17 matches found
Linux Distros Unpatched Vulnerability : CVE-2015-4116
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use-after-free vulnerability in the splptrheapinsert function in ext/spl/splheap.c in PHP before 5.5.27 and 5.6.x before 5.6.11 allows remote attackers to execu...
Huawei EulerOS: Security Advisory for php (EulerOS-SA-2019-1865)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-3045-1 PHP vulnerabilities | Cloud Foundry
USN-3045-1 PHP vulnerabilities Medium Vendor PHP Versions Affected Cloud Foundry PHP buildpack versions prior to 4.3.18 Note: The PHP buildpack is patched from upstream PHP source Description It was discovered that PHP incorrectly handled certain SplMinHeap::compare operations. A remote attacker...
PHP < 5.5.27, 5.6.x < 5.6.11 Arbitrary Code Execution Vulnerability (Aug 2016) - Linux
PHP is prone to an arbitrary code execution vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if descripti...
SUSE SLES11 Security Update : php53 (SUSE-SU-2016:1638-1) (BACKRONYM)
This update for php53 to version 5.3.17 fixes the following issues : These security issues were fixed : - CVE-2016-5093: geticuvalueinternal out-of-bounds read bnc982010. - CVE-2016-5094: Don't create strings with lengths outside int range bnc982011. - CVE-2016-5095: Don't create strings with...
Ubuntu: Security Advisory (USN-3045-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 14.04 LTS / 16.04 LTS : PHP vulnerabilities (USN-3045-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3045-1 advisory. It was discovered that PHP incorrectly handled certain SplMinHeap::compare operations. A remote attacker could use this issue to cause PHP to...
USN-3045-1: PHP vulnerabilities
It was discovered that PHP incorrectly handled certain SplMinHeap::compare operations. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. CVE-2015-4116 ...
SOL76719230 - PHP vulnerability CVE-2015-4116
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SUSE-SU-2016:1638-1 Security update for php53
This update for php53 to version 5.3.17 fixes the following issues: These security issues were fixed: - CVE-2016-5093: geticuvalueinternal out-of-bounds read bnc982010. - CVE-2016-5094: Don't create strings with lengths outside int range bnc982011. - CVE-2016-5095: Don't create strings with lengt...
SUSE SLES11 Security Update : php53 (SUSE-SU-2016:1581-1)
This update for php53 fixes the following issues : - CVE-2016-5093: A geticuvalueinternal out-of-bounds read could crash the php interpreter bsc982010 - CVE-2016-5094,CVE-2016-5095: Don't allow creating strings with lengths outside int range, avoids overflows bsc982011,bsc982012 - CVE-2016-5096: ...
openSUSE Security Update : php5 (openSUSE-2016-703)
This update for php5 fixes the following issues : - CVE-2013-7456: imagescale out-of-bounds read bnc982009. - CVE-2016-5093: geticuvalueinternal out-of-bounds read bnc982010. - CVE-2016-5094: Don't create strings with lengths outside int range bnc982011. - CVE-2016-5095: Don't create strings with...
openSUSE Security Update : php5 (openSUSE-2016-696)
This update for php5 fixes the following issues : Security issues fixed : - CVE-2016-4346: heap overflow in ext/standard/string.c bsc977994 - CVE-2016-4342: heap corruption in tar/zip/phar parser bsc977991 - CVE-2016-4537, CVE-2016-4538: bcpowmod accepts negative scale causing heap buffer overflo...
CVE-2015-4116
Use-after-free vulnerability in the splptrheapinsert function in ext/spl/splheap.c in PHP before 5.5.27 and 5.6.x before 5.6.11 allows remote attackers to execute arbitrary code by triggering a failed SplMinHeap::compare operation...
BELL-CVE-2015-4116 CVE-2015-4116 does not affect BellSoft software
Bulletin has no description...
CVE-2015-4116
The CVE-2015-4116 use-after-free in PHP’s ext/spl/spl_heap.c (spl_ptr_heap_insert) affects PHP versions before 5.5.27 and 5.6.x before 5.6.11. Triggering a failed SplMinHeap::compare can lead to remote code execution. Affected component: PHP SPL heap implementation. Root cause: use-after-free in ...
CVE-2015-4116
Use-after-free vulnerability in the splptrheapinsert function in ext/spl/splheap.c in PHP before 5.5.27 and 5.6.x before 5.6.11 allows remote attackers to execute arbitrary code by triggering a failed SplMinHeap::compare operation...