EUVD-2016-4184

Malicious code in bioql PyPI...

K40496533: PHP vulnerability CVE-2016-3132

Security Advisory Description Double free vulnerability in the SplDoublyLinkedList::offsetSet function in ext/spl/spldllist.c in PHP 7.x before 7.0.6 allows remote attackers to execute arbitrary code via a crafted index. CVE-2016-3132 Impact There is no impact; F5 products are not affected by thi...

SUSE CVE-2015-6831

Multiple use-after-free vulnerabilities in SPL in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allow remote attackers to execute arbitrary code via vectors involving 1 ArrayObject, 2 SplObjectStorage, and 3 SplDoublyLinkedList, which are mishandled during unserialization...

SUSE CVE-2015-6834

Multiple use-after-free vulnerabilities in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 allow remote attackers to execute arbitrary code via vectors related to 1 the Serializable interface, 2 the SplObjectStorage class, and 3 the SplDoublyLinkedList class, which are mishandled...

PHP 7.x < 7.0.6 Arbitrary Code Execution Vulnerability (Aug 2016) - Linux

PHP is prone to an arbitrary code execution vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if descripti...

PHP 7.x < 7.0.6 Arbitrary Code Execution Vulnerability (Aug 2016) - Windows

PHP is prone to an arbitrary code execution vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if descripti...

CVE-2016-3132

Double free vulnerability in the SplDoublyLinkedList::offsetSet function in ext/spl/spldllist.c in PHP 7.x before 7.0.6 allows remote attackers to execute arbitrary code via a crafted index...

Double free

Double free vulnerability in the SplDoublyLinkedList::offsetSet function in ext/spl/spldllist.c in PHP 7.x before 7.0.6 allows remote attackers to execute arbitrary code via a crafted index...

CVE-2016-3132

Removed by vendor...

CVE-2016-3132

Double free vulnerability in the SplDoublyLinkedList::offsetSet function in ext/spl/spldllist.c in PHP 7.x before 7.0.6 allows remote attackers to execute arbitrary code via a crafted index...

CVE-2016-3132

CVE-2016-3132: A double free vulnerability in PHP’s SplDoublyLinkedList::offsetSet (ext/spl/spl_dllist.c) affects PHP 7.x prior to 7.0.6. Exploitation via a crafted index allows remote code execution. The affected software is PHP 7.x before 7.0.6; the root cause is the double free in the offsetSe...

PHP interpreter vulnerabilities that allow attackers to execute arbitrary code

Multiple vulnerabilities in the PHP interpreter are related to the use of memory after it is freed. Exploiting these vulnerabilities allows a remote attacker to execute arbitrary code by interacting with the Serializable interface, the SplObjectStorage class, and the SplDoublyLinkedList class...

PHP Denial of Service Vulnerability (CNVD-2016-03618)

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. The language supports multiple syntaxes, multiple databases and operating systems, and support for C, C++ for program extensions and so on. A...

Ubuntu: Security Advisory (USN-2984-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-2984-1: PHP vulnerabilities

It was discovered that the PHP Fileinfo component incorrectly handled certain magic files. An attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS. CVE-2015-8865 Hans Jerry Illikainen...

Design/Logic Flaw

Multiple use-after-free vulnerabilities in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 allow remote attackers to execute arbitrary code via vectors related to 1 the Serializable interface, 2 the SplObjectStorage class, and 3 the SplDoublyLinkedList class, which are mishandled...

CVE-2015-6834

Summary: CVE-2015-6834 (and related CVEs 2015-6835, 2015-6836, 2015-6837/6838) are PHP unserialize-related use-after-free and type-confusion vulnerabilities. They affect PHP priors to 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13, enabling remote code execution via crafted serialized data ...

CVE-2016-3132

Double free vulnerability in the SplDoublyLinkedList::offsetSet function in ext/spl/spldllist.c in PHP 7.x before 7.0.6 allows remote attackers to execute arbitrary code via a crafted index...

PHP SPL Deserialization Memory Misreference Vulnerability

PHP is a general-purpose scripting language that can be embedded in HTML. A memory misreference vulnerability in the PHP SPL deserialization implementation allows attackers to exploit special ArrayObject, SplObjectStorage, SplDoublyLinkedList related vectors to execute arbitrary code...

UBUNTU-CVE-2015-6834

Multiple use-after-free vulnerabilities in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 allow remote attackers to execute arbitrary code via vectors related to 1 the Serializable interface, 2 the SplObjectStorage class, and 3 the SplDoublyLinkedList class, which are mishandled...