Showing 1 - 3 of 3

CVE-2018-17082

Status Candidate

Overview

The Apache2 component in PHP before 5.6.38, 7.0.x before 7.0.32, 7.1.x before 7.1.22, and 7.2.x before 7.2.10 allows XSS via the body of a "Transfer-Encoding: chunked" request, because the bucket brigade is mishandled in the php_handler function in sapi/apache2handler/sapi_apache2.c.

Related Files

Red Hat Security Advisory 2019-2519-01: Posted Aug 19, 2019; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2019-2519-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Issues addressed include buffer overflow, bypass, cross site scripting, denial of service, information leakage, and null pointer vulnerabilities.; tags | advisory, web, denial of service, overflow, php, vulnerability, xss; systems | linux, redhat; advisories | CVE-2016-10166, CVE-2017-12932, CVE-2017-16642, CVE-2017-9118, CVE-2017-9120, CVE-2018-10545, CVE-2018-10546, CVE-2018-10547, CVE-2018-10548, CVE-2018-10549, CVE-2018-14851, CVE-2018-14884, CVE-2018-17082, CVE-2018-20783, CVE-2018-5711, CVE-2018-5712, CVE-2018-7584, CVE-2019-11034, CVE-2019-11035, CVE-2019-11036, CVE-2019-11038, CVE-2019-11039, CVE-2019-11040, CVE-2019-6977, CVE-2019-9020, CVE-2019-9021, CVE-2019-9022; MD5 | 78b5fcb3a3c8f8ee710500de6377153e; Download | Favorite | View

Debian Security Advisory 4353-1: Posted Dec 11, 2018; Authored by Debian | Site debian.org; Debian Linux Security Advisory 4353-1 - Multiple security issues were found in PHP, a widely-used open source denial of service/information disclosure when parsing malformed images, the Apache module allowed cross-site-scripting via the body of a insufficient input validation which can result in the execution of arbitrary shell commands in the imap_open() function and denial of service in the imap_mail() function.; tags | advisory, denial of service, arbitrary, shell, php, info disclosure; systems | linux, debian; advisories | CVE-2018-14851, CVE-2018-14883, CVE-2018-17082, CVE-2018-19518, CVE-2018-19935; MD5 | d9b1a99e04d2c1e6335bb4aef129d5a1; Download | Favorite | View

Gentoo Linux Security Advisory 201812-01: Posted Dec 3, 2018; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 201812-1 - Multiple vulnerabilities have been found in PHP, the worst of which could result in a Denial of Service condition. Multiple versions are affected.; tags | advisory, denial of service, php, vulnerability; systems | linux, gentoo; advisories | CVE-2018-10545, CVE-2018-10546, CVE-2018-10548, CVE-2018-10549, CVE-2018-17082; MD5 | 855d25fbb1fcefb9b726efaee310ece2; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 79 files
malvuln 56 files
Ubuntu 43 files
Gentoo 33 files
LiquidWorm 12 files
SunCSR 7 files
Richard Jones 6 files
Mesut Cetin 6 files
Jeremy Brown 5 files
Arnav Tripathy 5 files

File Archives

Systems

AIX (421)
Apple (1,764)
BSD (368)
Cisco (1,902)
Debian (5,945)
Fedora (1,688)
FreeBSD (1,241)
Gentoo (4,033)
HPUX (873)
iOS (281)
iPhone (108)
IRIX (220)
Juniper (67)
Linux (39,287)
Mac OS X (672)
Mandriva (3,105)
NetBSD (255)
OpenBSD (472)
RedHat (9,590)
Slackware (941)
Solaris (1,597)
SUSE (1,444)
Ubuntu (7,076)
UNIX (8,826)
UnixWare (180)
Windows (5,749)
Other

CVE-2018-17082

Overview

Related Files

File Archive:

January 2021

Top Authors In Last 30 Days

File Tags

File Archives

Systems