SUSE SLES11 Security Update : php53 (SUSE-SU-2016:2013-1)

php53 was updated to fix five security issues. These security issues were fixed : - CVE-2016-5769: mcrypt: Heap Overflow due to integer overflows bsc986388. - CVE-2015-8935: XSS in header with Internet Explorer bsc986004. - CVE-2016-5772: Double Free Courruption in wddxdeserialize bsc986244. -...

Internet Bug Bounty: Integer Overflow in _gd2GetHeader() resulting in heap overflow

The gd2GetHeader is prone to an integer overflow, which result in heap based overflow. Tested on PHP 5.6.22 --------------- PoC --------------- $ ls poc.gd poc.php $ cat poc.php --------------- Result --------------- /php$ gdb -q --args ./php-5.6.22/sapi/cli/php poc.php Reading symbols from...