Huawei EulerOS: Security Advisory for php (EulerOS-SA-2019-1543)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Integer Overflow

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way PHP parsed multipart HTTP POST requests. A specially crafted request could cause PHP to use an excessive amount of CPU time. CVE-2015-4024 An uninitialized pointer use flaw was found ...

Arbitrary File Write

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way the PHP module for the Apache httpd web server handled pipelined requests. A remote attacker could use this flaw to trigger the execution of a PHP script in a deinitialized interprete...

Improper Input Validation

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way the PHP module for the Apache httpd web server handled pipelined requests. A remote attacker could use this flaw to trigger the execution of a PHP script in a deinitialized interprete...

Denial Of Service (DoS)

php is vulnerable to denial of service. A flaw was found in the way PHP parsed multipart HTTP POST requests. A specially crafted request could cause PHP to use an excessive amount of CPU time. An integer overflow flaw leading to a heap-based buffer overflow was found in the way PHP's FTP extensio...

Amazon Linux: Security Advisory (ALAS-2015-536)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 3344-1] php5 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3344-1 [email protected] https://www.debian.org/security/ Sebastien Delafond August 27, 2015 https://www.debian.org/security/faq -...

Scientific Linux Security Update : php on SL6.x i386/x86_64 (20150709)

A flaw was found in the way PHP parsed multipart HTTP POST requests. A specially crafted request could cause PHP to use an excessive amount of CPU time. CVE-2015-4024 An uninitialized pointer use flaw was found in PHP's Exif extension. A specially crafted JPEG or TIFF file could cause a PHP...

Moderate: Red Hat Security Advisory: php54-php security update

Updated php54-php packages that fix multiple security issues are now available for Red Hat Software Collections 2. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

php: integer overflow in ftp_genlist() resulting in heap overflow (improved fix for CVE-2015-4022)

Integer overflow in the ftpgenlist function in ext/ftp/ftp.c in PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 allows remote FTP servers to execute arbitrary code via a long reply to a LIST command, leading to a heap-based buffer overflow. NOTE: this vulnerability exists because ...

php: integer overflow leading to heap overflow when reading FTP file listing

An integer overflow flaw leading to a heap-based buffer overflow was found in the way PHP's FTP extension parsed file listing FTP server responses. A malicious FTP server could use this flaw to cause a PHP application to crash or, possibly, execute arbitrary code...

Amazon Linux AMI : php56 (ALAS-2015-536)

An integer underflow flaw leading to out-of-bounds memory access was found in the way PHP's Phar extension parsed Phar archives. A specially crafted archive could cause PHP to crash or, possibly, execute arbitrary code when opened. CVE-2015-4021 An integer overflow flaw leading to a heap based...

Medium: php55

Issue Overview: An integer underflow flaw leading to out-of-bounds memory access was found in the way PHP's Phar extension parsed Phar archives. A specially crafted archive could cause PHP to crash or, possibly, execute arbitrary code when opened. CVE-2015-4021 An integer overflow flaw leading to...

Internet Bug Bounty: Integer overflow in ftp_genlist() resulting in heap overflow

https://bugs.php.net/bug.php?id=69545 Description: ------------ The ftpgenlist function of the ftp extension is prone to an integer overflow, which may result in remote code execution. ext/ftp/ftp.c:ftpgenlist... 1826 size = 0; 1827 lines = 0; 1828 lastch = 0; 1829 while rcvd = myrecvftp, data-fd...

Oracle Linux 3 : php (ELSA-2007-0889)

From Red Hat Security Advisory 2007:0889 : Updated PHP packages that fix several security issues are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language common...

Oracle Linux 4 : php (ELSA-2007-0349)

From Red Hat Security Advisory 2007:0349 : Updated PHP packages that fix two security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly...

Scientific Linux Security Update : php on SL3.x i386/x86_64

Various integer overflow flaws were found in the PHP gd extension script that could be forced to resize images from an untrusted source, possibly allowing a remote attacker to execute arbitrary code as the apache user. CVE-2007-3996 An integer overflow flaw was found in the PHP chunksplit functio...

Debian Security Advisory DSA 1296-1 (php4)

The remote host is missing an update to php4 announced via advisory DSA 1296-1. OpenVAS Vulnerability Test $Id: deb12961.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1296-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

RHEL 2.1 : php (RHSA-2007:0888)

Updated PHP packages that fix several security issues are now available for Red Hat Enterprise Linux 2.1 This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server...

php security update

CentOS Errata and Security Advisory CESA-2007:0888-01 Updated PHP packages that fix several security issues are now available for Red Hat Enterprise Linux 2.1 This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an embedded-HTML scripting...