39 matches found
Improper Input Validation
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way the PHP module for the Apache httpd web server handled pipelined requests. A remote attacker could use this flaw to trigger the execution of a PHP script in a deinitialized interprete...
Denial Of Service (DoS)
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The php54 packages provide a recent stable release of PHP with the PEAR 1.9.4, APC 3.1.15, and memcache 3.0.8 PECL extensions, and a number of additional utilities. The php54 packages have been upgraded to...
file: multiple denial of service issues (resource consumption)
Multiple flaws were found in the way the File Information fileinfo extension parsed Executable and Linkable Format ELF files. A remote attacker could use either of these flaws to cause a PHP application using fileinfo to consume an excessive amount of system resources...
file: limit the number of ELF notes processed
A flaw was found in the way the File Information fileinfo extension parsed Executable and Linkable Format ELF files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted ELF file...
file: malformed elf file causes access to uninitialized memory
A flaw was found in the way the File Information fileinfo extension parsed Executable and Linkable Format ELF files. A remote attacker could use this flaw to cause a PHP application using fileinfo to crash or disclose certain portions of server memory...
file: cdf_check_stream_offset insufficient boundary check
A denial of service flaw was found in the way the File Information fileinfo extension parsed certain Composite Document Format CDF files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file...
file: multiple denial of service issues (resource consumption)
Multiple flaws were found in the way the File Information fileinfo extension parsed Executable and Linkable Format ELF files. A remote attacker could use either of these flaws to cause a PHP application using fileinfo to consume an excessive amount of system resources...
file: cdf_count_chain insufficient boundary check
A denial of service flaw was found in the way the File Information fileinfo extension parsed certain Composite Document Format CDF files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file...
file: cdf_unpack_summary_info() excessive looping DoS
A denial of service flaw was found in the way the File Information fileinfo extension parsed certain Composite Document Format CDF files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file...
file: incomplete fix for CVE-2012-1571 in cdf_read_property_info
It was found that the fix for CVE-2012-1571 was incomplete; the File Information fileinfo extension did not correctly parse certain Composite Document Format CDF files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file...
Moderate: Red Hat Security Advisory: php55 security and bug fix update
Updated php55 collection packages that fix multiple security issues and several bugs are now available as part of Red Hat Software Collections 2. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...
CentOS 5 : php53 (CESA-2014:1768)
Updated php53 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available...
file: cdf_read_short_sector insufficient boundary check
A denial of service flaw was found in the way the File Information fileinfo extension parsed certain Composite Document Format CDF files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file...
file: incomplete fix for CVE-2012-1571 in cdf_read_property_info
It was found that the fix for CVE-2012-1571 was incomplete; the File Information fileinfo extension did not correctly parse certain Composite Document Format CDF files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file...
file: out-of-bounds read in elf note headers
An out-of-bounds read flaw was found in the way the File Information fileinfo extension parsed Executable and Linkable Format ELF files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted ELF file...
file: extensive backtracking in awk rule regular expression
A denial of service flaw was found in the File Information fileinfo extension rules for detecting AWK files. A remote attacker could use this flaw to cause a PHP application using fileinfo to consume an excessive amount of CPU...
file: cdf_count_chain insufficient boundary check
A denial of service flaw was found in the way the File Information fileinfo extension parsed certain Composite Document Format CDF files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file...
file: cdf_unpack_summary_info() excessive looping DoS
A denial of service flaw was found in the way the File Information fileinfo extension parsed certain Composite Document Format CDF files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file...
file: cdf_read_short_sector insufficient boundary check
A denial of service flaw was found in the way the File Information fileinfo extension parsed certain Composite Document Format CDF files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file...
file: CDF property info parsing nelements infinite loop
A denial of service flaw was found in the way the File Information fileinfo extension parsed certain Composite Document Format CDF files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file...