Showing 1 - 6 of 6

CVE-2019-9024

Status Candidate

Overview

An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. xmlrpc_decode() can allow a hostile XMLRPC server to cause PHP to read memory outside of allocated areas in base64_decode_xmlrpc in ext/xmlrpc/libxmlrpc/base64.c.

Related Files

Red Hat Security Advisory 2020-1624-01: Posted Apr 28, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-1624-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Issues addressed include buffer overflow, information leakage, integer overflow, and out of bounds read vulnerabilities.; tags | advisory, web, overflow, php, vulnerability; systems | linux, redhat; advisories | CVE-2018-20783, CVE-2019-11034, CVE-2019-11035, CVE-2019-11036, CVE-2019-11039, CVE-2019-11040, CVE-2019-11041, CVE-2019-11042, CVE-2019-9020, CVE-2019-9021, CVE-2019-9022, CVE-2019-9023, CVE-2019-9024, CVE-2019-9637, CVE-2019-9638, CVE-2019-9639, CVE-2019-9640; SHA-256 | c96e8fee80a645f0904ada7ce87f3c2527621cbf495aebd6725f9632d78932a0; Download | Favorite | View

Red Hat Security Advisory 2020-1112-01: Posted Apr 1, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-1112-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Issues addressed include a cross site scripting vulnerability.; tags | advisory, web, php, xss; systems | linux, redhat; advisories | CVE-2018-10547, CVE-2018-5712, CVE-2018-7584, CVE-2019-9024; SHA-256 | 0ca548e0ef7f72ae710a0a6b1dd6e143afe4e960d46770e9909508108156f05c; Download | Favorite | View

Red Hat Security Advisory 2019-3299-01: Posted Nov 1, 2019; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2019-3299-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Issues addressed include buffer overflow and information leakage vulnerabilities.; tags | advisory, web, overflow, php, vulnerability; systems | linux, redhat; advisories | CVE-2016-10166, CVE-2018-20783, CVE-2019-11034, CVE-2019-11035, CVE-2019-11036, CVE-2019-11038, CVE-2019-11039, CVE-2019-11040, CVE-2019-11041, CVE-2019-11042, CVE-2019-11043, CVE-2019-6977, CVE-2019-9020, CVE-2019-9021, CVE-2019-9022, CVE-2019-9023, CVE-2019-9024, CVE-2019-9637, CVE-2019-9638, CVE-2019-9639, CVE-2019-9640; SHA-256 | 3e6fa23a90586dc864b7d2f66f36956feb884ebbfb6236d5061b8a831b9c3da8; Download | Favorite | View

Ubuntu Security Notice USN-3902-2: Posted Mar 12, 2019; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 3902-2 - USN-3902-1 fixed a vulnerability in PHP. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that the PHP XML-RPC module incorrectly handled decoding XML data. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service. Various other issues were also addressed.; tags | advisory, remote, denial of service, php; systems | linux, ubuntu; advisories | CVE-2019-9020, CVE-2019-9021, CVE-2019-9023, CVE-2019-9024; SHA-256 | 8c5cc0af99e03f737cb519150962c02823fb921e860b9c2988049030499ed991; Download | Favorite | View

Ubuntu Security Notice USN-3902-1: Posted Mar 6, 2019; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 3902-1 - It was discovered that the PHP XML-RPC module incorrectly handled decoding XML data. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service. It was discovered that the PHP PHAR module incorrectly handled certain filenames. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service. It was discovered that PHP incorrectly parsed certain DNS responses. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS. Various other issues were also addressed.; tags | advisory, remote, denial of service, php; systems | linux, ubuntu; advisories | CVE-2019-9020, CVE-2019-9021, CVE-2019-9022, CVE-2019-9023, CVE-2019-9024; SHA-256 | c8e41445031ceeae1b65118e4b06e45ae66592a97f879619103917d898a7d5f1; Download | Favorite | View

Debian Security Advisory 4398-1: Posted Mar 1, 2019; Authored by Debian | Site debian.org; Debian Linux Security Advisory 4398-1 - Multiple security issues were found in PHP, a widely-used open source accesses were found in the xmlrpc, mbstring and phar extensions and the dns_get_record() function.; tags | advisory, php; systems | linux, debian; advisories | CVE-2019-9020, CVE-2019-9021, CVE-2019-9022, CVE-2019-9023, CVE-2019-9024; SHA-256 | bb6f100c0cfb913e1e3fe016d99002b7a50d51a8a65b9ce07de097341cf78649; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 223 files
Ubuntu 57 files
LiquidWorm 23 files
Debian 19 files
indoushka 15 files
Apple 9 files
Google Security Research 5 files
Gentoo 5 files
Chokri Hammedi 3 files
Alter Prime 3 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,158)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,830)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,245)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,969)
UNIX (9,474)
UnixWare (188)
Windows (6,784)
Other

CVE-2019-9024

Overview

Related Files

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems