19 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-11628
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, a stack-based buffer overflow in the zendinidoop function in Zend/zendiniparser.c could cause a...
Ubuntu: Security Advisory (USN-3382-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2017:2317-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2017:2522-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2017:2303-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES12 Security Update : php5 (SUSE-SU-2017:2317-1)
This update for php5 fixes the following issues : - CVE-2016-10397: parseurl can be bypassed to return fake host. bsc1047454 - CVE-2017-11143: An invalid free in the WDDX deserialization of booleanparameters could be used by attackers able to inject XML for deserialization tocrash the PHP...
SUSE SLES12 Security Update : php7 (SUSE-SU-2017:2303-1)
This update for php7 fixes the following issues : - CVE-2016-10397: parseurl can be bypassed to return fake host. bsc1047454 - CVE-2017-11142: Remoteattackers could cause a CPU consumption denial of service attack by injectinglong form variables, related to main/phpvariables. bsc1048100 -...
F5 Networks BIG-IP : PHP vulnerability (K75543432)
In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, a stack-based buffer overflow in the zendinidoop function in Zend/zendiniparser.c could cause a denial of service or potentially allow executing code. NOTE: this is only relevant for PHP applications that accept untrusted input...
Debian DSA-4081-1 : php5 - security update
Several vulnerabilities were found in PHP, a widely-used open source general purpose scripting language : - CVE-2017-11142 Denial of service via overly long form variables - CVE-2017-11143 Invalid free in wddxdeserialize - CVE-2017-11144 Denial of service in openssl extension due to incorrect...
[SECURITY] [DSA 4081-1] php5 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4081-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 08, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4080-1] php7.0 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4080-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 08, 2018 https://www.debian.org/security/faq -...
openSUSE Security Update : php5 (openSUSE-2017-1010)
This update for php5 fixes the following issues : - CVE-2016-10397: parseurl can be bypassed to return fake host. bsc1047454 - CVE-2017-11143: An invalid free in the WDDX deserialization of booleanparameters could be used by attackers able to inject XML for deserialization tocrash the PHP...
openSUSE: Security Advisory for php7 (openSUSE-SU-2017:2337-1)
The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE Security Update : php7 (openSUSE-2017-994)
This update for php7 fixes the following issues : - CVE-2016-10397: parseurl can be bypassed to return fake host. bsc1047454 - CVE-2017-11142: Remoteattackers could cause a CPU consumption denial of service attack by injectinglong form variables, related to main/phpvariables. bsc1048100 -...
Security update for php7 (important)
This update for php7 fixes the following issues: - CVE-2016-10397: parseurl can be bypassed to return fake host. bsc1047454 - CVE-2017-11142: Remoteattackers could cause a CPU consumption denial of service attack by injectinglong form variables, related to main/phpvariables. bsc1048100 -...
[SECURITY] [DLA 1066-1] php5 security update
Package : php5 Version : 5.4.45-0+deb7u10 CVE ID : CVE-2017-11628 A stack-based buffer overflow in the zendinidoop function in Zend/zendiniparser.c could cause a denial of service or potentially allow executing code. NOTE: this is only relevant for PHP applications that accept untrusted input...
Ubuntu: Security Advisory (USN-3382-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2017-11628
CVE-2017-11628: A stack-based buffer overflow in Zend/zend_ini_parser.c (zend_ini_do_op) in PHP before 5.6.31, 7.0.x before 7.0.21, and 7.1.x before 7.1.7 can cause DoS or code execution when untrusted input is passed to parse_ini_string/parse_ini_file. Public advisories reference this in unpatch...
PHP < 5.6.31, 7.0.x < 7.0.21, 7.1.x < 7.1.7 Multiple Vulnerabilities (Jul 2017) - Windows
PHP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...