exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

CVE-2020-7066

Status Candidate

Overview

In PHP versions 7.2.x below 7.2.29, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using get_headers() with user-supplied URL, if the URL contains zero (\0) character, the URL will be silently truncated at it. This may cause some software to make incorrect assumptions about the target of the get_headers() and possibly send some information to a wrong server.

Related Files

Red Hat Security Advisory 2020-5275-01
Posted Dec 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5275-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Issues addressed include buffer over-read, buffer overflow, code execution, information leakage, null pointer, and out of bounds read vulnerabilities.

tags | advisory, web, overflow, php, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2019-11045, CVE-2019-11047, CVE-2019-11048, CVE-2019-11050, CVE-2019-19203, CVE-2019-19204, CVE-2019-19246, CVE-2020-7059, CVE-2020-7060, CVE-2020-7062, CVE-2020-7063, CVE-2020-7064, CVE-2020-7065, CVE-2020-7066
SHA-256 | ddd426c8ef5f7f421be7fd6c30c9b19468026fea7ae82304ca8d9ab327159ac2
Download | Favorite | View
Red Hat Security Advisory 2020-3662-01
Posted Sep 8, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3662-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Issues addressed include buffer over-read, buffer overflow, code execution, information leakage, integer overflow, null pointer, out of bounds read, and use-after-free vulnerabilities.

tags | advisory, web, overflow, php, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2019-11039, CVE-2019-11040, CVE-2019-11041, CVE-2019-11042, CVE-2019-11045, CVE-2019-11047, CVE-2019-11048, CVE-2019-11050, CVE-2019-13224, CVE-2019-13225, CVE-2019-16163, CVE-2019-19203, CVE-2019-19204, CVE-2019-19246, CVE-2019-20454, CVE-2020-7059, CVE-2020-7060, CVE-2020-7062, CVE-2020-7063, CVE-2020-7064, CVE-2020-7065, CVE-2020-7066
SHA-256 | 911f6bbed903dbddefb8bd0bba2f0d12e5864b3e566dea3d632a88ddb5ce9853
Download | Favorite | View
Debian Security Advisory 4717-1
Posted Jul 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4717-1 - Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result in information disclosure, denial of service or potentially the execution of arbitrary code.

tags | advisory, denial of service, arbitrary, php, info disclosure
systems | linux, debian
advisories | CVE-2019-11048, CVE-2020-7062, CVE-2020-7063, CVE-2020-7064, CVE-2020-7066, CVE-2020-7067
SHA-256 | fe718d937d6da0a84f641290e2eae9a820ff43ec6736c3b98e6b64910b56ea78
Download | Favorite | View
Debian Security Advisory 4719-1
Posted Jul 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4719-1 - Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result in information disclosure, denial of service or potentially the execution of arbitrary code.

tags | advisory, denial of service, arbitrary, php, info disclosure
systems | linux, debian
advisories | CVE-2019-11048, CVE-2020-7062, CVE-2020-7063, CVE-2020-7064, CVE-2020-7065, CVE-2020-7066, CVE-2020-7067
SHA-256 | d85efbe83bc7651930c4364a972753c6118db5a93bd8bd86f43dc039debc9fa9
Download | Favorite | View
Ubuntu Security Notice USN-4330-2
Posted May 6, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4330-2 - USN-4330-1 fixed vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 20.04 LTS. It was discovered that PHP incorrectly handled certain EXIF files. An attacker could possibly use this issue to access sensitive information or cause a crash. Various other issues were also addressed.

tags | advisory, php, vulnerability
systems | linux, ubuntu
advisories | CVE-2020-7064, CVE-2020-7065, CVE-2020-7066
SHA-256 | a94b47521185bd9a249d259818fed582a247ce53361013c29f4bc1a4c82b6901
Download | Favorite | View
Ubuntu Security Notice USN-4330-1
Posted Apr 15, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4330-1 - It was discovered that PHP incorrectly handled certain file uploads. An attacker could possibly use this issue to cause a crash. It was discovered that PHP incorrectly handled certain PHAR archive files. An attacker could possibly use this issue to access sensitive information. It was discovered that PHP incorrectly handled certain EXIF files. An attacker could possibly use this issue to access sensitive information or cause a crash. Various other issues were also addressed.

tags | advisory, php, file upload
systems | linux, ubuntu
advisories | CVE-2020-7062, CVE-2020-7063, CVE-2020-7064, CVE-2020-7065, CVE-2020-7066
SHA-256 | 103beb00d1081229c9f84f14247061058d88af29920494f71828b3a45201dd63
Download | Favorite | View
Gentoo Linux Security Advisory 202003-57
Posted Mar 27, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202003-57 - Multiple vulnerabilities have been found in PHP, the worst of which could result in the execution of arbitrary shell commands. Versions less than 7.4.4 are affected.

tags | advisory, arbitrary, shell, php, vulnerability
systems | linux, gentoo
advisories | CVE-2018-19518, CVE-2020-7059, CVE-2020-7060, CVE-2020-7061, CVE-2020-7062, CVE-2020-7063, CVE-2020-7064, CVE-2020-7065, CVE-2020-7066
SHA-256 | a0c79fe9ba0d351c734220b280bb4f2ef495f58b8f6283805ea9e702e093c985
Download | Favorite | View
Page 1 of 1
Back1Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close