Showing 1 - 3 of 3

CVE-2018-17082

Status Candidate

Overview

The Apache2 component in PHP before 5.6.38, 7.0.x before 7.0.32, 7.1.x before 7.1.22, and 7.2.x before 7.2.10 allows XSS via the body of a "Transfer-Encoding: chunked" request, because the bucket brigade is mishandled in the php_handler function in sapi/apache2handler/sapi_apache2.c.

Related Files

Red Hat Security Advisory 2019-2519-01: Posted Aug 19, 2019; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2019-2519-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Issues addressed include buffer overflow, bypass, cross site scripting, denial of service, information leakage, and null pointer vulnerabilities.; tags | advisory, web, denial of service, overflow, php, vulnerability, xss; systems | linux, redhat; advisories | CVE-2016-10166, CVE-2017-12932, CVE-2017-16642, CVE-2017-9118, CVE-2017-9120, CVE-2018-10545, CVE-2018-10546, CVE-2018-10547, CVE-2018-10548, CVE-2018-10549, CVE-2018-14851, CVE-2018-14884, CVE-2018-17082, CVE-2018-20783, CVE-2018-5711, CVE-2018-5712, CVE-2018-7584, CVE-2019-11034, CVE-2019-11035, CVE-2019-11036, CVE-2019-11038, CVE-2019-11039, CVE-2019-11040, CVE-2019-6977, CVE-2019-9020, CVE-2019-9021, CVE-2019-9022; SHA-256 | acffbdfe90b0a58970132a1847884fe8bf47723bf6191011cc4ac8b281a95407; Download | Favorite | View

Debian Security Advisory 4353-1: Posted Dec 11, 2018; Authored by Debian | Site debian.org; Debian Linux Security Advisory 4353-1 - Multiple security issues were found in PHP, a widely-used open source denial of service/information disclosure when parsing malformed images, the Apache module allowed cross-site-scripting via the body of a insufficient input validation which can result in the execution of arbitrary shell commands in the imap_open() function and denial of service in the imap_mail() function.; tags | advisory, denial of service, arbitrary, shell, php, info disclosure; systems | linux, debian; advisories | CVE-2018-14851, CVE-2018-14883, CVE-2018-17082, CVE-2018-19518, CVE-2018-19935; SHA-256 | 98d965a957a19f94b8ce6435161a43984df2051692685d685860e9e645957bff; Download | Favorite | View

Gentoo Linux Security Advisory 201812-01: Posted Dec 3, 2018; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 201812-1 - Multiple vulnerabilities have been found in PHP, the worst of which could result in a Denial of Service condition. Multiple versions are affected.; tags | advisory, denial of service, php, vulnerability; systems | linux, gentoo; advisories | CVE-2018-10545, CVE-2018-10546, CVE-2018-10548, CVE-2018-10549, CVE-2018-17082; SHA-256 | 35dffac43998c4123c62e030862e8da7560714a07887e99c3b8788a2522a38b8; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 159 files
Ubuntu 45 files
Matthias Deeg 17 files
malvuln 12 files
Google Security Research 5 files
Yvan Genuer 5 files
Steffen Robertz 4 files
T. Weber 3 files
Jeremy Brown 3 files
nu11secur1ty 3 files

File Archives

Systems

AIX (426)
Apple (1,883)
BSD (368)
CentOS (55)
Cisco (1,913)
Debian (5,948)
Fedora (1,690)
FreeBSD (1,241)
Gentoo (4,152)
HPUX (878)
iOS (318)
iPhone (108)
IRIX (220)
Juniper (67)
Linux (42,395)
Mac OS X (683)
Mandriva (3,105)
NetBSD (255)
OpenBSD (478)
RedHat (11,712)
Slackware (941)
Solaris (1,607)
SUSE (1,444)
Ubuntu (7,860)
UNIX (9,079)
UnixWare (185)
Windows (6,424)
Other

CVE-2018-17082

Overview

Related Files

File Archive:

July 2022

Top Authors In Last 30 Days

File Tags

File Archives

Systems