DLA-67-1 php5 - security update

Bulletin has no description...

CVE-2014-6051

Integer overflow in the MallocFrameBuffer function in vncviewer.c in LibVNCServer 0.9.9 and earlier allows remote VNC servers to cause a denial of service crash and possibly execute arbitrary code via an advertisement for a large screen size, which triggers a heap-based buffer overflow...

CVE-2014-0990

Stack-based buffer overflow in Advantech WebAccess formerly BroadWin WebAccess 7.2 allows remote attackers to execute arbitrary code via the UserName parameter...

CVE-2014-4412

WebKit, as used in Apple iOS before 8 and Apple TV before 7, allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-09-17-1 and...

CVE-2014-0560

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors...

Design/Logic Flaw

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors...

CVE-2014-0565

Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service memory corruption via unspecified vectors, a different vulnerability than CVE-2014-0566...

CVE-2014-0561

Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-0567...

Mandriva Linux Security Advisory : glibc (MDVSA-2014:175)

Multiple vulnerabilities has been found and corrected in glibc : When converting IBM930 code with iconv, if IBM930 code which includes invalid multibyte character 0xffff is specified, then iconv segfaults CVE-2012-6656. Off-by-one error in the gconvtranslitfind function in gconvtrans.c in GNU C...

CVE-2014-0553

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK &...

Memory corruption

Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."...

Memory corruption

Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2799, CVE-2014-4059, CVE-2014-4065,...

CVE-2014-4103

CVE-2014-4103 maps to multiple Internet Explorer UAF-based remote code execution advisories from ZDI (e.g., ZDI-14-306, -308, -317, -315, -312, -316, -318, -314, -313). Affected component families include CAttrArray, CFieldSetLayout, CTableCell, CTable, CDataBindTask, CMarkup, CGeneratedTreeNode,...

CVE-2014-4079

Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2799, CVE-2014-4059, CVE-2014-4065,...

CVE-2014-3618

Heap-based buffer overflow in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted email header, related to "unbalanced quotes."...

CVE-2014-3618

Heap-based buffer overflow in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted email header, related to "unbalanced quotes."...

CVE-2014-3618

Heap-based buffer overflow in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted email header, related to "unbalanced quotes."...

CVE-2014-3618

Heap-based buffer overflow in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted email header, related to "unbalanced quotes."...

CVE-2014-2378

Sensys Networks VSN240-F and VSN240-T sensors VDS before 2.10.1 and TrafficDOT before 2.10.3 do not verify the integrity of downloaded updates, which allows remote attackers to execute arbitrary code via a Trojan horse update...

Stack overflow

Stack-based buffer overflow in IBM DB2 9.7 through FP9a, 9.8 through FP5, 10.1 through FP4, and 10.5 before FP4 on Linux, UNIX, and Windows allows remote authenticated users to execute arbitrary code via a crafted ALTER MODULE statement...