Lucene search
OracleLinuxELSA-2018-0406HistoryMar 07, 2018 - 12:00 a.m.
php security update
2018-03-0700:00:00
linux.oracle.com
12
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.298 Low
EPSS
Percentile
96.4%
[5.4.16-43.1]
- gd: fix buffer over-read into uninitialized memory CVE-2017-7890
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 7 | src | php | < 5.4.16-43.el7_4.1 | php-5.4.16-43.el7_4.1.src.rpm |
| oracle linux | 7 | x86_64 | php | < 5.4.16-43.el7_4.1 | php-5.4.16-43.el7_4.1.x86_64.rpm |
| oracle linux | 7 | x86_64 | php-bcmath | < 5.4.16-43.el7_4.1 | php-bcmath-5.4.16-43.el7_4.1.x86_64.rpm |
| oracle linux | 7 | x86_64 | php-cli | < 5.4.16-43.el7_4.1 | php-cli-5.4.16-43.el7_4.1.x86_64.rpm |
| oracle linux | 7 | x86_64 | php-common | < 5.4.16-43.el7_4.1 | php-common-5.4.16-43.el7_4.1.x86_64.rpm |
| oracle linux | 7 | x86_64 | php-dba | < 5.4.16-43.el7_4.1 | php-dba-5.4.16-43.el7_4.1.x86_64.rpm |
| oracle linux | 7 | x86_64 | php-devel | < 5.4.16-43.el7_4.1 | php-devel-5.4.16-43.el7_4.1.x86_64.rpm |
| oracle linux | 7 | x86_64 | php-embedded | < 5.4.16-43.el7_4.1 | php-embedded-5.4.16-43.el7_4.1.x86_64.rpm |
| oracle linux | 7 | x86_64 | php-enchant | < 5.4.16-43.el7_4.1 | php-enchant-5.4.16-43.el7_4.1.x86_64.rpm |
| oracle linux | 7 | x86_64 | php-fpm | < 5.4.16-43.el7_4.1 | php-fpm-5.4.16-43.el7_4.1.x86_64.rpm |
Related
checkpoint_advisories
checkpoint_advisories
PHP gdImageCreateFromGifCtx Out of Bounds Read (CVE-2017-7890)
2017-08-10 00:00:00
debiancve
debiancve
CVE-2017-7890
2017-08-02 19:29:00
openvas
openvas
Ubuntu: Security Advisory (USN-3389-1)
2018-10-26 00:00:00
CentOS Update for php CESA-2018:0406 centos7
2018-03-14 00:00:00
Ubuntu: Security Advisory (USN-3389-2)
2022-08-26 00:00:00
nessus
nessus
EulerOS Virtualization 2.5.0 : php (EulerOS-SA-2018-1249)
2018-09-18 00:00:00
Scientific Linux Security Update : php on SL7.x x86_64 (20180306)
2018-03-08 00:00:00
Debian DLA-1055-1 : libgd2 security update
2017-08-14 00:00:00
centos
centos
php security update
2018-03-10 01:07:54
ubuntu
ubuntu
GD vulnerability
2017-08-14 00:00:00
GD vulnerability
2017-08-14 00:00:00
ubuntucve
ubuntucve
CVE-2017-7890
2017-08-02 00:00:00
osv
osv
CVE-2017-7890
2017-08-02 19:29:00
libgd2 - security update
2017-08-12 00:00:00
libgd2 - security update
2017-08-12 00:00:00
veracode
veracode
Information Disclosure
2019-05-16 02:59:59
Use After Free
2019-05-16 02:59:58
cve
cve
CVE-2017-7890
2017-08-02 19:29:00
freebsd
freebsd
php-gd and gd -- Buffer over-read into uninitialized memory
2017-08-02 00:00:00
alpinelinux
alpinelinux
CVE-2017-7890
2017-08-02 19:29:00
debian
debian
[SECURITY] [DSA 3938-1] libgd2 security update
2017-08-12 12:37:19
[SECURITY] [DLA 1055-1] libgd2 security update
2017-08-12 21:36:16
[SECURITY] [DSA 3938-1] libgd2 security update
2017-08-12 12:37:19
prion
prion
Information disclosure
2017-08-02 19:29:00
ibm
ibm
Security Bulletin: A vulnerability in PHP affects PowerKVM
2018-06-18 01:42:20
redhatcve
redhatcve
CVE-2017-7890
2017-07-21 19:18:29
redhat
redhat
(RHSA-2018:0406) Moderate: php security update
2018-03-06 18:36:35
f5
f5
PHP vulnerabilities CVE-2017-9226 and CVE-2017-7890
2017-08-08 00:03:00
K01709026 : PHP vulnerabilities CVE-2017-7890 and CVE-2017-9226
2017-08-07 00:00:00
fedora
fedora
[SECURITY] Fedora 27 Update: gd-2.2.5-1.fc27
2017-09-30 07:21:04
[SECURITY] Fedora 25 Update: gd-2.2.5-1.fc25
2017-09-06 20:52:42
[SECURITY] Fedora 26 Update: gd-2.2.5-1.fc26
2017-09-02 22:27:10
slackware
slackware
[slackware-security] gd
2018-04-19 01:44:39
mageia
mageia
Updated php and libgd packages fix security vulnerabilities
2017-08-08 01:16:24
amazon
amazon
Medium: php70
2017-08-03 20:38:00
suse
suse
Security update for php7 (important)
2017-09-04 12:07:53
Security update for php7 (important)
2017-08-30 19:30:52
cloudlinux
cloudlinux
Fix of 227 CVE
2020-10-15 12:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1950
2021-07-02 17:57:45
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.298 Low
EPSS
Percentile
96.4%
Related for ELSA-2018-0406