66 matches found
RHSA-2015:1186 Red Hat Security Advisory: php55-php security update
Bulletin has no description...
RHSA-2015:1053 Red Hat Security Advisory: php55 security and bug fix update
Bulletin has no description...
Oracle Linux 6 / 7 : php55 (ELSA-2015-1053)
The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-1053 advisory. - core: fix use-after-free vulnerability in the processnesteddata function unserialize CVE-2015-2787 - core: fix NUL byte injection in file name...
Oracle Linux 7 : php55-php (ELSA-2015-1186)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-1186 advisory. - core: fix multipart/form-data request can use excessive amount of CPU usage CVE-2015-4024 - fix various functions accept paths with NUL character...
Amazon Linux AMI : php55-pecl-imagick (ALAS-2023-1812)
The version of php55-pecl-imagick installed on the remote host is prior to 3.4.4-2.15. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1812 advisory. ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds....
Critical: php55-pecl-memcached
Issue Overview: PHP-Memcached v2.2.0 and below contains an improper NULL termination which allows attackers to execute CLRF injection. CVE-2022-26635 Affected Packages: php55-pecl-memcached Issue Correction: Run yum update php55-pecl-memcached or yum update --advisory ALAS-2023-1671 to update you...
Amazon Linux AMI : php55-pecl-memcached (ALAS-2023-1671)
The version of php55-pecl-memcached installed on the remote host is prior to 2.2.0-5.17. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1671 advisory. PHP-Memcached v2.2.0 and below contains an improper NULL termination which allows attackers to execute CLRF injectio...
Amazon Linux AMI : php54-pecl-imagick / php55-pecl-imagick,php56-pecl-imagick,php70-pecl-imagick,php71-pecl-imagick,php72-pecl-imagick (ALAS-2019-1237)
In PHP imagick extension, writing to an array of values in ImagickKernel::fromMatrix function did not check that the address will be within the allocated array. This could lead to out of bounds write to memory if the function is called with the data controlled by untrusted party. CVE-2019-11037 C...
Arbitrary Code Execution
php55 is vulnerable to arbitrary code execution attacks. The vulnerability exists as a use-after-free vulnerability in the processnesteddata function in ext/standard/varunserializer.re in PHP before 5.4.36, 5.5.x before 5.5.20, and 5.6.x before 5.6.4 allows remote attackers to execute arbitrary...
Amazon Linux: Security Advisory (ALAS-2016-707)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux: Security Advisory (ALAS-2016-728)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux AMI : php55 (ALAS-2016-707)
The following security-related issues were resolved : Out-of-bounds read in imagescale CVE-2013-7456 Integer underflow causing arbitrary null write in fread/gzread CVE-2016-5096 The pharmakedirstream function in ext/phar/dirstream.c in PHP before 5.6.18 and 7.x before 7.0.3 mishandles zero-size...
Medium: php55
Issue Overview: The following security-related issues were resolved: Out-of-bounds read in imagescale CVE-2013-7456 Integer underflow causing arbitrary null write in fread/gzread CVE-2016-5096 The pharmakedirstream function in ext/phar/dirstream.c in PHP before 5.6.18 and 7.x before 7.0.3...
Amazon Linux: Security Advisory (ALAS-2016-698)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux: Security Advisory (ALAS-2016-685)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux AMI : php56 / php55 (ALAS-2016-698)
The following security-related issues were resolved : Buffer over-write in finfoopen with malformed magic file CVE-2015-8865 Signedness vulnerability causing heap overflow in libgd CVE-2016-3074 Integer overflow in phprawurlencode CVE-2016-4070 Format string vulnerability in phpsnmperror...
Amazon Linux AMI : php56 / php55 (ALAS-2016-685)
A stack overflow vulnerability was reported that may occur when decompressing tar archives due to phartarwriteheaders potentially copying non-terminated linknames from entries parsed by pharparsetarfile. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...
Medium: php56, php55
Issue Overview: A stack overflow vulnerability was reported that may occur when decompressing tar archives due to phartarwriteheaders potentially copying non-terminated linknames from entries parsed by pharparsetarfile. Affected Packages: php56, php55 Issue Correction: Run yum update php56 or yum...
Oracle: Security Advisory (ELSA-2015-1186)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle: Security Advisory (ELSA-2015-1053)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...