21 matches found
Linux Distros Unpatched Vulnerability : CVE-2016-4539
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The xmlparseintostruct function in ext/xml/xml.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows remote attackers to cause a denial of...
Huawei EulerOS: Security Advisory for php (EulerOS-SA-2019-2221)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Stack-Based Buffer Overflow
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...
Denial Of Service (DoS) Through Memory Corruption
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...
Out-Of-Bounds Read
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...
Arbitrary Code Execution
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...
Denial Of Service (DoS)
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...
Denial Of Service (DoS)
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...
Denial Of Service (DoS)
openpsa/midcom is vulnerable to denial of service Dos attacks. The library uses a vulnerable version of PHP and calls the insecure method xmlparseintostruct. This can allow a malicious user to upload an XML file with the RSS Upload feature to cause a buffer under read or segmentation fault that c...
F5 Networks BIG-IP : PHP vulnerability (K35240323)
The xmlparseintostruct function in ext/xml/xml.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows remote attackers to cause a denial of service buffer under-read and segmentation fault or possibly have unspecified other impact via crafted XML data in the second argument,...
PHP 5.5.x < 5.5.35, 5.6.x < 5.6.21, 7.x < 7.0.6 Multiple Vulnerabilities
Binary data 802031.prm...
SUSE SLES11 Security Update : php53 (SUSE-SU-2016:1638-1) (BACKRONYM)
This update for php53 to version 5.3.17 fixes the following issues : These security issues were fixed : - CVE-2016-5093: geticuvalueinternal out-of-bounds read bnc982010. - CVE-2016-5094: Don't create strings with lengths outside int range bnc982011. - CVE-2016-5095: Don't create strings with...
SUSE SLES11 Security Update : php53 (SUSE-SU-2016:1581-1)
This update for php53 fixes the following issues : - CVE-2016-5093: A geticuvalueinternal out-of-bounds read could crash the php interpreter bsc982010 - CVE-2016-5094,CVE-2016-5095: Don't allow creating strings with lengths outside int range, avoids overflows bsc982011,bsc982012 - CVE-2016-5096: ...
Debian DSA-3602-1 : php5 - security update
Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development. The vulnerabilities are addressed by upgrading PHP to the new upstream version 5.6.22, which includes additional bug fixes. Please refer to the upstream changelog for mor...
[SECURITY] [DSA 3602-1] php5 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3602-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 14, 2016 https://www.debian.org/security/faq -...
openSUSE Security Update : php5 (openSUSE-2016-696)
This update for php5 fixes the following issues : Security issues fixed : - CVE-2016-4346: heap overflow in ext/standard/string.c bsc977994 - CVE-2016-4342: heap corruption in tar/zip/phar parser bsc977991 - CVE-2016-4537, CVE-2016-4538: bcpowmod accepts negative scale causing heap buffer overflo...
Fedora Update for php FEDORA-2016-e205218629
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 499-1] php5 security update
Package : php5 Version : 5.4.45-0+deb7u3 CVE ID : CVE-2015-8865 CVE-2015-8866 CVE-2015-8878 CVE-2015-8879 CVE-2016-4070 CVE-2016-4071 CVE-2016-4072 CVE-2016-4073 CVE-2016-4343 CVE-2016-4537 CVE-2016-4539 CVE-2016-4540 CVE-2016-4541 CVE-2016-4542 CVE-2016-4543 CVE-2016-4544 CVE-2015-8865 The...
CVE-2016-4539
The xmlparseintostruct function in ext/xml/xml.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows remote attackers to cause a denial of service buffer under-read and segmentation fault or possibly have unspecified other impact via crafted XML data in the second argument,...
CVE-2016-4539
The vulnerability CVE-2016-4539 affects PHP’s XML parser (ext/xml/xml.c) and is exploitable via crafted XML data in the second argument of xml_parse_into_struct. Affected PHP releases are before 5.5.35, before 5.6.21 (5.6.x), and before 7.0.6, with impact described as a denial of service due to a...