Showing 1 - 5 of 5

CVE-2011-3379

Status Candidate

Overview

The is_a function in PHP 5.3.7 and 5.3.8 triggers a call to the __autoload function, which makes it easier for remote attackers to execute arbitrary code by providing a crafted URL and leveraging potentially unsafe behavior in certain PEAR packages and custom autoloaders.

Related Files

HP Security Bulletin HPSBMU02786 SSRT100877 2: Posted May 9, 2013; Authored by HP | Site hp.com; HP Security Bulletin HPSBMU02786 SSRT100877 2 - Potential security vulnerabilities have been identified with HP System Management Homepage (SMH) running on Linux, Windows, and VMware ESX. The vulnerabilities could be exploited remotely resulting in unauthorized access, disclosure of information, data modification, Denial of Service (DoS), and execution of arbitrary code. Revision 2 of this advisory.; tags | advisory, denial of service, arbitrary, vulnerability; systems | linux, windows; advisories | CVE-2011-1944, CVE-2011-2821, CVE-2011-2834, CVE-2011-3379, CVE-2011-3607, CVE-2011-4078, CVE-2011-4108, CVE-2011-4153, CVE-2011-4317, CVE-2011-4415, CVE-2011-4576, CVE-2011-4577, CVE-2011-4619, CVE-2011-4885, CVE-2012-0021, CVE-2012-0027, CVE-2012-0031, CVE-2012-0036, CVE-2012-0053, CVE-2012-0057, CVE-2012-0830, CVE-2012-1165, CVE-2012-1823, CVE-2012-2012, CVE-2012-2013, CVE-2012-2014, CVE-2012-2015, CVE-2012-2016; MD5 | 80f8158182e481b6569a26d38a63761b; Download | Favorite | View

Gentoo Linux Security Advisory 201209-03: Posted Sep 24, 2012; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 201209-3 - Multiple vulnerabilities were found in PHP, the worst of which lead to remote execution of arbitrary code. Versions less than 5.3.15 are affected.; tags | advisory, remote, arbitrary, php, vulnerability; systems | linux, gentoo; advisories | CVE-2011-1398, CVE-2011-3379, CVE-2011-4566, CVE-2011-4885, CVE-2012-0057, CVE-2012-0788, CVE-2012-0789, CVE-2012-0830, CVE-2012-0831, CVE-2012-1172, CVE-2012-1823, CVE-2012-2143, CVE-2012-2311, CVE-2012-2335, CVE-2012-2336, CVE-2012-2386, CVE-2012-2688, CVE-2012-3365, CVE-2012-3450; MD5 | 3a7b11ddafda5c0c062b3746c3db17dd; Download | Favorite | View

HP Security Bulletin HPSBMU02786 SSRT100877: Posted Jun 28, 2012; Authored by HP | Site hp.com; HP Security Bulletin HPSBMU02786 SSRT100877 - Potential security vulnerabilities have been identified with HP System Management Homepage (SMH) running on Linux and Windows. The vulnerabilities could be exploited remotely resulting in unauthorized access, disclosure of information, data modification, Denial of Service (DoS), and execution of arbitrary code. Revision 1 of this advisory.; tags | advisory, denial of service, arbitrary, vulnerability; systems | linux, windows; advisories | CVE-2011-1944, CVE-2011-2821, CVE-2011-2834, CVE-2011-3379, CVE-2011-3607, CVE-2011-4078, CVE-2011-4108, CVE-2011-4153, CVE-2011-4317, CVE-2011-4415, CVE-2011-4576, CVE-2011-4577, CVE-2011-4619, CVE-2011-4885, CVE-2012-0021, CVE-2012-0027, CVE-2012-0031, CVE-2012-0036, CVE-2012-0053, CVE-2012-0057, CVE-2012-0830, CVE-2012-1165, CVE-2012-1823, CVE-2012-2012, CVE-2012-2013, CVE-2012-2014, CVE-2012-2015, CVE-2012-2016; MD5 | 31d29fe7aaae474acd1185e3d5e9e226; Download | Favorite | View

Mandriva Linux Security Advisory 2012-071: Posted May 10, 2012; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory 2012-071 - This is a bugfix and security advisory that upgrades php to the latest 5.3.13 version for Mandriva Linux Enterprise 5.2 which resolves numerous upstream bugs in php.; tags | advisory, php; systems | linux, mandriva; advisories | CVE-2011-1148, CVE-2011-1657, CVE-2011-1938, CVE-2011-2202, CVE-2011-2483, CVE-2011-3182, CVE-2011-3267, CVE-2011-3268, CVE-2011-3379, CVE-2011-2483, CVE-2011-4566, CVE-2011-4885, CVE-2012-0788, CVE-2012-0807, CVE-2012-0830, CVE-2012-0831, CVE-2012-1172, CVE-2012-1823, CVE-2012-1823, CVE-2012-2335, CVE-2012-2336; MD5 | f031e64124033b6bfd062d5ee8bdec36; Download | Favorite | View

Mandriva Linux Security Advisory 2011-166: Posted Nov 3, 2011; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory 2011-166 - A vulnerability has been identified and fixed in php. The is_a function in PHP 5.3.7 and 5.3.8 triggers a call to the __autoload function, which makes it easier for remote attackers to execute arbitrary code by providing a crafted URL and leveraging potentially unsafe behavior in certain PEAR packages and custom autoloaders. The php-ini-5.3.8 package was missing with the MDVSA-2011:165 advisory and is now being provided, the php-timezonedb package was upgraded to the latest version for 2011. The updated packages have been patched to correct this issue.; tags | advisory, remote, arbitrary, php; systems | linux, mandriva; advisories | CVE-2011-3379; MD5 | 2f9fd1ed46b662fc92a212163565a853; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 160 files
Ubuntu 66 files
Gentoo 13 files
LiquidWorm 12 files
Google Security Research 10 files
George Tsimpidas 5 files
Alexei Kojenov 5 files
Akiner Kisa 4 files
s1l3nt78 4 files
Glazvunov 4 files

File Archives

Systems

AIX (418)
Apple (1,742)
BSD (368)
Cisco (1,898)
Debian (5,945)
Fedora (1,688)
FreeBSD (1,241)
Gentoo (3,957)
HPUX (872)
iOS (274)
iPhone (108)
IRIX (220)
Juniper (67)
Linux (38,649)
Mac OS X (669)
Mandriva (3,105)
NetBSD (255)
OpenBSD (472)
RedHat (9,188)
Slackware (941)
Solaris (1,593)
SUSE (1,444)
Ubuntu (6,938)
UNIX (8,760)
UnixWare (179)
Windows (5,675)
Other

CVE-2011-3379

Overview

Related Files

File Archive:

October 2020

Top Authors In Last 30 Days

File Tags

File Archives

Systems