVE-2007-0910, CVE-2007-0911, CVE-2007-0988, CVE-2007-1286, CVE-2007-1375, CVE-2007-1376, CVE-2007-1380, CVE-2007-1383
SHA-256 | 2a68bf4d09b8bcea9389593696b002f77d4faf366a29f85257aee2053ef4e678
Page 1 of 1
Back1Next

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    17 Files
  • 21
    May 21st
    18 Files
  • 22
    May 22nd
    7 Files
  • 23
    May 23rd
    111 Files
  • 24
    May 24th
    27 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close