Fedora 27 : php-horde-passwd (2017-e3fcecbae7)

passwd 5.0.7 - jan Officially support PHP 7. - jan SECURITY: Fix open redirects. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...

Internet Bug Bounty: Out-Of-Bounds Read in timelib_meridian()

Description While deserializing an invalid dateTime value, wddxdeserialize would result in a heap out-of-bounds read in timelibmeridian. As wddxdeserialize is exposed to network data, and sometimes echo the results back to client, this issue could potentially allow remote peeking of the process...

Fedora 25 : php-horde-passwd (2017-9d14020761)

passwd 5.0.7 - jan Officially support PHP 7. - jan SECURITY: Fix open redirects. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...

Fedora 25 : php-horde-nag (2017-f14c38d58f)

nag 4.2.17 - jan SECURITY: Fix unauthorized access to task exports. - jan Fix regression when exporting single tags to iCalendar CATEGORIES. - jan Officially support PHP 7. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system...

Fedora 26 : php-horde-passwd (2017-51b91fc4a9)

passwd 5.0.7 - jan Officially support PHP 7. - jan SECURITY: Fix open redirects. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...

Fedora 26 : php-horde-nag (2017-041ee90a8b)

nag 4.2.17 - jan SECURITY: Fix unauthorized access to task exports. - jan Fix regression when exporting single tags to iCalendar CATEGORIES. - jan Officially support PHP 7. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system...

WordPress Plugin Content Timeline - SQL Injection

WordPress Plugin Content Timeline - SQL Injection Exploit Title: Multiple Blind SQL Injections Wordpress Plugin: Content Timeline Google Dork: - Date: September 16, 2017 Exploit Author: Jeroen - ITNerdbox Vendor Homepage: http://www.shindiristudio.com/ Software Link:...

Internet Bug Bounty: PHP OpenSSL zif_openssl_seal() heap overflow (wild memcpy)

Description: A wild memcpy is discovered in the openssl package included in stable PHP release. During parsing a PEM certificate in opensslseal, an invalid key length is produced after parsing, eskl0 value is -1 after the call to EVPSealInit, subsequently causing a heap overflow via a wild memcpy...

Amazon Linux AMI : php70 (ALAS-2017-812)

Integer overflow in gdio.c in the GD Graphics Library aka libgd before 2.2.4 allows remote attackers to have unspecified impact via vectors involving the number of horizontal and vertical chunks in an image. CVE-2016-10168 In all versions of PHP 7, during the unserialization process, resizing the...

CVE-2016-7479

In all versions of PHP 7, during the unserialization process, resizing the 'properties' hash table of a serialized object may lead to use-after-free. A remote attacker may exploit this bug to gain arbitrary code execution...

Code injection

In all versions of PHP 7, during the unserialization process, resizing the 'properties' hash table of a serialized object may lead to use-after-free. A remote attacker may exploit this bug to gain arbitrary code execution...

CVE-2016-7479

Removed by vendor...

CVE-2016-7479

CVE-2016-7479 affects PHP 7, where during unserialization the resizing of the serialized object’s properties hash table can trigger a use-after-free. This is reported to allow a remote attacker to gain arbitrary code execution. The vulnerability is described across multiple advisories/document se...

CVE-2016-7479

In all versions of PHP 7, during the unserialization process, resizing the 'properties' hash table of a serialized object may lead to use-after-free. A remote attacker may exploit this bug to gain arbitrary code execution...

3 Critical Zero-Day Flaws Found in PHP 7 — One Remains Unpatched!

Three critical zero-day vulnerabilities have been discovered in PHP 7 that could allow an attacker to take complete control over 80 percent of websites which run on the latest version of the popular web programming language. The critical vulnerabilities reside in the unserialized mechanism in PHP...

PHP -- multiple vulnerabilities

Check Point reports: ... discovered 3 fresh and previously unknown vulnerabilities CVE-2016-7479, CVE-2016-7480, CVE-2016-7478 in the PHP 7 unserialize mechanism. The first two vulnerabilities allow attackers to take full control over servers, allowing them to do anything they want with the...

Internet Bug Bounty: Illegal write/read access caused by gdImageAALine overflow

Upstream Bug --- https://bugs.php.net/bug.php?id=72482 Summary --- Ilegal write/read access at gdImageSetAAPixelColor caused by gdImageAALine overflow. gdImageAALine tries to clip the limit values and fails because an integer overflow occurs while calculating the new line limits. PHP 5 is affecte...

PHP 7 Uninitialized Value Remote Code Execution

A Remote Code Execution vulnerability exists in PHP 7. A remote attacker can exploit this vulnerability by sending specially crafted input to the inf variable...

PHP 7 Unserialization Exception Infinite Loop Denial of Service (CVE-2016-7478)

A Denial of Service vulnerability exists in PHP 7. A remote attacker can exploit this vulnerability by sending specially crafted input to the unserialize function...

PHP 7 Unserialization Hash Table Resize Use After Free

A Use After Free vulnerability exists in PHP 7. A remote attacker can exploit this vulnerability by sending specially crafted input to the unserialize function...