28 matches found
Linux Distros Unpatched Vulnerability : CVE-2015-8874
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Stack consumption vulnerability in GD in PHP before 5.6.12 allows remote attackers to cause a denial of service via a crafted imagefilltoborder call...
SUSE CVE-2015-8874
Stack consumption vulnerability in GD in PHP before 5.6.12 allows remote attackers to cause a denial of service via a crafted imagefilltoborder call...
Mageia: Security Advisory (MGASA-2016-0203)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP2 : gd (EulerOS-SA-2019-1842)
According to the version of the gd package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Stack consumption vulnerability in GD in PHP before 5.6.12 allows remote attackers to cause a denial of service via a crafted imagefilltoborder...
Stack-Based Buffer Overflow
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...
Out-Of-Bounds Read
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...
Denial Of Service (DoS) Through Memory Corruption
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...
Arbitrary Code Execution
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...
Denial Of Service (DoS)
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...
Arbitrary Code Execution
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...
Denial Of Service (DoS)
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...
Amazon Linux: Security Advisory (ALAS-2016-728)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES11 Security Update : php53 (SUSE-SU-2016:1638-1) (BACKRONYM)
This update for php53 to version 5.3.17 fixes the following issues : These security issues were fixed : - CVE-2016-5093: geticuvalueinternal out-of-bounds read bnc982010. - CVE-2016-5094: Don't create strings with lengths outside int range bnc982011. - CVE-2016-5095: Don't create strings with...
Medium: php55, php56
Issue Overview: A stack consumption vulnerability in GD in PHP allows remote attackers to cause a denial of service via a crafted imagefilltoborder call. CVE-2015-8874 An integer overflow, leading to a heap-based buffer overflow was found in the imagecreatefromgd2 function of PHP's gd extension. ...
Fedora 23 : gd (2016-d126bb1b74)
fix for stack overflow with gdImageFillToBorder CVE-2015-8874 - fix integer Overflow in gd2GetHeader CVE-2016-5766 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and...
Fedora 24 : gd (2016-a4d48d6fd6)
Version 2.2.2 Security related fixes : - Integer Overflow in gdImagePaletteToTrueColor resulting in heap overflow CVE-2016-5767 - Stack overflow with gdImageFillToBorder CVE-2015-8874 - Integer Overflow in gd2GetHeader resulting in heap overflow CVE-2016-5766 - NULL pointer Dereference at...
PHP < 5.6.12 Multiple DoS Vulnerabilities - Linux
PHP is prone to multiple denial of service DoS vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if...
Internet Bug Bounty: CVE-2015-8874 Stack overflow with imagefilltoborder
Reported in 2014 https://bugs.php.net/bug.php?id=66387 A variation was rediscovered this year and reported to PHP and LIBGD: https://bugs.php.net/bug.php?id=72350 https://github.com/libgd/libgd/issues/215 Patches for both issues:...
SOL42454663 - PHP vulnerability CVE-2015-8874
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SUSE-SU-2016:1638-1 Security update for php53
This update for php53 to version 5.3.17 fixes the following issues: These security issues were fixed: - CVE-2016-5093: geticuvalueinternal out-of-bounds read bnc982010. - CVE-2016-5094: Don't create strings with lengths outside int range bnc982011. - CVE-2016-5095: Don't create strings with lengt...