73 matches found
UBUNTU-CVE-2017-9191
libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the rlefread function in input-tga.c:252:15...
PT-2017-18773 · Autotrace +1 · Autotrace +1
Name of the Vulnerable Software and Affected Versions: AutoTrace version 0.31.1 Description: The issue is related to a heap-based buffer overflow in the rle fread function, located in the input-tga.c file. This function is part of the AutoTrace library, specifically libautotrace.a. The overflow...
Update for Windows Server 2008 and Windows Vista (KB3217877)
Update for Windows Server 2008 and Windows Vista KB3217877 Issues that are fixed This update fixes the following issue: When you use the fre ad function to read data from a pipe in Windows Vista Service Pack 2, the runtime program may omit line feed LF characters between lines and cause corrupted...
php: Int/size_t confusion in SplFileObject::fread
A type confusion issue was found in the SPLFileObject fread function. A remote attacker able to submit a specially crafted input to a PHP application, which uses this function, could use this flaw to execute arbitrary code with the privileges of the user running that PHP application...
php: Integer underflow causing arbitrary null write in fread/gzread
Integer overflow in the fread function in ext/standard/file.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large integer in the second argument...
USN-3045-1 PHP vulnerabilities | Cloud Foundry
USN-3045-1 PHP vulnerabilities Medium Vendor PHP Versions Affected Cloud Foundry PHP buildpack versions prior to 4.3.18 Note: The PHP buildpack is patched from upstream PHP source Description It was discovered that PHP incorrectly handled certain SplMinHeap::compare operations. A remote attacker...
PHP < 5.5.36, 5.6.x < 5.6.22 Multiple Vulnerabilities (Aug 2016) - Linux
PHP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...
PHP SPL Extended Integer Overflow Vulnerability
PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community.SPL Standard PHP Library is a collection of interfaces and class extensions for solving typical problems. SPL Standard PHP Library is an extensio...
CVE-2016-5770
Integer overflow in the SplFileObject::fread function in spldirectory.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large integer argument, a related issue to CVE-2016-5096...
CVE-2016-5096
Integer overflow in the fread function in ext/standard/file.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large integer in the second argument...
Integer overflow
Integer overflow in the SplFileObject::fread function in spldirectory.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large integer argument, a related issue to CVE-2016-5096...
Integer overflow
Integer overflow in the fread function in ext/standard/file.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large integer in the second argument...
CVE-2016-5770
CVE-2016-5770 involves an integer overflow in the SplFileObject::fread function (spl_directory.c) of the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23. The overflow can be triggered by a large integer argument, enabling remote denial of service or other unspecified impact. Root cause...
CVE-2016-5096
Integer overflow in the fread function in ext/standard/file.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large integer in the second argument...
CVE-2016-5770
Removed by vendor...
USN-3045-1 php5, php7.0 vulnerabilities
It was discovered that PHP incorrectly handled certain SplMinHeap::compare operations. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. CVE-2015-4116 ...
CVE-2016-5770
A type confusion issue was found in the SPLFileObject fread function. A remote attacker able to submit a specially crafted input to a PHP application, which uses this function, could use this flaw to execute arbitrary code with the privileges of the user running that PHP application...
DLA-533-1 php5 - security update
Bulletin has no description...
Internet Bug Bounty: Integer Overflow in SplFileObject::fread
https://bugs.php.net/bug.php?id=72262...
CVE-2016-5096
Integer overflow in the fread function in ext/standard/file.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large integer in the second argument...