EUVD-2016-2996

Malware in sbrugna...

Ubuntu: Security Advisory (USN-2952-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 15.10 : php5 regression (USN-2952-2)

USN-2952-1 fixed vulnerabilities in PHP. One of the backported patches caused a regression in the PHP Soap client. This update fixes the problem. We apologize for the inconvenience. It was discovered that the PHP Zip extension incorrectly handled directories when processing certain zip files. A...

Ubuntu 14.04 LTS : PHP vulnerabilities (USN-2952-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2952-1 advisory. It was discovered that the PHP Zip extension incorrectly handled directories when processing certain zip files. A remote attacker could possibly use this...

Amazon Linux: Security Advisory (ALAS-2016-640)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2016-1903

CVE-2016-1903 affects PHP’s gdImageRotateInterpolated in ext/gd/libgd/gd_interpolation.c. Affected are PHP before 5.5.31, 5.6.x before 5.6.17, and 7.x before 7.0.2. A large bgd_color argument to imagerotate allows remote attackers to perform an out-of-bounds read, potentially disclosing memory co...

Amazon Linux AMI : php56 / php55 (ALAS-2016-640)

The imagerotate function lacked validation of the background color variable, an integer which represents an index of the color palette. A number larger than the length of the color palette could be used in the function, reading beyond the memory of the color palette and causing an information lea...

Medium: php56, php55

Issue Overview: The imagerotate function lacked validation of the background color variable, an integer which represents an index of the color palette. A number larger than the length of the color palette could be used in the function, reading beyond the memory of the color palette and causing an...

Internet Bug Bounty: Arbitary Memory Read via gdImageRotateInterpolated Array Index Out of Bounds

1Bug report at: https://bugs.php.net/bug.php?id=70976&edit=2 2 Patch submitted: https://www.dropbox.com/s/rr5xti66cpt17mn/gdinterpolation.patch?dl=0 3 Issue has been fixed in PHP 5.5.31, 5.6.17, 7.0.2 ---Vuln Description-- This is the function prototype for ImageRotate: resource imagerotate...

PHP <= 5.2.8 gd library - imageRotate() Information Leak Vulnerability

No description provided by source. PHP - gd library - imageRotatefunction Information Leak Vulnerability Discovered by: Hamid Ebadi, Further research and exploit: Mohammad R. Roohian CSIRT Team Members Amirkabir University APA Laboratory Introduction PHP is a popular web programming language whic...

Scientific Linux Security Update : php on SL3.x, SL4.x, SL5.x i386/x86_64

A heap-based buffer overflow flaw was found in PHP's mbstring extension. A remote attacker able to pass arbitrary input to a PHP script using mbstring conversion functions could cause the PHP interpreter to crash or, possibly, execute arbitrary code. CVE-2008-5557 A flaw was found in the handling...

PHP <5.2.8 imageRotate()未初始化内存信息泄露漏洞

No description provided by source...

PHP imageRotate 函数信息泄露漏洞

No description provided by source...

SuSE 10 Security Update : PHP5 (ZYPP Patch Number 6069)

Missing bounds checks of an error in the imageRotate function of the gd extension potentially allowed attackers to read portions of memory. CVE-2008-5498 The mbstring.funcoverload in .htaccess was applied to other virtual hosts on th same machine. CVE-2009-0754 %NASLMINLEVEL 70300 C Tenable Netwo...

openSUSE Security Update : apache2-mod_php5 (apache2-mod_php5-593)

php 5.1.9 fixes among other things some security issues : - Missing bounds checks of an error in the imageRotate function of the gd extension potentially allowed attackers to read portions of memory CVE-2008-5498. - the mbstring.funcoverload in .htaccess was applied to other virtual hosts on th...

Mandriva Linux Security Advisory : php (MDVSA-2009:021)

A buffer overflow in the imageloadfont function in PHP allowed context-dependent attackers to cause a denial of service crash and potentially execute arbitrary code via a crafted font file CVE-2008-3658. A buffer overflow in the memnstr function allowed context-dependent attackers to cause a deni...

php security update

CentOS Errata and Security Advisory CESA-2009:0337 Updated php packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting...

php: libgd imagerotate() array index error memory disclosure

Array index error in the imageRotate function in PHP 5.2.8 and earlier allows context-dependent attackers to read the contents of arbitrary memory locations via a crafted value of the third argument aka the bgdcolor or clrBack argument for an indexed image...

php: libgd imagerotate() array index error memory disclosure

Array index error in the imageRotate function in PHP 5.2.8 and earlier allows context-dependent attackers to read the contents of arbitrary memory locations via a crafted value of the third argument aka the bgdcolor or clrBack argument for an indexed image...

openSUSE 10 Security Update : apache2-mod_php5 (apache2-mod_php5-6068)

php 5.1.9 fixes among other things some security issues : - Missing bounds checks of an error in the imageRotate function of the gd extension potentially allowed attackers to read portions of memory CVE-2008-5498. - the mbstring.funcoverload in .htaccess was applied to other virtual hosts on th...