20 matches found
Debian: Security Advisory (DLA-341-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2016:1145-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2016:0284-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Denial Of Service (DoS)
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Multiple flaws were discovered in the way PHP performed object unserialization. Specially crafted input processed by the unserialize function could cause a PHP application to crash or, possibly, execute arbitrar...
Denial Of Service (DoS)
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Multiple flaws were discovered in the way PHP performed object unserialization. Specially crafted input processed by the unserialize function could cause a PHP application to crash or, possibly, execute arbitrar...
Use-After-Free
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Multiple flaws were discovered in the way PHP performed object unserialization. Specially crafted input processed by the unserialize function could cause a PHP application to crash or, possibly, execute arbitrar...
SUSE SLES12 Security Update : php5 (SUSE-SU-2016:0284-1)
This update for php5 fixes the following issues : - CVE-2015-7803: Specially crafted .phar files with a crafted TAR archive entry allowed remote attackers to cause a Denial of Service DoS bsc949961 - CVE-2016-1903: Specially crafted image files could could allow remote attackers read unspecified...
SUSE SLES11 Security Update : php53 (SUSE-SU-2016:1581-1)
This update for php53 fixes the following issues : - CVE-2016-5093: A geticuvalueinternal out-of-bounds read could crash the php interpreter bsc982010 - CVE-2016-5094,CVE-2016-5095: Don't allow creating strings with lengths outside int range, avoids overflows bsc982011,bsc982012 - CVE-2016-5096: ...
SUSE SLES11 Security Update : php53 (SUSE-SU-2016:1145-1)
This update for php53 fixes the following issues : - CVE-2015-8838: mysqlnd was vulnerable to BACKRONYM bnc973792. - CVE-2015-8835: SoapClient scall method suffered from a type confusion issue that could have lead to crashes bsc973351 - CVE-2016-2554: A NULL pointer dereference in phargetfpoffset...
openSUSE Security Update : php5 (openSUSE-2016-157)
This update for php5 fixes the following issues : - CVE-2015-7803: Specially crafted .phar files with a crafted TAR archive entry allowed remote attackers to cause a Denial of Service DoS bsc949961 - CVE-2016-1903: Specially crafted image files could could allow remote attackers read unspecified...
[slackware-security] php
New php packages are available for Slackware 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/php-5.6.17-i486-1slack14.1.txz: Upgraded. This release fixes bugs and security issues. IMPORTANT: READ BELOW ABOUT POTENTIALLY...
openSUSE Security Update : php5 (openSUSE-2016-100)
This update for php5 fixes the following issues : - CVE-2015-7803: Specially crafted .phar files with a crafted TAR archive entry allowed remote attackers to cause a Denial of Service DoS bsc949961 - CVE-2015-7804: Specially crafted .phar files with a crafted ZIP archive entry referencing a file...
CVE-2015-7803
CVE-2015-7803 affects PHP's Phar handling: the phar_get_entry_data function in ext/phar/util.c can trigger a NULL pointer dereference and crash the app when a .phar TAR entry references a non-existent file. This denial-of-service condition affects PHP versions before 5.5.30 and 5.6.x before 5.6.1...
[USN-2786-1] PHP vulnerabilities
========================================================================== Ubuntu Security Notice USN-2786-1 October 28, 2015 php5 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
SOL17503 - PHP vulnerabilities CVE-2015-7803 and CVE-2015-7804
Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...
Ubuntu 14.04 LTS : PHP vulnerabilities (USN-2786-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2786-1 advisory. It was discovered that the PHP phar extension incorrectly handled certain files. A remote attacker could use this issue to cause PHP to crash, resulting ...
USN-2786-1: PHP vulnerabilities
It was discovered that the PHP phar extension incorrectly handled certain files. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service. CVE-2015-7803, CVE-2015-7804...
Medium: php55
Issue Overview: As reported upstream https://bugs.php.net/bug.php?id=69720, A NULL pointer dereference flaw was found in the way PHP's Phar extension parsed Phar archives. A specially crafted archive could cause PHP to crash. CVE-2015-7803 A flaw was discovered in the way PHP performed object...
PHP 5.6.x < 5.6.14 Multiple Vulnerabilities
According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.14. It is, therefore, affected by multiple vulnerabilities : - A NULL pointer dereference flaw exists in the phargetfpoffset function in ext/phar/util.c that is triggered when pointing to a...
PHP 5.5.x < 5.5.30 Multiple Vulnerabilities
According to its banner, the version of PHP running on the remote web server is 5.5.x prior to 5.5.30. It is, therefore, affected by the following vulnerabilities : - A NULL pointer dereference flaw exists in the phargetfpoffset function in ext/phar/util.c that is triggered when pointing to a...