25 matches found
K06420357: PHP vulnerability CVE-2017-16642
Security Advisory Description In PHP before 5.6.32, 7.x before 7.0.25, and 7.1.x before 7.1.11, an error in the date extension's timelibmeridian handling of 'front of' and 'back of' directives could be used by attackers able to supply date strings to leak information from the interpreter, related...
SUSE: Security Advisory (SUSE-SU-2017:3277-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:0003-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for php (EulerOS-SA-2020-1542)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Moderate: Red Hat Security Advisory: rh-php71-php security, bug fix, and enhancement update
An update for rh-php71-php is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
SUSE SLES12 Security Update : php7 (SUSE-SU-2017:3237-1)
This update for php7 fixes the following issues: Security issues fixed : - CVE-2017-16642: Fix timelibmeridian error that could be used to leak information from the interpreter bsc1067441. - CVE-2017-9229: Fix invalid pointer dereference in leftadjustcharhead bsc1069631. - CVE-2017-9228: Fix heap...
Ubuntu: Security Advisory (USN-3566-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-4081-1 : php5 - security update
Several vulnerabilities were found in PHP, a widely-used open source general purpose scripting language : - CVE-2017-11142 Denial of service via overly long form variables - CVE-2017-11143 Invalid free in wddxdeserialize - CVE-2017-11144 Denial of service in openssl extension due to incorrect...
[SECURITY] [DSA 4081-1] php5 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4081-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 08, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4080-1] php7.0 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4080-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 08, 2018 https://www.debian.org/security/faq -...
SUSE SLES11 Security Update : php53 (SUSE-SU-2018:0003-1)
This update for php53 fixes the following issues: Security issues fixed : - CVE-2017-16642: Fix timelibmeridian error that could be used to leak information from the interpreter bsc1067441. - CVE-2017-9228: Fix heap out-of-bounds write that occurs in bitsetsetrange during regex compilation...
SUSE-SU-2018:0003-1 Security update for php53
This update for php53 fixes the following issues: Security issues fixed: - CVE-2017-16642: Fix timelibmeridian error that could be used to leak information from the interpreter bsc1067441. - CVE-2017-9228: Fix heap out-of-bounds write that occurs in bitsetsetrange during regex compilation...
openSUSE Security Update : php5 (openSUSE-2017-1371)
This update for php5 fixes the following issues : Security issues fixed : - CVE-2017-16642: Fix timelibmeridian error that could be used to leak information from the interpreter bsc1067441. - CVE-2017-4025: Fix pathname truncation in setincludepath, tempnam, rmdir, and readlink bsc1067090. -...
openSUSE Security Update : php7 (openSUSE-2017-1353)
This update for php7 fixes the following issues : Security issues fixed : - CVE-2017-16642: Fix timelibmeridian error that could be used to leak information from the interpreter bsc1067441. - CVE-2017-9229: Fix invalid pointer dereference in leftadjustcharhead bsc1069631. - CVE-2017-9228: Fix hea...
PHP Core timelib_meridian Heap Buffer Overflow (CVE-2017-16642)
A heap-based buffer overflow vulnerability exists in PHP core function timelibmeridian. The vulnerability is due to improper validation of user input. A remote attacker can exploit the vulnerability by sending a crafted request with a malformed time attribute...
PHP 5.6.x < 5.6.32 Multiple Vulnerabilities
According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.32. It is, therefore, affected by multiple vulnerabilities. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid104631;...
PHP 7.0.x < 7.0.25 Multiple Vulnerabilities
According to its banner, the version of PHP running on the remote web server is 7.0.x prior to 7.0.25. It is, therefore, affected by multiple vulnerabilities. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid104632;...
PHP 7.1.x < 7.1.11 Multiple Vulnerabilities
According to its banner, the version of PHP running on the remote web server is 7.1.x prior to 7.1.11. It is, therefore, affected by multiple vulnerabilities. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid104633;...
CVE-2017-16642
In PHP before 5.6.32, 7.x before 7.0.25, and 7.1.x before 7.1.11, an error in the date extension's timelibmeridian handling of 'front of' and 'back of' directives could be used by attackers able to supply date strings to leak information from the interpreter, related to ext/date/lib/parsedate.c...
CVE-2017-16642
creationtimestamp| type| source ---|---|--- 2017-11-09 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/43133...