14 matches found
K08206127: PHP vulnerability CVE-2016-4072
Security Advisory Description The Phar extension in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allows remote attackers to execute arbitrary code via a crafted filename, as demonstrated by mishandling of \0 characters by the pharanalyzepath function in ext/phar/phar.c...
Stack-Based Buffer Overflow
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...
Out-Of-Bounds Read
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...
Denial Of Service (DoS) Through Memory Corruption
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...
Arbitrary Code Execution
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...
Denial Of Service (DoS)
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...
Denial Of Service (DoS)
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...
Security Bulletin: Multiple vulnerabilities in PHP and memcached libraries affect IBM Tealeaf Customer Experience
Summary The IBM Tealeaf Customer Experience PCA component uses versions of PHP and memcached with reported security issues. Vulnerability Details CVEID: CVE-2013-0179 DESCRIPTION: memcached is vulnerable to a denial of service, caused by an error in the processbindelete function within memcached....
SOL08206127 - PHP vulnerability CVE-2016-4072
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
[SECURITY] [DLA 499-1] php5 security update
Package : php5 Version : 5.4.45-0+deb7u3 CVE ID : CVE-2015-8865 CVE-2015-8866 CVE-2015-8878 CVE-2015-8879 CVE-2016-4070 CVE-2016-4071 CVE-2016-4072 CVE-2016-4073 CVE-2016-4343 CVE-2016-4537 CVE-2016-4539 CVE-2016-4540 CVE-2016-4541 CVE-2016-4542 CVE-2016-4543 CVE-2016-4544 CVE-2015-8865 The...
CVE-2016-4072
CVE-2016-4072 affects the PHP Phar extension. Vulnerable in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5. The root cause is mishandling of NULL characters by phar_analyze_path in ext/phar/phar.c, which allows a remote attacker to execute arbitrary code via a crafted filename. Expl...
Amazon Linux AMI : php56 / php55 (ALAS-2016-698)
The following security-related issues were resolved : Buffer over-write in finfoopen with malformed magic file CVE-2015-8865 Signedness vulnerability causing heap overflow in libgd CVE-2016-3074 Integer overflow in phprawurlencode CVE-2016-4070 Format string vulnerability in phpsnmperror...
Important: php56, php55
Issue Overview: The following security-related issues were resolved: Buffer over-write in finfoopen with malformed magic file CVE-2015-8865 Signedness vulnerability causing heap overflow in libgd CVE-2016-3074 Integer overflow in phprawurlencode CVE-2016-4070 Format string vulnerability in...
Debian DSA-3560-1 : php5 - security update
Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development. The vulnerabilities are addressed by upgrading PHP to the new upstream version 5.6.20, which includes additional bug fixes. Please refer to the upstream changelog for mor...