SUSE CVE-2016-1903

The gdImageRotateInterpolated function in ext/gd/libgd/gdinterpolation.c in PHP before 5.5.31, 5.6.x before 5.6.17, and 7.x before 7.0.2 allows remote attackers to obtain sensitive information or cause a denial of service out-of-bounds read and application crash via a large bgdcolor argument to t...

SUSE: Security Advisory (SUSE-SU-2016:0284-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Denial Of Service (DoS) Through Memory Corruption

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...

Stack-Based Buffer Overflow

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...

Out-Of-Bounds Read

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...

Arbitrary Code Execution

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...

Denial Of Service (DoS)

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...

Denial Of Service (DoS)

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...

SUSE SLES12 Security Update : php5 (SUSE-SU-2016:0284-1)

This update for php5 fixes the following issues : - CVE-2015-7803: Specially crafted .phar files with a crafted TAR archive entry allowed remote attackers to cause a Denial of Service DoS bsc949961 - CVE-2016-1903: Specially crafted image files could could allow remote attackers read unspecified...

USN-2952-1: PHP vulnerabilities

It was discovered that the PHP Zip extension incorrectly handled directories when processing certain zip files. A remote attacker could possibly use this issue to create arbitrary directories. CVE-2014-9767 It was discovered that the PHP Soap client incorrectly validated data types. A remote...

SOL59722044 - PHP vulnerabilities CVE-2016-1903 and CVE-2016-1904

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

openSUSE Security Update : php5 (openSUSE-2016-157)

This update for php5 fixes the following issues : - CVE-2015-7803: Specially crafted .phar files with a crafted TAR archive entry allowed remote attackers to cause a Denial of Service DoS bsc949961 - CVE-2016-1903: Specially crafted image files could could allow remote attackers read unspecified...

[slackware-security] php

New php packages are available for Slackware 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/php-5.6.17-i486-1slack14.1.txz: Upgraded. This release fixes bugs and security issues. IMPORTANT: READ BELOW ABOUT POTENTIALLY...

openSUSE Security Update : php5 (openSUSE-2016-100)

This update for php5 fixes the following issues : - CVE-2015-7803: Specially crafted .phar files with a crafted TAR archive entry allowed remote attackers to cause a Denial of Service DoS bsc949961 - CVE-2015-7804: Specially crafted .phar files with a crafted ZIP archive entry referencing a file...

php: Security update (CVE-2016-1903)

The php package has been rebuilt and was uploaded to the Chaos Calmer 15.05 repository due to a reported security issue. VERSION 5.6.16-1 = 5.6.17-1 CHANGELOG Sun, 24 Jan 2016 21:47:52 +0100 18d121b Update to 5.6.17 Fixes CVE-2016-1903. CHANGES lang/php5/Makefile | 6 +++--- 1 file changed, 3...

php: Security update (7 CVEs)

The php package has been rebuilt and was uploaded to the Chaos Calmer 15.05 repository due to multiple security issues. VERSION 5.6.8-1 = 5.6.17-1 CHANGELOG Sun, 24 Jan 2016 21:47:52 +0100 18d121b Update to 5.6.17 Fixes CVE-2016-1903. Wed, 23 Dec 2015 16:00:14 -0500 766cfcc Update to 5.6.16 Wed, ...

CVE-2016-1903

The gdImageRotateInterpolated function in ext/gd/libgd/gdinterpolation.c in PHP before 5.5.31, 5.6.x before 5.6.17, and 7.x before 7.0.2 allows remote attackers to obtain sensitive information or cause a denial of service out-of-bounds read and application crash via a large bgdcolor argument to t...

CVE-2016-1903

CVE-2016-1903 affects PHP’s gdImageRotateInterpolated in ext/gd/libgd/gd_interpolation.c. Affected are PHP before 5.5.31, 5.6.x before 5.6.17, and 7.x before 7.0.2. A large bgd_color argument to imagerotate allows remote attackers to perform an out-of-bounds read, potentially disclosing memory co...

Mageia: Security Advisory (MGASA-2016-0024)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...