409 matches found
[USN-2391-1] php5 vulnerabilities
========================================================================== Ubuntu Security Notice USN-2391-1 October 30, 2014 php5 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
CentOS Update for php CESA-2014:1767 centos7
Check the version of php SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882073";...
Ubuntu 14.04 LTS : php5 vulnerabilities (USN-2391-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2391-1 advisory. Symeon Paraschoudis discovered that PHP incorrectly handled the mkgmtime function. A remote attacker could possibly use this issue to cause PHP to crash,...
Oracle Linux 6 / 7 : php (ELSA-2014-1767)
The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-1767 advisory. - fileinfo: fix out-of-bounds read in elf note headers. CVE-2014-3710 - xmlrpc: fix out-of-bounds read flaw in mkgmtime CVE-2014-3668 - core: fix...
Oracle Linux 5 : php53 (ELSA-2014-1768)
The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-1768 advisory. - fileinfo: fix out-of-bounds read in elf note headers. CVE-2014-3710 - xmlrpc: fix out-of-bounds read flaw in mkgmtime CVE-2014-3668 - core: fix integ...
Important: Red Hat Security Advisory: php security update
Updated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...
file: out-of-bounds read in elf note headers
An out-of-bounds read flaw was found in the way the File Information fileinfo extension parsed Executable and Linkable Format ELF files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted ELF file...
file: unrestricted recursion in handling of indirect type rules
A denial of service flaw was found in the way the File Information fileinfo extension handled indirect rules. A remote attacker could use this flaw to cause a PHP application using fileinfo to crash or consume an excessive amount of CPU...
file: out-of-bounds access in search rules with offsets from input file
A denial of service flaw was found in the way the File Information fileinfo extension handled search rules. A remote attacker could use this flaw to cause a PHP application using fileinfo to crash or consume an excessive amount of CPU...
file: cdf_check_stream_offset insufficient boundary check
A denial of service flaw was found in the way the File Information fileinfo extension parsed certain Composite Document Format CDF files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file...
file: cdf_read_property_info insufficient boundary check
A denial of service flaw was found in the way the File Information fileinfo extension parsed certain Composite Document Format CDF files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file...
file: unrestricted regular expression matching
Multiple flaws were found in the File Information fileinfo extension regular expression rules for detecting various files. A remote attacker could use either of these flaws to cause a PHP application using fileinfo to consume an excessive amount of CPU...
file: mconvert incorrect handling of truncated pascal string size
A buffer overflow flaw was found in the way the File Information fileinfo extension processed certain Pascal strings. A remote attacker able to make a PHP application using fileinfo convert a specially crafted Pascal string provided by an image file could cause that application to crash...
file: CDF property info parsing nelements infinite loop
A denial of service flaw was found in the way the File Information fileinfo extension parsed certain Composite Document Format CDF files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file...
file: cdf_count_chain insufficient boundary check
A denial of service flaw was found in the way the File Information fileinfo extension parsed certain Composite Document Format CDF files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file...
file: cdf_check_stream_offset insufficient boundary check
A denial of service flaw was found in the way the File Information fileinfo extension parsed certain Composite Document Format CDF files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file...
file: out-of-bounds read in elf note headers
An out-of-bounds read flaw was found in the way the File Information fileinfo extension parsed Executable and Linkable Format ELF files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted ELF file...
Important: Red Hat Security Advisory: php53 security update
Updated php53 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available...
USN-2391-1: php5 vulnerabilities
Symeon Paraschoudis discovered that PHP incorrectly handled the mkgmtime function. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service. CVE-2014-3668 Symeon Paraschoudis discovered that PHP incorrectly handled unserializing objects. A remote...
USN-2391-1 php5 vulnerabilities
Symeon Paraschoudis discovered that PHP incorrectly handled the mkgmtime function. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service. CVE-2014-3668 Symeon Paraschoudis discovered that PHP incorrectly handled unserializing objects. A remote...