654 matches found
DLA-628-1 php5 - security update
Bulletin has no description...
CVE-2016-7411
ext/standard/varunserializer.re in PHP before 5.6.26 mishandles object-deserialization failures, which allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via an unserialize call that references a partially constructed object...
PHP 'bcmath.c' Multiple Local Heap Overflow Vulnerabilities
No description provided by source...
Internet Bug Bounty: integer overflow in recode_string caused heap corruption
https://bugs.php.net/bug.php?id=73016...
Internet Bug Bounty: integer overflow in pg_escape_bytea caused heap corruption
Please check: https://bugs.php.net/bug.php?id=72893...
CVE-2016-7133
Zend/zendalloc.c in PHP 7.x before 7.0.10, when openbasedir is enabled, mishandles huge realloc operations, which allows remote attackers to cause a denial of service integer overflow or possibly have unspecified other impact via a long pathname...
CVE-2016-7133
Zend/zendalloc.c in PHP 7.x before 7.0.10, when openbasedir is enabled, mishandles huge realloc operations, which allows remote attackers to cause a denial of service integer overflow or possibly have unspecified other impact via a long pathname...
CVE-2016-5094
Integer overflow in the phphtmlentities function in ext/standard/html.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering a large output string from the htmlspecialchars function...
CVE-2016-6291
Removed by vendor...
SUSE-SU-2016:1842-1 Security update for php5
This update for php5 fixes the following issues: It is possible to launch a web server with 'php -S localhost:8080' It used to be possible to set an arbitrary $HTTPPROXY environment variable for request handlers -- like CGI scripts -- by including a specially crafted HTTP header in the request...
Fedora 24 : php (2016-ec372bddb9)
23 Jun 2016, PHP 5.6.23 Core: - Fixed bug php72275 Integer Overflow in jsonencode/jsondecode/jsonutf8toutf16. Stas - Fixed bug php72400 Integer Overflow in addcslashes/addslashes. Stas - Fixed bug php72403 Integer Overflow in Length of String-typed ZVAL. Stas GD: - Fixed bug php72298 pass2nodithe...
Internet Bug Bounty: pass2_no_dither out-of-bounds access
Bug: https://bugs.php.net/bug.php?id=72298 Reported on 2016-05-31 Patch: http://git.php.net/?p=php-src.git;a=commit;h=e9ac8954be9f7d988189df44578d759ffdea3512 Fixed for PHP 5.5.37 security only mode http://php.net/ChangeLog-5.php5.5.37 Fixed for PHP 5.6.23 http://php.net/ChangeLog-5.php5.6.23 Fix...
SUSE-SU-2016:1638-1 Security update for php53
This update for php53 to version 5.3.17 fixes the following issues: These security issues were fixed: - CVE-2016-5093: geticuvalueinternal out-of-bounds read bnc982010. - CVE-2016-5094: Don't create strings with lengths outside int range bnc982011. - CVE-2016-5095: Don't create strings with lengt...
Internet Bug Bounty: Integer Overflow in php_html_entities()
This bug report at https://bugs.php.net/bug.php?id=72135, and fixed in: https://github.com/php/php-src/commit/41fc3c76e97a36ff3b505da7d704ca17bb171fdf https://github.com/php/php-src/commit/0da8b8b801f9276359262f1ef8274c7812d3dfda...
CVE-2016-4544
The exifprocessTIFFinJPEG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not validate TIFF start data, which allows remote attackers to cause a denial of service out-of-bounds read or possibly have unspecified other impact via crafted header data...
CVE-2016-4544
The exifprocessTIFFinJPEG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not validate TIFF start data, which allows remote attackers to cause a denial of service out-of-bounds read or possibly have unspecified other impact via crafted header data...
CVE-2016-4343
The pharmakedirstream function in ext/phar/dirstream.c in PHP before 5.6.18 and 7.x before 7.0.3 mishandles zero-size ././@LongLink files, which allows remote attackers to cause a denial of service uninitialized pointer dereference or possibly have unspecified other impact via a crafted TAR archi...
CVE-2016-4342
Removed by vendor...
CVE-2015-4598
PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read or write to arbitrary files via crafted input to an application that calls 1 a DOMDocument save method or 2 the GD imagepsloadfont function...
CVE-2015-3411
PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read or write to arbitrary files via crafted input to an application that calls 1 a DOMDocument load method, 2 the xmlwriteropenuri function, 3 t...