16 matches found
SUSE CVE-2014-3487
The cdfreadpropertyinfo function in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, does not properly validate a stream offset, which allows remote attackers to cause a denial of service application crash via a crafted CDF file...
The vulnerability of the PHP interpreter allows a remote attacker to trigger a service failure or cause other effects on the system.
The vulnerability of the PHP interpreter in the file module fileinfo for the Fileinfo component lies in the incomplete reading of available data during a pread call. Exploiting this vulnerability allows an attacker to cause service failures by accessing uninitialized memory, or to otherwise affec...
file: out of bounds read in mconvert()
An ouf-of-bounds read flaw was found in the way the file utility processed certain Pascal strings. A remote attacker could cause an application using the file utility for example, PHP using the fileinfo module to crash if it was used to identify the type of the attacker-supplied file...
PHP Fileinfo cdf_read_property_info Denial of Service - ver 2 (CVE-2014-3587)
A denial of service vulnerability exists in PHP. It is due to an integer overflow error in the FileInfo module while processing CDF files. A remote attacker can exploit the vulnerability by sending crafted CDF files to a web application running a vulnerable version of PHP...
PHP Fileinfo cdf_read_property_info Denial of Service (CVE-2014-3587)
A denial of service vulnerability exists in PHP. It is due to an integer overflow error in the FileInfo module while processing CDF files. A remote attacker can exploit the vulnerability by sending crafted CDF files to a web application running a vulnerable version of PHP...
RHEL 7 : php (RHSA-2014:1327)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:1327 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. PHP's fileinfo module provides functions used to...
CentOS 7 : php (CESA-2014:1327)
Updated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available for...
CentOS 5 / 6 : php / php53 (CESA-2014:1326)
Updated php53 and php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6 respectively. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severi...
Moderate: Red Hat Security Advisory: php53 and php security update
Updated php53 and php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6 respectively. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severi...
DLA-67-1 php5 - security update
Bulletin has no description...
DSA-3008-1 php5 - security update
Bulletin has no description...
php security update
CentOS Errata and Security Advisory CESA-2014:1013 Updated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base...
Debian DSA-2943-1 : php5 - security update
Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development : - CVE-2014-0185 The default PHP FPM socket permission has been changed from 0666 to 0660 to mitigate a security vulnerability CVE-2014-0185 in PHP FPM that allowed any...
[SECURITY] [DSA 2943-1] php5 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2943-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff June 01, 2014 http://www.debian.org/security/faq -...
Debian Security Advisory DSA 2943-1 (php5 - security update)
Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development: CVE-2014-0185The default PHP FPM socket permission has been changed from 0666 to 0660 to mitigate a security vulnerability CVE-2014-0185 in PHP FPM that allowed any local...
DSA-2943-1 php5 - security update
Bulletin has no description...