CVE-2010-1467
published 2010-04-16CVE-2010-1467: Multiple PHP remote file inclusion vulnerabilities in openUrgence Vaccin 1.03 allow remote attackers to execute arbitrary PHP code via a URL in the path_om…
PriorityP345high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
2.25%
80.7th percentile
Multiple PHP remote file inclusion vulnerabilities in openUrgence Vaccin 1.03 allow remote attackers to execute arbitrary PHP code via a URL in the path_om parameter to (1) collectivite.class.php, (2) injection.class.php, (3) utilisateur.class.php, (4) droit.class.php, (5) laboratoire.class.php, (6) vaccin.class.php, (7) effetsecondaire.class.php, (8) medecin.class.php, (9) individu.class.php, and (10) profil.class.php in gen/obj/.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| francois_raynaud | openurgence_vaccin | — | — |
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vendor_redhat5.0MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-73cg-6jpw-45j6: Multiple PHP remote file inclusion vulnerabilities in openUrgence Vaccin 1
ghsa_unreviewed·2022-05-02
CVE-2010-1467 [HIGH] CWE-94 GHSA-73cg-6jpw-45j6: Multiple PHP remote file inclusion vulnerabilities in openUrgence Vaccin 1
Multiple PHP remote file inclusion vulnerabilities in openUrgence Vaccin 1.03 allow remote attackers to execute arbitrary PHP code via a URL in the path_om parameter to (1) collectivite.class.php, (2) injection.class.php, (3) utilisateur.class.php, (4) droit.class.php, (5) laboratoire.class.php, (6) vaccin.class.php, (7) effetsecondaire.class.php, (8) medecin.class.php, (9) individu.class.php, and (10) profil.class.php in gen/obj/.
Red Hat
php: NumberFormatter: set a symbol value crash (DoS) on bogus values
vendor_redhat·2010-12-07·CVSS 5.0
CVE-2011-1467 [MEDIUM] php: NumberFormatter: set a symbol value crash (DoS) on bogus values
php: NumberFormatter: set a symbol value crash (DoS) on bogus values
Unspecified vulnerability in the NumberFormatter::setSymbol (aka numfmt_set_symbol) function in the Intl extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (application crash) via an invalid argument, a related issue to CVE-2010-4409.
Statement: This issue did not affect the versions of PHP as shipped with Red Hat Enterprise Linux 4 and 5. The getSymbol() and setSymbol() functions are unlikely to ever receive untrusted input as an $attr argument, and it is even less likely that they would receive such input when only a small set of pre-defined constants is expected. As a result, this flaw can only be triggered by the script author and cannot be used to cross trust boundaries. T
No detection rules found.
Bugzilla
CVE-2011-1467 php: NumberFormatter: set a symbol value crash (DoS) on bogus values
bugzilla·2011-03-25·CVSS 5.0
CVE-2011-1467 [MEDIUM] CVE-2011-1467 php: NumberFormatter: set a symbol value crash (DoS) on bogus values
CVE-2011-1467 php: NumberFormatter: set a symbol value crash (DoS) on bogus values
Common Vulnerabilities and Exposures assigned an identifier CVE-2011-1467 to
the following vulnerability:
Unspecified vulnerability in the NumberFormatter::setSymbol (aka
numfmt_set_symbol) function in the Intl extension in PHP before 5.3.6
allows context-dependent attackers to cause a denial of service
(application crash) via an invalid argument, a related issue to
CVE-2010-4409.
References:
[1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1467
[2] http://bugs.php.net/bug.php?id=53512
[3] http://www.php.net/ChangeLog-5.php
Upstream patch:
[4] http://svn.php.net/viewvc/?view=revision&revision=306154
[5] http://svn.php.net/viewvc/?view=revision&revision=306157
(test case)
Discussion:
Public Po
Bugzilla
CVE-2010-2074 w3m: doesn't handle NULL in Common Name properly
bugzilla·2010-06-16·CVSS 5.9
CVE-2010-2074 [MEDIUM] CVE-2010-2074 w3m: doesn't handle NULL in Common Name properly
CVE-2010-2074 w3m: doesn't handle NULL in Common Name properly
Common Vulnerabilities and Exposures assigned an identifier CVE-2010-2074 to
the following vulnerability:
Name: CVE-2010-2074
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2074
Assigned: 20100525
Reference: MLIST:[oss-security] 20100614 CVE Request: w3m does not check null bytes CN/subjAltName
Reference: URL: http://www.openwall.com/lists/oss-security/2010/06/14/4
Reference: BID:40837
Reference: URL: http://www.securityfocus.com/bid/40837
Reference: SECUNIA:40134
Reference: URL: http://secunia.com/advisories/40134
Reference: VUPEN:ADV-2010-1467
Reference: URL: http://www.vupen.com/english/advisories/2010/1467
istream.c in w3m 0.5.2 and possibly other versions, when
ssl_verify_server is enabled, does not properl
http://secunia.com/advisories/39400http://www.exploit-db.com/exploits/12193http://www.securityfocus.com/bid/39412https://exchange.xforce.ibmcloud.com/vulnerabilities/57815http://secunia.com/advisories/39400http://www.exploit-db.com/exploits/12193http://www.securityfocus.com/bid/39412https://exchange.xforce.ibmcloud.com/vulnerabilities/57815
2010-04-16
Published