php handle iff software vulnerabilities
vulnerabilities.aspcode.net
Searching php handle iff software vulnerabilities
A network intrusion detection system (IDS) does
detection
|
intrusion
|
network
|
system
|
A network intrusion detection system (IDS) does not properly handle packets that are sent out of order, allowing an attacker to escape detection.
A network intrusion detection system (IDS) does
detection
|
intrusion
|
network
|
system
|
A network intrusion detection system (IDS) does not properly handle packets with improper sequence numbers.
A network intrusion detection system (IDS) does
detection
|
intrusion
|
network
|
system
|
A network intrusion detection system (IDS) does not properly handle data within TCP handshake packets.
Linux CUPS before 1.1.6 does not securely handl
before
|
Linux
|
CUPS
|
Linux CUPS before 1.1.6 does not securely handle temporary files, possibly due to a symlink vulnerability that could allow local users to overwrite files.
The prefork MPM in Apache 2 before 2.0.47 does
prefork
|
Apache
|
before
|
MPM
|
The prefork MPM in Apache 2 before 2.0.47 does not properly handle certain errors from accept, which could lead to a denial of service.
The tvb_get_nstringz0 function in Ethereal 0.9.
tvb_get_nstringz0
|
Ethereal
|
function
|
The tvb_get_nstringz0 function in Ethereal 0.9.12 and earlier does not properly handle a zero-length buffer size, with unknown consequences.
AppleFileServer (AFS) in Apple Mac OS X 10.2.8
AppleFileServer
|
AppleFileServer (AFS) in Apple Mac OS X 10.2.8 and 10.3.2 does not properly handle certain malformed requests, with unknown impact.
SUSE Linux Enterprise Server 9 on the S/390 pla
instruction
|
privileged
|
Enterprise
|
privileges
|
properly
|
platform
|
certain
|
allows
|
handle
|
Server
|
Linux
|
users
|
local
|
which
|
S/390
|
gain
|
root
|
does
|
SUSE
|
not
|
SUSE Linux Enterprise Server 9 on the S/390 platform does not properly handle a certain privileged instruction, which allows local users to gain root privileges.
Multiple buffer overflows in the handle_directi
handle_directive
|
overflows
|
function
|
Multiple
|
abcppc
|
buffer
|
abcpp
|
Multiple buffer overflows in the handle_directive function in abcpp.c for abcpp 1.3.0 allow remote attackers to execute arbitrary code via crafted ABC files.
JRun 4.0 does not properly generate and handle
JSESSIONID
|
attackers
|
generate
|
fixation
|
properly
|
perform
|
session
|
user's
|
attack
|
hijack
|
handle
|
allows
|
remote
|
which
|
JRun
|
does
|
HTTP
|
not
|
JRun 4.0 does not properly generate and handle the JSESSIONID, which allows remote attackers to perform a session fixation attack and hijack a user's HTTP session.
PROMS 0.11 does not properly handle "certain co
PROMS
|
PROMS 0.11 does not properly handle "certain combinations of rights," which gives more rights to users than intended.
Cross-site scripting (XSS) vulnerability in hea
Cross-site
|
scripting
|
Cross-site scripting (XSS) vulnerability in header.php in PunBB 1.2.10 allows remote attackers to inject arbitrary web script or HTML via the URL, which is not properly handled when the PHP_SELF variable is used to handle a pun_page tag.
fantastico in Cpanel does not properly handle w
authenticated
|
insufficient
|
permissions
|
operations
|
fantastico
|
pathname
|
properly
|
perform
|
certain
|
message
|
allows
|
remote
|
leaked
|
obtain
|
handle
|
Cpanel
|
error
|
users
|
which
|
full
|
does
|
file
|
PHP
|
not
|
has
|
fantastico in Cpanel does not properly handle when it has insufficient permissions to perform certain file operations, which allows remote authenticated users to obtain the full pathname, which is leaked in a PHP error message.
The Server Message Block (SMB) driver (MRXSMB.S
Message
|
Server
|
Block
|
The Server Message Block (SMB) driver (MRXSMB.SYS) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows local users to cause a denial of service (hang) via by calling the MrxSmbCscIoctlCloseForCopyChunk with the file handle of the shadow device, which results in a deadlock, aka the "SMB Invalid Handle Vulnerability."
phpBB 2.0.21 does not properly handle pathnames
phpBB
|
phpBB 2.0.21 does not properly handle pathnames ending in %00, which allows remote authenticated administrative users to upload arbitrary files, as demonstrated by a query to admin/admin_board.php with an avatar_path parameter ending in .php%00.
users_adm/start1.php in IMGallery 2.5 and earli
users_adm/start1php
|
authenticated
|
extensions
|
arbitrary
|
IMGallery
|
multiple
|
properly
|
earlier
|
scripts
|
execute
|
remote
|
upload
|
handle
|
allows
|
files
|
which
|
users
|
does
|
PHP
|
not
|
users_adm/start1.php in IMGallery 2.5 and earlier does not properly handle files with multiple extensions, which allows remote authenticated users to upload and execute arbitrary PHP scripts.
The fopen function in PHP 5.2.0 does not proper
function
|
fopen
|
PHP
|
The fopen function in PHP 5.2.0 does not properly handle invalid URI handlers, which allows context-dependent attackers to bypass safe_mode restrictions and read arbitrary files via a file path specified with an invalid URI, as demonstrated via the srpath URI.
Buffer overflow in IrfanView 4.00 and earlier a
IrfanView
|
overflow
|
Buffer
|
Buffer overflow in IrfanView 4.00 and earlier allows user-assisted remote attackers to execute arbitrary code via a crafted .IFF file.
The zend_alter_ini_entry function in PHP before
zend_alter_ini_entry
|
function
|
before
|
PHP
|
The zend_alter_ini_entry function in PHP before 5.2.4 does not properly handle an interruption to the flow of execution triggered by a memory_limit violation, which has unknown impact and attack vectors.
Certain chunk handlers in libpng before 1.0.29
handlers
|
Certain
|
before
|
libpng
|
chunk
|
Certain chunk handlers in libpng before 1.0.29 and 1.2.x before 1.2.21 allow remote attackers to cause a denial of service (crash) via crafted (1) pCAL (png_handle_pCAL), (2) sCAL (png_handle_sCAL), (3) tEXt (png_push_read_tEXt), (4) iTXt (png_handle_iTXt), and (5) ztXT (png_handle_ztXt) chunking in PNG images, which trigger out-of-bounds read operations.
Software vulnerabilities results 1 to 20 of 3022
Page:
1
2
3
4
5
...
152
►