45 matches found
K16021: PHP vulnerability CVE-2014-8142
Security Advisory Description Use-after-free vulnerability in the processnesteddata function in ext/standard/varunserializer.re in PHP before 5.4.36, 5.5.x before 5.5.20, and 5.6.x before 5.6.4 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages imprope...
Slackware: Security Advisory (SSA:2014-356-02)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2015:0370-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Denial Of Service (DoS)
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The php54 packages provide a recent stable release of PHP with the PEAR 1.9.4, APC 3.1.15, and memcache 3.0.8 PECL extensions, and a number of additional utilities. The php54 packages have been upgraded to...
Arbitrary Code Execution
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The php54 packages provide a recent stable release of PHP with the PEAR 1.9.4, APC 3.1.15, and memcache 3.0.8 PECL extensions, and a number of additional utilities. The php54 packages have been upgraded to...
Buffer Overflow
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The php54 packages provide a recent stable release of PHP with the PEAR 1.9.4, APC 3.1.15, and memcache 3.0.8 PECL extensions, and a number of additional utilities. The php54 packages have been upgraded to...
Use-After-Free
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The php55 packages provide a recent stable release of PHP with the PEAR 1.9.4, memcache 3.0.8, and mongo 1.4.5 PECL extensions, and a number of additional utilities. The php55 packages have been upgraded to...
Use-After-Free
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The php55 packages provide a recent stable release of PHP with the PEAR 1.9.4, memcache 3.0.8, and mongo 1.4.5 PECL extensions, and a number of additional utilities. The php55 packages have been upgraded to...
Memory Corruption
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The php55 packages provide a recent stable release of PHP with the PEAR 1.9.4, memcache 3.0.8, and mongo 1.4.5 PECL extensions, and a number of additional utilities. The php55 packages have been upgraded to...
SUSE SLES12 Security Update : php5 (SUSE-SU-2015:0365-1)
php5 was updated to fix four security issues. These security issues were fixed : - CVE-2015-0231: Use-after-free vulnerability in the processnesteddata function in ext/standard/varunserializer.re in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5 allowed remote attackers to execute...
Gentoo Security Advisory GLSA 201503-03
Gentoo Linux Local Security Checks GLSA 201503-03 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...
[security bulletin] HPSBMU03409 rev.1 - HP Matrix Operating Environment, Multiple Vulnerabilities
Note: the current version of the following document is available here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04774019 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04774019 Version: 1 HPSBMU03409 rev.1 - HP Matrix Operating Environment, Multiple...
Scientific Linux Security Update : php on SL7.x x86_64 (20150623)
A flaw was found in the way the PHP module for the Apache httpd web server handled pipelined requests. A remote attacker could use this flaw to trigger the execution of a PHP script in a deinitialized interpreter, causing it to crash or, possibly, execute arbitrary code. CVE-2015-3330 A flaw was...
CentOS 7 : php (CESA-2015:1135)
Updated php packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings,...
Important: Red Hat Security Advisory: php security and bug fix update
Updated php packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings,...
php: use after free vulnerability in unserialize() (incomplete fix of CVE-2014-8142)
A use-after-free flaw was found in the way PHP's unserialize function processed data. If a remote attacker was able to pass crafted input to PHP's unserialize function, they could cause the PHP interpreter to crash or, possibly, execute arbitrary code...
PHP Core unserialize process nested data Use After Free - Ver2 (CVE-2014-8142)
A use-after-free vulnerability has been reported in PHP core. The vulnerability is due to a use after free error when handling serialized objects with identical keys within the unserialize function. An attacker could exploit this vulnerability by sending crafted serialized data to a web applicati...
PHP Core unserialize process nested data Use After Free - ver 2 (CVE-2014-8142; CVE-2015-0231)
A code execution vulnerability has been reported in PHP core. The vulnerability is due to a use after free error when handling serialized objects with identical number key names within the unserialize function. A remote attacker can exploit the vulnerability by sending crafted serialized data to ...
GLSA-201503-03 : PHP: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201503-03 PHP: Multiple vulnerabilities Multiple vulnerabilities have been discovered in PHP. Please review the CVE identifiers referenced below for details. Impact : A remote attacker can leverage these vulnerabilities to execute...
SuSE 11.3 Security Update : php53 (SAT Patch Number 10313)
PHP 5.3 was updated to fix three security issues : - Use-after-free vulnerability allowed remote attackers to execute arbitrary code via a crafted unserialize call that leveraged improper handling of duplicate keys within the serialized properties of an object. bnc910659. CVE-2014-8142 -...