Showing 1 - 5 of 5

CVE-2011-1092

Status Candidate

Overview

Integer overflow in ext/shmop/shmop.c in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (crash) and possibly read sensitive memory via a large third argument to the shmop_read function.

Related Files

HP Security Bulletin HPSBOV02763 SSRT100826: Posted Apr 17, 2012; Authored by HP | Site hp.com; HP Security Bulletin HPSBOV02763 SSRT100826 - Potential vulnerabilities have been identified with HP Secure Web Server (SWS) for OpenVMS running PHP. The vulnerabilities could be remotely exploited to create a Denial of Service (DoS), unauthorized access, privilege escalation, unauthorized disclosure of information, or unauthorized modifications. Revision 1 of this advisory.; tags | advisory, web, denial of service, php, vulnerability; advisories | CVE-2006-7243, CVE-2010-1860, CVE-2010-1862, CVE-2010-1864, CVE-2010-2097, CVE-2010-2100, CVE-2010-2101, CVE-2010-2190, CVE-2010-2191, CVE-2010-2225, CVE-2010-2484, CVE-2010-2531, CVE-2010-3709, CVE-2010-3710, CVE-2010-3870, CVE-2010-4150, CVE-2010-4645, CVE-2010-4697, CVE-2010-4698, CVE-2011-0421, CVE-2011-0708, CVE-2011-0752, CVE-2011-1092, CVE-2011-1148, CVE-2011-1464, CVE-2011-1938, CVE-2011-2202, CVE-2011-4885; SHA-256 | ed9a5902d9c99aabc1fc739a0ec49b2e95fcbd6c58b9ceb14b8f6abcfe7fb2bc; Download | Favorite | View

Ubuntu Security Notice USN-1126-2: Posted May 5, 2011; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 1126-2 - USN 1126-1 fixed several vulnerabilities in PHP. The fix for CVE-2010-4697 introduced an incorrect reference counting regression in the Zend engine that caused the PHP interpreter to segfault. This regression affects Ubuntu 6.06 LTS and Ubuntu 8.04 LTS.; tags | advisory, php, vulnerability; systems | linux, ubuntu; advisories | CVE-2011-1144, CVE-2006-7243, CVE-2010-4697, CVE-2010-4698, CVE-2011-0420, CVE-2011-0421, CVE-2011-0441, CVE-2011-0708, CVE-2011-1072, CVE-2011-1092, CVE-2011-1144, CVE-2011-1148, CVE-2011-1153, CVE-2011-1464, CVE-2011-1466, CVE-2011-1467, CVE-2011-1468, CVE-2011-1469, CVE-2011-1470, CVE-2011-1471; SHA-256 | d3109ede1f1b610fb18480ae30cb346b0d85aac84aedfeadd43a5eb1ad6fe0a2; Download | Favorite | View

Ubuntu Security Notice USN-1126-1: Posted Apr 29, 2011; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 1126-1 - Stephane Chazelas discovered that the /etc/cron.d/php5 cron job for PHP 5.3.5 allows local users to delete arbitrary files via a symlink attack on a directory under /var/lib/php5/. Raphael Geisert and Dan Rosenberg discovered that the PEAR installer allows local users to overwrite arbitrary files via a symlink attack on the package.xml file. Martin Barbella discovered a buffer overflow in the PHP GD extension that allows an attacker to cause a denial of service (application crash) via a large number of anti-aliasing steps in an argument to the imagepstext function. It was discovered that PHP accepts the \0 character in a pathname, which might allow an attacker to bypass intended access restrictions by placing a safe file extension after this character. Various other issues with PHP 5 were also identified and resolved.; tags | advisory, denial of service, overflow, arbitrary, local, php; systems | linux, ubuntu; advisories | CVE-2011-1144, CVE-2006-7243, CVE-2010-4697, CVE-2010-4698, CVE-2011-0420, CVE-2011-0421, CVE-2011-0441, CVE-2011-0708, CVE-2011-1072, CVE-2011-1092, CVE-2011-1144, CVE-2011-1148, CVE-2011-1153, CVE-2011-1464, CVE-2011-1466, CVE-2011-1467, CVE-2011-1468, CVE-2011-1469, CVE-2011-1470, CVE-2011-1471; SHA-256 | 0d1f20dac678d851bff44d385515866f5fb9db107a028a3a3bb2ee850d32fc53; Download | Favorite | View

Mandriva Linux Security Advisory 2011-053: Posted Mar 23, 2011; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory 2011-053 - Multiple vulnerabilities has been identified and fixed in php. These range from denial of service to code execution issues.; tags | advisory, denial of service, php, vulnerability, code execution; systems | linux, mandriva; advisories | CVE-2011-0421, CVE-2011-0708, CVE-2011-1092, CVE-2011-1153, CVE-2011-1464, CVE-2011-1466, CVE-2011-1467, CVE-2011-1468, CVE-2011-1469, CVE-2011-1470, CVE-2011-1471; SHA-256 | 8e3a31350afca8110c11002ff4e93c17438c6aac20bba525ca9ac7e60132ba30; Download | Favorite | View

Mandriva Linux Security Advisory 2011-052: Posted Mar 23, 2011; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory 2011-052 - Multiple vulnerabilities has been identified and fixed in php. These range from denial of service to code execution issues.; tags | advisory, denial of service, php, vulnerability, code execution; systems | linux, mandriva; advisories | CVE-2011-0421, CVE-2011-0708, CVE-2011-1092, CVE-2011-1153, CVE-2011-1464, CVE-2011-1466, CVE-2011-1467, CVE-2011-1469, CVE-2011-1470, CVE-2011-1471; SHA-256 | 1b98e934ccd7157b0631d5dcf0d404eaa0ead3e489c99c8cdc7264385eb99b35; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 111 files
Ubuntu 57 files
malvuln 10 files
Julien Ahrens 8 files
Google Security Research 7 files
Apple 7 files
CraCkEr 6 files
saitamang 6 files
Gentoo 6 files
nu11secur1ty 5 files

File Archives

Systems

AIX (426)
Apple (1,890)
BSD (368)
CentOS (55)
Cisco (1,913)
Debian (5,948)
Fedora (1,690)
FreeBSD (1,241)
Gentoo (4,158)
HPUX (878)
iOS (319)
iPhone (108)
IRIX (220)
Juniper (67)
Linux (42,582)
Mac OS X (683)
Mandriva (3,105)
NetBSD (255)
OpenBSD (478)
RedHat (11,825)
Slackware (941)
Solaris (1,607)
SUSE (1,444)
Ubuntu (7,926)
UNIX (9,098)
UnixWare (185)
Windows (6,442)
Other

CVE-2011-1092

Overview

Related Files

File Archive:

August 2022

Top Authors In Last 30 Days

File Tags

File Archives

Systems