FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  351364
Date:      2014-04-15
Time:      20:21:44Z
Committer: swills

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
59e7163c-cf84-11e2-907b-0025905a4770php5 -- Heap based buffer overflow in quoted_printable_encode

The PHP development team reports:

A Heap-based buffer overflow flaw was found in the php quoted_printable_encode() function. A remote attacker could use this flaw to cause php to crash or execute arbirary code with the permission of the user running php


Discovery 2013-06-06
Entry 2013-06-07
php5
lt 5.4.16

php53
lt 5.3.26

CVE-2013-2110
https://bugzilla.redhat.com/show_bug.cgi?id=964969
5def3175-f3f9-4476-ba40-b46627cc638cPHP5 -- Integer overflow in Calendar module

The PHP development team reports:

Integer overflow in the SdnToJewish function in jewish.c in the Calendar component in PHP before 5.3.26 and 5.4.x before 5.4.16 allows context-dependent attackers to cause a denial of service (application hang) via a large argument to the jdtojewish function.


Discovery 2013-05-22
Entry 2013-07-16
php5
ge 5.4.0 lt 5.4.16

php53
lt 5.3.26

CVE-2013-4635
https://bugs.php.net/bug.php?id=64895
31b145f2-d9d3-49a9-8023-11cf742205dcPHP5 -- Heap corruption in XML parser

The PHP development team reports:

ext/xml/xml.c in PHP before 5.3.27 does not properly consider parsing depth, which allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted document that is processed by the xml_parse_into_struct function.


Discovery 2013-07-10
Entry 2013-07-16
php53
lt 5.3.27

CVE-2013-4113
https://bugs.php.net/bug.php?id=65236