Showing 1 - 7 of 7

CVE-2008-5498

Status Candidate

Overview

Array index error in the imageRotate function in PHP 5.2.8 and earlier allows context-dependent attackers to read the contents of arbitrary memory locations via a crafted value of the third argument (aka the bgd_color or clrBack argument) for an indexed image.

Related Files

Gentoo Linux Security Advisory 201001-3: Posted Jan 5, 2010; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 201001-3 - Multiple vulnerabilities were found in PHP, the worst of which leading to the remote execution of arbitrary code. Multiple vulnerabilities have been discovered in PHP. Please review the CVE identifiers referenced below and the associated PHP release notes for details. Versions less than 5.2.12 are affected.; tags | advisory, remote, arbitrary, php, vulnerability; systems | linux, gentoo; advisories | CVE-2008-5498, CVE-2008-5514, CVE-2008-5557, CVE-2008-5624, CVE-2008-5625, CVE-2008-5658, CVE-2008-5814, CVE-2008-5844, CVE-2008-7002, CVE-2009-0754, CVE-2009-1271, CVE-2009-1272, CVE-2009-2626, CVE-2009-2687, CVE-2009-3291, CVE-2009-3292, CVE-2009-3293, CVE-2009-3546; SHA-256 | aff1f9bdb3800d54675a65671b47a6ba413ece16b6ab47e89279c16cfaa490a7; Download | Favorite | View

HP Security Bulletin HPSBUX02465 SSRT090192: Posted Oct 23, 2009; Authored by Hewlett Packard | Site hp.com; HP Security Bulletin - Potential security vulnerabilities have been identified with HP-UX running Apache-based Web Server. The vulnerabilities could be exploited remotely to cause a Denial of Service (DoS), cross-site scripting (XSS) or unauthorized access. Apache-based Web Server is contained in the Apache Web Server Suite.; tags | advisory, web, denial of service, vulnerability, xss; systems | hpux; advisories | CVE-2006-3918, CVE-2007-4465, CVE-2007-6203, CVE-2008-0005, CVE-2008-0599, CVE-2008-2168, CVE-2008-2364, CVE-2008-2371, CVE-2008-2665, CVE-2008-2666, CVE-2008-2829, CVE-2008-2939, CVE-2008-3658, CVE-2008-3659, CVE-2008-3660, CVE-2008-5498, CVE-2008-5557, CVE-2008-5624; SHA-256 | 917f5771b1ecaed534503ff6b3384773b7597e104b42f7ed74b05115d49f2b09; Download | Favorite | View

HP Security Bulletin HPSBUX02431 SSRT090085: Posted Jul 2, 2009; Authored by Hewlett Packard | Site hp.com; HP Security Bulletin - Potential security vulnerabilities have been identified with HP-UX running Apache-based Web Server or Tomcat-based Servelet Engine. The vulnerabilities could be exploited remotely to cause a Denial of Service (DoS), or execution of arbitrary code. Apache-based Web Server and Tomcat-based Servelet Engine are contained in the Apache Web Server Suite.; tags | advisory, web, denial of service, arbitrary, vulnerability; systems | hpux; advisories | CVE-2007-4465, CVE-2008-0005, CVE-2008-0599, CVE-2008-2168, CVE-2008-2371, CVE-2008-2665, CVE-2008-2666, CVE-2008-2829, CVE-2008-3659, CVE-2008-3660, CVE-2008-5498, CVE-2008-5557, CVE-2008-5624, CVE-2008-5625, CVE-2008-5658; SHA-256 | 188b9f0db86834082088170fd33ebb8a50552ab4a702ee3c2405d86f177e52e0; Download | Favorite | View

Mandriva Linux Security Advisory 2009-023: Posted Jan 23, 2009; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory 2009-023 - Denial of service, bypass, and various buffer overflows have been addressed in the php package.; tags | advisory, denial of service, overflow, php; systems | linux, mandriva; advisories | CVE-2007-4782, CVE-2007-4850, CVE-2008-1384, CVE-2008-2050, CVE-2008-2371, CVE-2008-3658, CVE-2008-3659, CVE-2008-3660, CVE-2008-5498; SHA-256 | 92466f410be73bf8a3cbb21d9967b91cb688bf798202ffc8693fb04ad04223e3; Download | Favorite | View

Mandriva Linux Security Advisory 2009-022: Posted Jan 21, 2009; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory 2009-022 - Denial of service, bypass, integer overflow, and stack overflow vulnerabilities have been addressed in php.; tags | advisory, denial of service, overflow, php, vulnerability; systems | linux, mandriva; advisories | CVE-2007-4782, CVE-2007-4850, CVE-2008-1384, CVE-2008-2050, CVE-2008-3658, CVE-2008-3659, CVE-2008-3660, CVE-2008-5498; SHA-256 | 4ea99f4240ecfa30f2ade91fa5134f537e90a95ae74fc87ce3b6a0bdc94aad8f; Download | Favorite | View

Mandriva Linux Security Advisory 2009-021: Posted Jan 21, 2009; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory 2009-021 - Multiple buffer overflows, an array indexing error, and a denial of service vulnerability have all been addressed in php.; tags | advisory, denial of service, overflow, php; systems | linux, mandriva; advisories | CVE-2008-3658, CVE-2008-3659, CVE-2008-3660, CVE-2008-5498; SHA-256 | b555ac0988692fa93e6e9e44ac9408180563ae66fd40475aa159a90f68e7f805; Download | Favorite | View

PHP GD Library Information Leak: Posted Dec 31, 2008; Authored by Hamid Ebadi | Site bugtraq.ir; The PHP GD library suffers from an imageRotate() function information leak vulnerability.; tags | advisory, php; advisories | CVE-2008-5498; SHA-256 | 63a4f23ebaa22d5f4bb47dced105c74b50d8a00ff26e6126ba04d1a32f614fea; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 232 files
Ubuntu 59 files
Debian 27 files
Valentin Lobstein 11 files
LiquidWorm 11 files
nu11secur1ty 9 files
Apple 6 files
Milad Karimi 5 files
Google Security Research 5 files
Yevhenii Butenko 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,022)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,318)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,567)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,456)
UNIX (9,394)
UnixWare (187)
Windows (6,650)
Other

CVE-2008-5498

Overview

Related Files

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems