exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 6 of 6 RSS Feed

CVE-2009-2626

Status Candidate

Overview

The zend_restore_ini_entry_cb function in zend_ini.c in PHP 5.3.0, 5.2.10, and earlier versions allows context-specific attackers to obtain sensitive information (memory contents) and cause a PHP crash by using the ini_set function to declare a variable, then using the ini_restore function to restore the variable.

Related Files

Mandriva Linux Security Advisory 2010-008
Posted Jan 16, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-008 - The zend_restore_ini_entry_cb function in zend_ini.c in PHP 5.3.0, 5.2.10, and earlier versions allows context-specific attackers to obtain sensitive information (memory contents) and cause a PHP crash by using the ini_set function to declare a variable, then using the ini_restore function to restore the variable. The htmlspecialchars function in PHP before 5.2.12 does not properly handle (1) overlong UTF-8 sequences, (2) invalid Shift_JIS sequences, and (3) invalid EUC-JP sequences, which allows remote attackers to conduct cross-site scripting (XSS) attacks by placing a crafted byte sequence before a special character. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct these issues.

tags | advisory, remote, php, xss
systems | linux, mandriva
advisories | CVE-2009-2626, CVE-2009-4142
SHA-256 | c5438a6562ebbc112246d9acf0442254a06cf7b21ae5ccf722fd2dc399400237
Mandriva Linux Security Advisory 2010-007
Posted Jan 16, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-007 - The (1) htmlentities and (2) htmlspecialchars functions in PHP before 5.2.5 accept partial multibyte sequences, which has unknown impact and attack vectors, a different issue than CVE-2006-5465. The zend_restore_ini_entry_cb function in zend_ini.c in PHP 5.3.0, 5.2.10, and earlier versions allows context-specific attackers to obtain sensitive information (memory contents) and cause a PHP crash by using the ini_set function to declare a variable, then using the ini_restore function to restore the variable. The htmlspecialchars function in PHP before 5.2.12 does not properly handle (1) overlong UTF-8 sequences, (2) invalid Shift_JIS sequences, and (3) invalid EUC-JP sequences, which allows remote attackers to conduct cross-site scripting (XSS) attacks by placing a crafted byte sequence before a special character. The updated packages have been patched to correct these issues.

tags | advisory, remote, php, xss
systems | linux, mandriva
advisories | CVE-2007-5898, CVE-2009-2626, CVE-2009-4142
SHA-256 | a5e30a5cb2e7c44e5f7ca9485bed9a3fcf2dedcd62d54e21bee5b2d8140cdbab
Ubuntu Security Notice 882-1
Posted Jan 14, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 882-1 - Maksymilian Arciemowicz discovered that PHP did not properly handle the ini_restore function. An attacker could exploit this issue to obtain random memory contents or to cause the PHP server to crash, resulting in a denial of service. It was discovered that the htmlspecialchars function did not properly handle certain character sequences, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data (such as passwords), within the same domain. Stefan Esser discovered that PHP did not properly handle session data. An attacker could exploit this issue to bypass safe_mode or open_basedir restrictions.

tags | advisory, remote, denial of service, php, vulnerability, xss
systems | linux, ubuntu
advisories | CVE-2009-2626, CVE-2009-4142, CVE-2009-4143
SHA-256 | cd84529d17d2626ad3cfc09945cde3a151f1ded241b92b2d05de3bbf06264243
Gentoo Linux Security Advisory 201001-3
Posted Jan 5, 2010
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201001-3 - Multiple vulnerabilities were found in PHP, the worst of which leading to the remote execution of arbitrary code. Multiple vulnerabilities have been discovered in PHP. Please review the CVE identifiers referenced below and the associated PHP release notes for details. Versions less than 5.2.12 are affected.

tags | advisory, remote, arbitrary, php, vulnerability
systems | linux, gentoo
advisories | CVE-2008-5498, CVE-2008-5514, CVE-2008-5557, CVE-2008-5624, CVE-2008-5625, CVE-2008-5658, CVE-2008-5814, CVE-2008-5844, CVE-2008-7002, CVE-2009-0754, CVE-2009-1271, CVE-2009-1272, CVE-2009-2626, CVE-2009-2687, CVE-2009-3291, CVE-2009-3292, CVE-2009-3293, CVE-2009-3546
SHA-256 | aff1f9bdb3800d54675a65671b47a6ba413ece16b6ab47e89279c16cfaa490a7
PHP ini_restore Memory Disclosure
Posted Dec 4, 2009
Authored by Maksymilian Arciemowicz | Site securityreason.com

PHP suffers from an ini_restore() related memory information disclosure vulnerability.

tags | exploit, php, info disclosure
advisories | CVE-2009-2626
SHA-256 | 2cb1b058ea1c9470f0fb1332b5e80ee970764c67f4f3fd6b726311532d1ceb21
Debian Linux Security Advisory 1940-1
Posted Nov 27, 2009
Authored by Debian | Site debian.org

Debian Linux Security Advisory 1940-1 - Several remote vulnerabilities have been discovered in the PHP 5 hypertext preprocessor.

tags | advisory, remote, php, vulnerability
systems | linux, debian
advisories | CVE-2009-2626, CVE-2009-2687, CVE-2009-3291, CVE-2009-3292
SHA-256 | a5539a28cde8a1bb5d0403cbd15a3328e03796380d5dd7bb69921367844f4dac
Page 1 of 1
Back1Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    45 Files
  • 19
    Apr 19th
    8 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    11 Files
  • 23
    Apr 23rd
    68 Files
  • 24
    Apr 24th
    23 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close