Ubuntu 14.04 LTS : PHP vulnerabilities (USN-2952-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2952-1 advisory. It was discovered that the PHP Zip extension incorrectly handled directories when processing certain zip files. A remote attacker could possibly use this...

USN-2952-1: PHP vulnerabilities

It was discovered that the PHP Zip extension incorrectly handled directories when processing certain zip files. A remote attacker could possibly use this issue to create arbitrary directories. CVE-2014-9767 It was discovered that the PHP Soap client incorrectly validated data types. A remote...

Fedora 22 : php-5.6.20-1.fc22 (2016-9282d83bee)

31 Mar 2016, PHP 5.6.20 CLI Server: Fixed bug php69953 Support MKCALENDAR request method. Christoph Core: Fixed bug php71596 Segmentation fault on ZTS with date function setlocale. Anatol Curl: - Fixed bug php71694 Support constant CURLMADDEDALREADY. mpyw Date: - Fixed bug php71635...

Fedora 23 : php-5.6.20-1.fc23 (2016-1cf1b49047)

31 Mar 2016, PHP 5.6.20 CLI Server: Fixed bug php69953 Support MKCALENDAR request method. Christoph Core: Fixed bug php71596 Segmentation fault on ZTS with date function setlocale. Anatol Curl: - Fixed bug php71694 Support constant CURLMADDEDALREADY. mpyw Date: - Fixed bug php71635...

Fedora 24 : php-5.6.20-1.fc24 (2016-ace6f06a4d)

31 Mar 2016, PHP 5.6.20 CLI Server: Fixed bug php69953 Support MKCALENDAR request method. Christoph Core: Fixed bug php71596 Segmentation fault on ZTS with date function setlocale. Anatol Curl: - Fixed bug php71694 Support constant CURLMADDEDALREADY. mpyw Date: - Fixed bug php71635...

FreeBSD : php -- multiple vulnerabilities (482d40cb-f9a3-11e5-92ce-002590263bf5)

The PHP Group reports : - Fileinfo : - Fixed bug 71527 Buffer over-write in finfoopen with malformed magic file. - mbstring : - Fixed bug 71906 AddressSanitizer: negative-size-param -1 in mbflstrcut. - Phar : - Fixed bug 71860 Invalid memory write in phar on filename with \0 in name. - SNMP : -...

php -- multiple vulnerabilities

The PHP Group reports: Fileinfo: Fixed bug 71527 Buffer over-write in finfoopen with malformed magic file. mbstring: Fixed bug 71906 AddressSanitizer: negative-size-param -1 in mbflstrcut. Phar: Fixed bug 71860 Invalid memory write in phar on filename with \0 in name. SNMP: Fixed bug 71704...

Fedora 22 : php-5.6.19-1.fc22 (2016-baa32758d0)

03 Mar 2016, PHP 5.6.19 CLI server: Fixed bug php71559 Built-in HTTP server, we can download file in web by bug. Johannes, Anatol CURL: - Fixed bug php71523 Copied handle with new option CURLOPTHTTPHEADER crashes while curlmultiexec. Laruence Date: Fixed bug php68078 Datetime comparisons ignore...

Fedora 23 : php-5.6.19-1.fc23 (2016-c0853ea24e)

03 Mar 2016, PHP 5.6.19 CLI server: Fixed bug php71559 Built-in HTTP server, we can download file in web by bug. Johannes, Anatol CURL: - Fixed bug php71523 Copied handle with new option CURLOPTHTTPHEADER crashes while curlmultiexec. Laruence Date: Fixed bug php68078 Datetime comparisons ignore...

CVE-2015-8865

The filecheckmem function in funcs.c in file before 5.23, as used in the Fileinfo component in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5, mishandles continuation-level jumps, which allows context-dependent attackers to cause a denial of service buffer overflow and application...

UBUNTU-CVE-2015-8865

The filecheckmem function in funcs.c in file before 5.23, as used in the Fileinfo component in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5, mishandles continuation-level jumps, which allows context-dependent attackers to cause a denial of service buffer overflow and application...

file: mconvert incorrect handling of truncated pascal string size

A buffer overflow flaw was found in the way the File Information fileinfo extension processed certain Pascal strings. A remote attacker able to make a PHP application using fileinfo convert a specially crafted Pascal string provided by an image file could cause that application to crash...

file: unrestricted regular expression matching

Multiple flaws were found in the File Information fileinfo extension regular expression rules for detecting various files. A remote attacker could use either of these flaws to cause a PHP application using fileinfo to consume an excessive amount of CPU...

file: denial of service issue (resource consumption)

A flaw was found in the way the File Information fileinfo extension parsed Executable and Linkable Format ELF files. A remote attacker could use this flaw to cause a PHP application using fileinfo to consume an excessive amount of system resources...

file: malformed elf file causes access to uninitialized memory

A flaw was found in the way the File Information fileinfo extension parsed Executable and Linkable Format ELF files. A remote attacker could use this flaw to cause a PHP application using fileinfo to crash or disclose certain portions of server memory...

file: cdf_read_property_info insufficient boundary check

A denial of service flaw was found in the way the File Information fileinfo extension parsed certain Composite Document Format CDF files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file...

file: cdf_read_short_sector insufficient boundary check

A denial of service flaw was found in the way the File Information fileinfo extension parsed certain Composite Document Format CDF files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file...

file: CDF property info parsing nelements infinite loop

A denial of service flaw was found in the way the File Information fileinfo extension parsed certain Composite Document Format CDF files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file...

file: out-of-bounds read in elf note headers

An out-of-bounds read flaw was found in the way the File Information fileinfo extension parsed Executable and Linkable Format ELF files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted ELF file...

F5 BIG-IP - Multiple PHP CDF vulnerabilities CVE-2014-0237 and CVE-2014-0238

The remote host is missing a security patch. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/h:f5:big-ip"; if description...