Showing 1 - 5 of 5

CVE-2011-3379

Status Candidate

Overview

The is_a function in PHP 5.3.7 and 5.3.8 triggers a call to the __autoload function, which makes it easier for remote attackers to execute arbitrary code by providing a crafted URL and leveraging potentially unsafe behavior in certain PEAR packages and custom autoloaders.

Related Files

HP Security Bulletin HPSBMU02786 SSRT100877 2: Posted May 9, 2013; Authored by HP | Site hp.com; HP Security Bulletin HPSBMU02786 SSRT100877 2 - Potential security vulnerabilities have been identified with HP System Management Homepage (SMH) running on Linux, Windows, and VMware ESX. The vulnerabilities could be exploited remotely resulting in unauthorized access, disclosure of information, data modification, Denial of Service (DoS), and execution of arbitrary code. Revision 2 of this advisory.; tags | advisory, denial of service, arbitrary, vulnerability; systems | linux, windows; advisories | CVE-2011-1944, CVE-2011-2821, CVE-2011-2834, CVE-2011-3379, CVE-2011-3607, CVE-2011-4078, CVE-2011-4108, CVE-2011-4153, CVE-2011-4317, CVE-2011-4415, CVE-2011-4576, CVE-2011-4577, CVE-2011-4619, CVE-2011-4885, CVE-2012-0021, CVE-2012-0027, CVE-2012-0031, CVE-2012-0036, CVE-2012-0053, CVE-2012-0057, CVE-2012-0830, CVE-2012-1165, CVE-2012-1823, CVE-2012-2012, CVE-2012-2013, CVE-2012-2014, CVE-2012-2015, CVE-2012-2016; MD5 | 80f8158182e481b6569a26d38a63761b; Download | Favorite | Comments (0)

Gentoo Linux Security Advisory 201209-03: Posted Sep 24, 2012; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 201209-3 - Multiple vulnerabilities were found in PHP, the worst of which lead to remote execution of arbitrary code. Versions less than 5.3.15 are affected.; tags | advisory, remote, arbitrary, php, vulnerability; systems | linux, gentoo; advisories | CVE-2011-1398, CVE-2011-3379, CVE-2011-4566, CVE-2011-4885, CVE-2012-0057, CVE-2012-0788, CVE-2012-0789, CVE-2012-0830, CVE-2012-0831, CVE-2012-1172, CVE-2012-1823, CVE-2012-2143, CVE-2012-2311, CVE-2012-2335, CVE-2012-2336, CVE-2012-2386, CVE-2012-2688, CVE-2012-3365, CVE-2012-3450; MD5 | 3a7b11ddafda5c0c062b3746c3db17dd; Download | Favorite | Comments (0)

HP Security Bulletin HPSBMU02786 SSRT100877: Posted Jun 28, 2012; Authored by HP | Site hp.com; HP Security Bulletin HPSBMU02786 SSRT100877 - Potential security vulnerabilities have been identified with HP System Management Homepage (SMH) running on Linux and Windows. The vulnerabilities could be exploited remotely resulting in unauthorized access, disclosure of information, data modification, Denial of Service (DoS), and execution of arbitrary code. Revision 1 of this advisory.; tags | advisory, denial of service, arbitrary, vulnerability; systems | linux, windows; advisories | CVE-2011-1944, CVE-2011-2821, CVE-2011-2834, CVE-2011-3379, CVE-2011-3607, CVE-2011-4078, CVE-2011-4108, CVE-2011-4153, CVE-2011-4317, CVE-2011-4415, CVE-2011-4576, CVE-2011-4577, CVE-2011-4619, CVE-2011-4885, CVE-2012-0021, CVE-2012-0027, CVE-2012-0031, CVE-2012-0036, CVE-2012-0053, CVE-2012-0057, CVE-2012-0830, CVE-2012-1165, CVE-2012-1823, CVE-2012-2012, CVE-2012-2013, CVE-2012-2014, CVE-2012-2015, CVE-2012-2016; MD5 | 31d29fe7aaae474acd1185e3d5e9e226; Download | Favorite | Comments (0)

Mandriva Linux Security Advisory 2012-071: Posted May 10, 2012; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory 2012-071 - This is a bugfix and security advisory that upgrades php to the latest 5.3.13 version for Mandriva Linux Enterprise 5.2 which resolves numerous upstream bugs in php.; tags | advisory, php; systems | linux, mandriva; advisories | CVE-2011-1148, CVE-2011-1657, CVE-2011-1938, CVE-2011-2202, CVE-2011-2483, CVE-2011-3182, CVE-2011-3267, CVE-2011-3268, CVE-2011-3379, CVE-2011-2483, CVE-2011-4566, CVE-2011-4885, CVE-2012-0788, CVE-2012-0807, CVE-2012-0830, CVE-2012-0831, CVE-2012-1172, CVE-2012-1823, CVE-2012-1823, CVE-2012-2335, CVE-2012-2336; MD5 | f031e64124033b6bfd062d5ee8bdec36; Download | Favorite | Comments (0)

Mandriva Linux Security Advisory 2011-166: Posted Nov 3, 2011; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory 2011-166 - A vulnerability has been identified and fixed in php. The is_a function in PHP 5.3.7 and 5.3.8 triggers a call to the __autoload function, which makes it easier for remote attackers to execute arbitrary code by providing a crafted URL and leveraging potentially unsafe behavior in certain PEAR packages and custom autoloaders. The php-ini-5.3.8 package was missing with the MDVSA-2011:165 advisory and is now being provided, the php-timezonedb package was upgraded to the latest version for 2011. The updated packages have been patched to correct this issue.; tags | advisory, remote, arbitrary, php; systems | linux, mandriva; advisories | CVE-2011-3379; MD5 | 2f9fd1ed46b662fc92a212163565a853; Download | Favorite | Comments (0)

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 149 files
Ubuntu 56 files
Google Security Research 38 files
Gentoo 25 files
mjurczyk 21 files
Debian 17 files
Apple 10 files
natashenka 7 files
Daniel Bishtawi 6 files
Nissana Sirijirakal 6 files

File Archives

Systems

AIX (414)
Apple (1,656)
BSD (359)
Cisco (1,857)
Debian (5,816)
Fedora (1,685)
FreeBSD (1,231)
Gentoo (3,713)
HPUX (869)
iOS (211)
iPhone (107)
IRIX (220)
Juniper (67)
Linux (35,848)
Mac OS X (658)
Mandriva (3,105)
NetBSD (255)
OpenBSD (460)
RedHat (7,525)
Slackware (912)
Solaris (1,581)
SUSE (1,444)
Ubuntu (6,303)
UNIX (8,503)
UnixWare (176)
Windows (5,527)
Other

CVE-2011-3379

Overview

Related Files

File Archive:

August 2019

Top Authors In Last 30 Days

File Tags

File Archives

Systems