MyBB versions 1.8.3 and below alongside PHP versions prior to 5.6.30 suffer from a GMP deserialization type confusion vulnerability.
6f585bd28b4ea52da08b574068875a55d67f3ea3d0050fa7544f4931f043f728A use-after-free vulnerability was discovered in unserialize() with SplDoublyLinkedList object's deserialization and crafted object's __wakeup() magic method that can be abused for leaking arbitrary memory blocks or executing arbitrary code remotely. Affected are PHP versions 5.6.12 and below, 5.5.28 and below, and 5.4.44 and below.
7068d7798e322a46c2e69230045e711ecf86cbeed6a1aeb9c0bfd3cc11b7c949A use-after-free vulnerability was discovered in unserialize() with GMP object's deserialization that can be abused for leaking arbitrary memory blocks or executing arbitrary code remotely. Affected are PHP versions prior to 5.6.13.
78b8814f488debb34e76681ef84991ebba8a99b93c4858fce8dfddcbc8a3470bMultiple use-after-free vulnerabilities were discovered in session deserializer (php/php_binary/php_serialize) that can be abused for leaking arbitrary memory blocks or executing arbitrary code remotely. Affected are PHP versions 5.6.12 and below, 5.5.28 and below, and 5.4.44 and below.
379922b40d47340abc8e7b18eb526b13f875829b3cc5a5eb48390af82be079ecA use-after-free vulnerability was discovered in unserialize() with SplObjectStorage object's deserialization and crafted object's __wakeup() magic method that can be abused for leaking arbitrary memory blocks or executing arbitrary code remotely. Affected are PHP versions prior to 5.6.13.
4fd5caf7c4dcacd754676a3cbc4212c2832b480514c1f218168a70d4dc9d6079Multiple use-after-free vulnerabilities were discovered in unserialize() with Serializable class that can be abused for leaking arbitrary memory blocks or for executing arbitrary code remotely. Affected are PHP versions 5.6.12 and below, 5.5.28 and below, and 5.4.44 and below.
77d34f5cfa55e4abcf2086a401126827fa0bf5ae4047ceeb353c35148cd1c48cA use-after-free vulnerability was discovered in unserialize() with SplDoublyLinkedList object's deserialization that can be abused for leaking arbitrary memory blocks or execute arbitrary code remotely.
0871a6862315dddb4b458e935baa1d9975da14b6a2a6fe621eb91c225e281bb8A use-after-free vulnerability was discovered in unserialize() with SplObjectStorage object's deserialization that can be abused for leaking arbitrary memory blocks or execute arbitrary code remotely.
671f2a7c738b31dc6a03417ab29ce95089173d2f3c6b80d8f3156839a758dae5A use-after-free vulnerability was discovered in unserialize() with SPL ArrayObject object's deserialization that can be abused for leaking arbitrary memory blocks or execute arbitrary code remotely.
bdc3dd33954af63076460ec415aa1687a2a7bb0690e51d14cc41bd321bce45d0A type confusion vulnerability was discovered in exception object's __toString()/getTraceAsString() method that can be abused for leaking arbitrary memory blocks or heap overflow.
b3a8329c29d10dca9d7ddc4c0f46af58e29999c11da31e6009cf9c41975e1db6A type confusion vulnerability was discovered in unserialize() with SoapFault object's __toString() magic method that can be abused for leaking arbitrary memory blocks.
628689009bd04f420924af79082ba1d3c89d666f96215bfa8944020190c85c15A use-after-free vulnerability was discovered in unserialize() with a specially defined object's __wakeup() magic method that can be abused for leaking arbitrary memory blocks or execute arbitrary code.
0d7d8aafb8d2a37309dece6abe0be384cb2777387f609c40b05070f50d8937adPHP SoapClient in various PHP versions suffers from a type confusion that allows for information leakage.
e966d500ed0d4194c51186062d3c39579e4b806229a855ac04afddc816ae79eaPHP versions below 5.6.6, below 5.5.22, and below 5.4.38 suffer from a type confusion information leak in DateTimeZone.
960a07af7fc962fbbbd63879673d29572b4d34a6892640c9968ebecc39750216PHP versions below 5.6.6, below 5.5.22, and below 5.4.38 suffer from a use-after-free vulnerability in DateTime.
a243dbfd64f8ccb636b6f3bfc76ae91d623d78d08de0e0aa1aeff9c533da6157MyBB versions 1.8.2 and below suffer from an unset_globals() function bypass and remote code execution vulnerabilities.
a691b9b40b1b09c878c6dabf004797b5a74ac29c49123dfae6aadb61bdba3161phpBB versions 3.1.1 and below suffer from a deregister_globals() bypass vulnerability.
05feb1c2143bc563aea79f035ee6a9f2a25fd7538e2a1eaf959167cbc2e80130
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed