Vulnerability & Exploit Database

Displaying entries 1 - 10 of 13 in total

Results for: CVE-2012-3587 Back to search

SUSE: CVE-2016-3587: SUSE Linux Security Advisory Vulnerability

  • Severity: 9
  • Published: July 21, 2016

Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot.

CentOS: (CVE-2016-3587) CESA-2016:1458: java-1.8.0-openjdk Vulnerability

  • Severity: 9
  • Published: July 20, 2016

Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot.

ELSA-2015-1135 Important: Oracle Linux php security and bug fix update Vulnerability

  • Severity: 8
  • Published: June 09, 2015

The SoapClient::__call method in ext/soap/soap.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 does not verify that __default_headers is an array, which allows remote attackers to execute arbitrary code by providing crafted serialized data with an unexpected data type, related to a "type confusion" issue.

ELSA-2014-1327 Moderate: Oracle Linux php security update Vulnerability

  • Severity: 7
  • Published: August 22, 2014

Multiple buffer overflows in the php_parserr function in ext/standard/dns.c in PHP before 5.4.32 and 5.5.x before 5.5.16 allow remote DNS servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted DNS record, related to the dns_get_record function and the dn_expand function. NOTE: this issu...

ELSA-2014-1326 Moderate: Oracle Linux php53 and php security update Vulnerability

  • Severity: 7
  • Published: August 22, 2014

Multiple buffer overflows in the php_parserr function in ext/standard/dns.c in PHP before 5.4.32 and 5.5.x before 5.5.16 allow remote DNS servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted DNS record, related to the dns_get_record function and the dn_expand function. NOTE: this issu...

Amazon Linux AMI: Security patch for php55 (ALAS-2014-415) (multiple CVEs) Vulnerability

  • Severity: 6
  • Published: August 22, 2014

gd_ctx.c in the GD component in PHP 5.4.x before 5.4.32 and 5.5.x before 5.5.16 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to overwrite arbitrary files via crafted input to an application that calls the (1) imagegd, (2) imagegd2, (3) imagegif, (4) imagejpeg, (5) imagepng, (6) imagewbmp, or (7) i...