14 matches found
K15761: Multiple PHP 5.x vulnerabilities
Security Advisory Description CVE-2014-2497 The gdImageCreateFromXpm function in gdxpm.c in libgd, as used in PHP 5.4.26 and earlier, allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted color table in an XPM file. CVE-2014-3597 Multipl...
Mageia: Security Advisory (MGASA-2014-0288)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Denial Of Service (DoS)
php is vulnerable to denial of service DoS attacks. The vulnerability exists as the gdImageCreateFromXpm function in gdxpm.c in libgd, as used in PHP 5.4.26 and earlier, allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted color table i...
gd: NULL pointer dereference in gdImageCreateFromXpm()
A NULL pointer dereference flaw was found in the gdImageCreateFromXpm function of PHP's gd extension. A remote attacker could use this flaw to crash a PHP application using gd via a specially crafted X PixMap XPM file...
Scientific Linux Security Update : php53 and php on SL5.x, SL6.x i386/x86_64 (20140930)
It was found that the fix for CVE-2012-1571 was incomplete; the File Information fileinfo extension did not correctly parse certain Composite Document Format CDF files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file. CVE-2014-3587 ...
CentOS 5 / 6 : php / php53 (CESA-2014:1326)
Updated php53 and php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6 respectively. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severi...
gd: NULL pointer dereference in gdImageCreateFromXpm()
A NULL pointer dereference flaw was found in the gdImageCreateFromXpm function of PHP's gd extension. A remote attacker could use this flaw to crash a PHP application using gd via a specially crafted X PixMap XPM file...
RHEL 5 / 6 : php53 and php (RHSA-2014:1326)
Updated php53 and php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6 respectively. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severi...
Mandriva Linux Security Advisory : gd (MDVSA-2014:133)
Updated gd and libgd packages fix security vulnerability : The gdImageCreateFromXpm function in gdxpm.c in the gd image library allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted color table in an XPM file CVE-2014-2497. %NASLMINLEVEL...
CVE-2014-2497
The gdImageCreateFromXpm function in gdxpm.c in libgd, as used in PHP 5.4.26 and earlier, allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted color table in an XPM file...
Null pointer dereference
The gdImageCreateFromXpm function in gdxpm.c in libgd, as used in PHP 5.4.26 and earlier, allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted color table in an XPM file...
CVE-2014-2497
The gdImageCreateFromXpm function in gdxpm.c in libgd, as used in PHP 5.4.26 and earlier, allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted color table in an XPM file...
CVE-2014-2497
The gdImageCreateFromXpm function in gdxpm.c in libgd, as used in PHP 5.4.26 and earlier, allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted color table in an XPM file...
PHP "gdImageCreateFromXpm()"空指针间接引用漏洞
CVE ID: CVE-2014-2497 PHP是一种HTML内嵌式的语言。 PHP 5.4.26、5.5.10版本在 "gdImageCreateFromXpm" 函数 ext/gd/libgd/gdxpm.c的实现上存在空指针间接引用错误,攻击者通过特制的XPM文件,利用此漏洞可造成崩溃。 0 PHP PHP 5.5.10 PHP PHP 5.4.26 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.php.net/downloads.php https://bugs.php.net/bug.php?id=669...