K63914421: PHP vulnerability CVE-2016-5770

Security Advisory Description Integer overflow in the SplFileObject::fread function in spldirectory.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large integer argument, a...

Mageia: Security Advisory (MGASA-2016-0238)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Out-Of-Bounds Read

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...

Stack-Based Buffer Overflow

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...

Denial Of Service (DoS) Through Memory Corruption

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...

Arbitrary Code Execution

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...

Denial Of Service (DoS)

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...

Denial Of Service (DoS)

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...

Amazon Linux: Security Advisory (ALAS-2016-728)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DLA-628-1 : php5 security update

CVE-2016-4473.patch An invalid free may occur under certain conditions when processing phar-compatible archives. - CVE-2016-4538.patch The bcpowmod function in ext/bcmath/bcmath.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 accepts a negative integer for the scale argument,...

[SECURITY] [DLA 628-1] php5 security update

Package : php5 Version : 5.4.45-0+deb7u5 CVE ID : CVE-2016-4473 CVE-2016-4538 CVE-2016-5114 CVE-2016-5399 CVE-2016-5768 CVE-2016-5769 CVE-2016-5770 CVE-2016-5771 CVE-2016-5772 CVE-2016-5773 CVE-2016-6289 CVE-2016-6290 CVE-2016-6291 CVE-2016-6292 CVE-2016-6294 CVE-2016-6295 CVE-2016-6296...

DLA-628-1 php5 - security update

Bulletin has no description...

CVE-2016-5770

Integer overflow in the SplFileObject::fread function in spldirectory.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large integer argument, a related issue to CVE-2016-5096...

CVE-2016-5770

CVE-2016-5770 involves an integer overflow in the SplFileObject::fread function (spl_directory.c) of the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23. The overflow can be triggered by a large integer argument, enabling remote denial of service or other unspecified impact. Root cause...

CVE-2016-5770

Removed by vendor...

Medium: php55, php56

Issue Overview: A stack consumption vulnerability in GD in PHP allows remote attackers to cause a denial of service via a crafted imagefilltoborder call. CVE-2015-8874 An integer overflow, leading to a heap-based buffer overflow was found in the imagecreatefromgd2 function of PHP's gd extension. ...

[SECURITY] [DSA 3618-1] php5 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3618-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 14, 2016 https://www.debian.org/security/faq -...

openSUSE: Security Advisory for php5 (openSUSE-SU-2016:1761-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated php packages fix security vulnerability

php-mbstring phpmbregexeregreplaceexec - double free CVE-2016-5768. php-mcrypt heap Overflow due to integer overflows CVE-2016-5769. php-SPL int/sizet confusion in SplFileObject::fread CVE-2016-5770. php-SPL Use After Free Vulnerability in PHP's GC algorithm and unserialize CVE-2016-5771. php-WDD...