filip palian vulnerabilities and exploits

(subscribe to this query)

The strrchr function in PHP 5.2 prior to 5.2.14 allows context-dependent malicious users to obtain sensitive information (memory contents) or trigger memory corruption by causing a userspace interruption of an internal function or handler.

Php Php 5.2.11 Php Php 5.2.5 Php Php 5.2.2 Php Php 5.2.9 Php Php 5.2.6 Php Php 5.2.8 Php Php 5.2.0 Php Php 5.2.4 Php Php 5.2.13 Php Php 5.2.12 Php Php 5.2.10 Php Php 5.2.3 Php Php 5.2.1

The Zend Engine in PHP 5.2 up to and including 5.2.13 and 5.3 up to and including 5.3.2 allows context-dependent malicious users to obtain sensitive information by interrupting the handler for the (1) ZEND_BW_XOR opcode (shift_left_function), (2) ZEND_SL opcode (bitwise_xor_funct...

Php Php 5.2.2 Php Php 5.2.3 Php Php 5.2.10 Php Php 5.2.6 Php Php 5.2.7 Php Php 5.3.2 Php Php 5.2.12 Php Php 5.2.4 Php Php 5.2.5 Php Php 5.3.0 Php Php 5.3.1 Php Php 5.2.11 Php Php 5.2.0 Php Php 5.2.1 Php Php 5.2.8 Php Php 5.2.9

The (1) ZipArchive::addGlob and (2) ZipArchive::addPattern functions in ext/zip/php_zip.c in PHP 5.3.6 allow context-dependent malicious users to cause a denial of service (application crash) via certain flags arguments, as demonstrated by (a) GLOB_ALTDIRFUNC and (b) GLOB_APPEND.

The osf_wait4 function in arch/alpha/kernel/osf_sys.c in the Linux kernel prior to 2.6.39.4 on the Alpha platform uses an incorrect pointer, which allows local users to gain privileges by writing a certain integer value to kernel memory.

Linux Linux Kernel 2.6.39 Linux Linux Kernel 2.6.39.1 Linux Linux Kernel Linux Linux Kernel 2.6.39.2

Integer signedness error in the osf_sysinfo function in arch/alpha/kernel/osf_sys.c in the Linux kernel prior to 2.6.39.4 on the Alpha platform allows local users to obtain sensitive information from kernel memory via a crafted call.

Linux Linux Kernel 2.6.39 Linux Linux Kernel 2.6.39.1 Linux Linux Kernel Linux Linux Kernel 2.6.39.2

The qdisc_notify function in net/sched/sch_api.c in the Linux kernel prior to 2.6.35 does not prevent tc_fill_qdisc function calls referencing builtin (aka CQ_F_BUILTIN) Qdisc structures, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) or...

Linux Linux Kernel Redhat Enterprise Linux 4.0

Buffer overflow in the auerswald_probe function in the Auerswald Linux USB driver for the Linux kernel prior to 2.6.27 allows physically proximate malicious users to execute arbitrary code, cause a denial of service via a crafted USB device, or take full control of the system.

Linux Linux Kernel Redhat Enterprise Linux 4.0

1 EDB exploit

The Network Lock Manager (NLM) protocol implementation in the NFS client functionality in the Linux kernel prior to 3.0 allows local users to cause a denial of service (system hang) via a LOCK_UN flock system call.

Linux Linux Kernel Redhat Enterprise Linux Server 5.0 Redhat Enterprise Linux Workstation 5.0 Redhat Enterprise Linux Desktop 5.0

Integer overflow in the vma_to_resize function in mm/mremap.c in the Linux kernel prior to 2.6.39 allows local users to cause a denial of service (BUG_ON and system crash) via a crafted mremap system call that expands a memory mapping.

Linux Linux Kernel 2.6.38 Linux Linux Kernel 2.6.38.3 Linux Linux Kernel Linux Linux Kernel 2.6.38.6 Linux Linux Kernel 2.6.38.1 Linux Linux Kernel 2.6.38.5 Linux Linux Kernel 2.6.38.2 Linux Linux Kernel 2.6.38.4 Linux Linux Kernel 2.6.38.7

1 2 3 4 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook