This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2024-03-28 15:43:32 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
k68These are the vulnerabilities relating to the commit you have selected:
VuXML ID | Description |
---|---|
562a3fdf-16d6-11d9-bc4a-000c41e2cdad | php -- vulnerability in RFC 1867 file upload processing Stefano Di Paola discovered an issue with PHP that could allow someone to upload a file to any directory writeable by the httpd process. Any sanitizing performed on the prepended directory path is ignored. This bug can only be triggered if the $_FILES element name contains an underscore. Discovery 2004-09-15 Entry 2004-09-15 Modified 2004-10-12 php4 php4-cgi le 4.3.8_2 mod_php4 le 4.3.8_2,1 php5 php5-cgi le 5.0.1 mod_php5 le 5.0.1,1 http://marc.theaimsgroup.com/?l=bugtraq&m=109534848430404 http://marc.theaimsgroup.com/?l=bugtraq&m=109648426331965 |
ad74a1bd-16d2-11d9-bc4a-000c41e2cdad | php -- php_variables memory disclosure Stefano Di Paola reports:
Discovery 2004-09-15 Entry 2004-10-05 mod_php4-twig php4-cgi php4-cli php4-dtc php4-horde php4-nms php4 le 4.3.8_2 mod_php mod_php4 ge 4 le 4.3.8_2,1 php5 php5-cgi php5-cli le 5.0.1 mod_php5 le 5.0.1,1 http://marc.theaimsgroup.com/?l=bugtraq&m=109527531130492 |
6821a2db-4ab7-11da-932d-00055d790c25 | PHP -- multiple vulnerabilities A Secunia Advisory reports:
Discovery 2005-10-31 Entry 2005-11-01 mod_php4-twig php4-cgi php4-cli php4-dtc php4-horde php4-nms php4 < 4.4.1 mod_php mod_php4 ge 4 lt 4.4.1,1 http://secunia.com/advisories/17371/ |
d47e9d19-5016-11d9-9b5f-0050569f0001 | php -- multiple vulnerabilities Secunia reports:
Discovery 2004-12-16 Entry 2004-12-17 Modified 2004-12-18 mod_php4-twig php4-cgi php4-cli php4-dtc php4-horde php4-nms php4 < 4.3.10 mod_php mod_php4 ge 4 lt 4.3.10,1 php5 php5-cgi php5-cli < 5.0.3 mod_php5 < 5.0.3,1 http://secunia.com/advisories/13481/ CVE-2004-1019 CVE-2004-1065 http://www.php.net/release_4_3_10.php http://www.hardened-php.net/advisories/012004.txt |