php: Fix of 4 CVEs

CVE-2018-14883: fix integer overflow leading to heap buffer overflow in exifthumbnailextract - CVE-2019-19246: fix heap buffer overflow in oniguruma strlowercasematch - CVE-2018-19518: disable imap rsh/ssh by default to prevent argument injection imap.enableinsecurersh INI added - CVE-2018-20783:...

MiracleLinux 8 : php:7.3 (AXSA:2020-779:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-779:01 advisory. php: Out-of-bounds read due to integer overflow in iconvmimedecodeheaders CVE-2019-11039 php: Buffer over-read in exifreaddata CVE-2019-11040 php:...

EUVD-2016-1347

Malware in sbrugna...

EUVD-2015-2873

Malware in sbrugna...

EUVD-2020-23919

Malware in sbrugna...

EUVD-2016-1348

Malware in sbrugna...

EUVD-2017-2782

Malware in sbrugna...

EUVD-2016-5342

Malware in sbrugna...

EUVD-2016-8267

Malware in sbrugna...

CVE-2020-36388

In CiviCRM before 5.21.3 and 5.22.x through 5.24.x before 5.24.3, users may be able to upload and execute a crafted PHAR archive...

WordPress Drag and Drop Multiple File Upload for Contact Form 7 plugin <= 1.3.8.7 - Unauthenticated PHP Object Injection via PHAR to Arbitrary File Deletion vulnerability

Unauthenticated PHP Object Injection via PHAR to Arbitrary File Deletion vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Drag and Drop Multiple File Upload – Contact Form 7 versions = 1.3.8.7...

Deserialization Of Untrusted Data

typo3/phar-stream-wrapper is vulnerable to Deserialization Of Untrusted Data. The vulnerability is due to improper handling of user-supplied Phar achive data before deserialization, which allows attackers to manipulate the serialized data to execute arbitrary code...

PT-2024-40410 · Apache +1 · Apache +1

Name of the Vulnerable Software and Affected Versions: eZ Platform and Legacy affected versions not specified Description: The issue is related to how uploaded PHP and PHAR files are handled. It consists of two parts: web server configuration and disabling the PHAR stream wrapper. The sample web...

BIT-PHP-2020-7063 Files added to tar with Phar::buildFromIterator have all-access permissions

In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when creating PHAR archive using PharData::buildFromIterator function, the files are added with default permissions 0666, or all access even if the original files on the filesystem were with more restrictive permissions...

php: phar Buffer mismanagement

A flaw was found in PHP that can lead to a buffer overflow and a stack information leak due to improper bounds checking within the phardirread function. This issue may allow an attacker to initiate memory corruption by compelling the application to open a specially crafted .phar archive, allowing...

CVE-2023-3824

A flaw was found in PHP that can lead to a buffer overflow and a stack information leak due to improper bounds checking within the phardirread function. This issue may allow an attacker to initiate memory corruption by compelling the application to open a specially crafted .phar archive, allowing...

UBUNTU-CVE-2023-3824

In PHP version 8.0. before 8.0.30, 8.1. before 8.1.22, and 8.2. before 8.2.8, when loading phar file, while reading PHAR directory entries, insufficient length checking may lead to a stack buffer overflow, leading potentially to memory corruption or RCE...

SUSE CVE-2015-2783

ext/phar/phar.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to obtain sensitive information from process memory or cause a denial of service buffer over-read and application crash via a crafted length value in conjunction with crafted serialized data ...

SUSE CVE-2015-3329

Multiple stack-based buffer overflows in the pharsetinode function in pharinternal.h in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allow remote attackers to execute arbitrary code via a crafted length value in a 1 tar, 2 phar, or 3 ZIP archive...

SUSE CVE-2016-4342

ext/phar/pharobject.c in PHP before 5.5.32, 5.6.x before 5.6.18, and 7.x before 7.0.3 mishandles zero-length uncompressed data, which allows remote attackers to cause a denial of service heap memory corruption or possibly have unspecified other impact via a crafted 1 TAR, 2 ZIP, or 3 PHAR archive...