SuSE 11.3 Security Update : php53 (SAT Patch Number 10313)

PHP 5.3 was updated to fix three security issues : - Use-after-free vulnerability allowed remote attackers to execute arbitrary code via a crafted unserialize call that leveraged improper handling of duplicate keys within the serialized properties of an object. bnc910659. CVE-2014-8142 -...

PHP multiple security vulnerabilities

exifprocessunicode DoS, varunserializer.re code execution, information disclosure...

PHP 'exif_process_unicode' function remote code execution vulnerability

PHP is a widely used general purpose scripting language. A remote code execution vulnerability in the exifprocessunicode function in PHP ext/exif/exif.c allows remote attackers to cause a denial of service by executing arbitrary code or EXIF data crafted from JPEG images...

CVE-2015-0232

The exifprocessunicode function in ext/exif/exif.c in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5 allows remote attackers to execute arbitrary code or cause a denial of service uninitialized pointer free and application crash via crafted EXIF data in a JPEG image...

Null pointer dereference

The exifprocessunicode function in ext/exif/exif.c in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5 allows remote attackers to execute arbitrary code or cause a denial of service uninitialized pointer free and application crash via crafted EXIF data in a JPEG image...

CVE-2015-0232

The exifprocessunicode function in ext/exif/exif.c in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5 allows remote attackers to execute arbitrary code or cause a denial of service uninitialized pointer free and application crash via crafted EXIF data in a JPEG image...

CVE-2015-0232

The exifprocessunicode function in ext/exif/exif.c in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5 allows remote attackers to execute arbitrary code or cause a denial of service uninitialized pointer free and application crash via crafted EXIF data in a JPEG image...