Feed aggregator

Bugtraq: CVE-2015-5207 - Bypass of Access Restrictions in Apache Cordova iOS

Security Focus Latest Security Advisories - April 29, 2016 - 12:00am
CVE-2015-5207 - Bypass of Access Restrictions in Apache Cordova iOS
Categories:

Bugtraq: Re: [ERPSCAN-16-005] SAP HANA hdbxsengine JSON â?? DoS vulnerability

Security Focus Latest Security Advisories - April 29, 2016 - 12:00am
Re: [ERPSCAN-16-005] SAP HANA hdbxsengine JSON â?? DoS vulnerability
Categories:

Bugtraq: CVE-2015-5207 - Bypass of Access Restrictions in Apache Cordova iOS

Security Focus Latest Security Advisories - April 28, 2016 - 8:00am
CVE-2015-5207 - Bypass of Access Restrictions in Apache Cordova iOS
Categories:

CVE-2016-3078: php: integer overflow in ZipArchive::getFrom*

BugTraq Latest Security Advisories - April 28, 2016 - 7:35am

Posted by Hans Jerry Illikainen on Apr 28

Details
=======

An integer wrap may occur in PHP 7.x before version 7.0.6 when reading
zip files with the getFromIndex() and getFromName() methods of
ZipArchive, resulting in a heap overflow.

php-7.0.5/ext/zip/php_zip.c
,----
| 2679 static void php_zip_get_from(INTERNAL_FUNCTION_PARAMETERS, int type) /* {{{ */
| 2680 {
| ....
| 2684 struct zip_stat sb;
| ....
| 2689 zend_long len = 0;
| ....
| 2692 zend_string *buffer;
| ....
| 2702...
Categories: