96 matches found
RHEL 5 / 6 : php53 and php (RHSA-2014:1326)
Updated php53 and php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6 respectively. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severi...
[slackware-security] php
New php packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/php-5.4.32-i486-1slack14.1.txz: Upgraded. This update fixes bugs and security issues. For more information, see...
openSUSE Security Update : php5 (openSUSE-2014-471)
php5 was updated to fix security issues : CVE-2014-4670: Use-after-free vulnerability in ext/spl/spldllist.c in the SPL component in PHP allowed context-dependent attackers to cause a denial of service or possibly have unspecified other impact via crafted iterator usage within applications in...
PHP 5.5.x < 5.5.15 Multiple Vulnerabilities
According to its banner, the version of PHP 5.5.x in use on the remote web server is a version prior to 5.5.15. It is, therefore, affected by the following vulnerabilities : - A use-after-free error exists in the file 'ext/spl/spldllist.c' related to the Standard PHP Library SPL. Using a speciall...
Ubuntu: Security Advisory (USN-2276-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[USN-2276-1] PHP vulnerabilities
========================================================================== Ubuntu Security Notice USN-2276-1 July 09, 2014 php5 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubunt...
CVE-2014-4698
CVE-2014-4698 describes a use-after-free in the SPL component of PHP (ext/spl/spl_array.c) affecting PHP up to version 5.5.14. The vulnerability can allow a context-dependent attacker to cause a denial of service or possibly have unspecified other impact through crafted ArrayIterator usage in app...
KLA10290 DoS vulnerability in PHP
A use-after-free vulnerability was found in PHP. By exploiting this vulnerability malicious users can cause denial of service or cause other unspecified impact. This vulnerability can be exploited locally at a point related to SPL. Original advisories PHP bugtracker Related products PHP CVE list...
USN-2276-1: PHP vulnerabilities
Francisco Alonso discovered that the PHP Fileinfo component incorrectly handled certain CDF documents. A remote attacker could use this issue to cause PHP to hang or crash, resulting in a denial of service. CVE-2014-0207, CVE-2014-3478, CVE-2014-3479, CVE-2014-3480, CVE-2014-3487 Stefan Esser...
openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2011:0276-1)
php5 was updated to fix several security issues. CVE-2010-3709, CVE-2010-4150, CVE-2010-4645, CVE-2010-4697, CVE-2010-4698, CVE-2010-4699, CVE-2010-4700, CVE-2011-0752, CVE-2011-0753, CVE-2011-0755,CVE-2011-0708, CVE-2011-0420 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive...
CVE-2013-4698
Cybozu Mailwise 5.0.4 and 5.0.5 are affected by an information-disclosure vulnerability where remote authenticated users can view contents of other emails by reading Subject header lines in their own mailbox. Root cause: improper handling of Subject headers enables cross-email visibility in oppor...
PHP < 5.3.4 Multiple Vulnerabilities
PHP is prone to multiple vulnerabilities. Copyright C 2012 NopSec Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or...
PHP 5.2 < 5.2.15 Multiple Vulnerabilities
PHP is prone to multiple vulnerabilities. Copyright C 2012 NopSec Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or...
CVE-2011-4698
The CVE-2011-4698 entry concerns the AndroidAppTools Easy Filter (com.phoneblocker.android) app versions 1.1 and 1.2 on Android. The described issue is improper data protection that enables a remote attacker to read or modify SMS messages and call records via a crafted application. No remediation...
SuSE 10 Security Update : PHP5 (ZYPP Patch Number 7393)
PHP5 was updated to fix several security issues. CVE-2010-4150 / CVE-2010-4645 / CVE-2010-4697 / CVE-2010-4698 / CVE-2010-4699 / CVE-2011-0708 / CVE-2011-0752 / CVE-2011-0753 / CVE-2011-0755 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...
SuSE 11.1 Security Update : Sun/Oracle Java (SAT Patch Number 4698)
Oracle Java 6 Update 26 fixes several security vulnerabilities. Please refer to Oracle's site for further information: http://www.oracle.com/technetwork/topics/security/javacpujune2011-3133 39.html %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in thi...
Ubuntu 6.06 LTS / 8.04 LTS / 9.10 / 10.04 LTS / 10.10 / 11.04 : php5 vulnerabilities (USN-1126-1)
Stephane Chazelas discovered that the /etc/cron.d/php5 cron job for PHP 5.3.5 allows local users to delete arbitrary files via a symlink attack on a directory under /var/lib/php5/. CVE-2011-0441 Raphael Geisert and Dan Rosenberg discovered that the PEAR installer allows local users to overwrite...
Ubuntu 6.06 LTS / 8.04 LTS / 9.10 / 10.04 LTS / 10.10 / 11.04 : php5 regressions (USN-1126-2)
USN 1126-1 fixed several vulnerabilities in PHP. The fix for CVE-2010-4697 introduced an incorrect reference counting regression in the Zend engine that caused the PHP interpreter to segfault. This regression affects Ubuntu 6.06 LTS and Ubuntu 8.04 LTS. The fixes for CVE-2011-1072 and CVE-2011-11...
USN-1126-2: PHP Regressions
USN 1126-1 fixed several vulnerabilities in PHP. The fix for CVE-2010-4697 introduced an incorrect reference counting regression in the Zend engine that caused the PHP interpreter to segfault. This regression affects Ubuntu 6.06 LTS and Ubuntu 8.04 LTS. The fixes for CVE-2011-1072 and CVE-2011-11...
openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2011:0276-1)
php5 was updated to fix several security issues. CVE-2010-3709, CVE-2010-4150, CVE-2010-4645, CVE-2010-4697, CVE-2010-4698, CVE-2010-4699, CVE-2010-4700, CVE-2011-0752, CVE-2011-0753, CVE-2011-0755,CVE-2011-0708, CVE-2011-0420 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive...