SUSE SLES12 Security Update : php5 (SUSE-SU-2020:1714-1)

This update for php5 fixes the following issues : CVE-2020-7064: Fixed a one byte read of uninitialized memory in exifreaddata bsc1168326. CVE-2020-7066: Fixed URL truncation getheaders if the URL contains zero \0 character bsc1168352. CVE-2019-11048: Improved the handling of overly long filename...

Debian: Security Advisory (DLA-2261-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DLA-2261-1 : php5 security update

It has been discovered, that a vulnerability in php5, a server-side, HTML-embedded scripting language, could lead to exhausted disk space on the server. When using overly long filenames or field names, a memory limit could be hit which results in stopping the upload but not cleaning up behind...

[SECURITY] [DLA 2261-1] php5 security update

Package : php5 Version : 5.6.40+dfsg-0+deb8u12 CVE ID : CVE-2019-11048 It has been discovered, that a vulnerability in php5, a server-side, HTML-embedded scripting language, could lead to exhausted disk space on the server. When using overly long filenames or field names, a memory limit could be...

DLA-2261-1 php5 - security update

Bulletin has no description...

SUSE-SU-2020:1714-1 Security update for php5

This update for php5 fixes the following issues: - CVE-2020-7064: Fixed a one byte read of uninitialized memory in exifreaddata bsc1168326. - CVE-2020-7066: Fixed URL truncation getheaders if the URL contains zero \0 character bsc1168352. - CVE-2019-11048: Improved the handling of overly long...

Ubuntu: Security Advisory (USN-4375-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DLA-2188-1 : php5 security update

Three issues have been found in php5, a server-side, HTML-embedded scripting language. CVE-2020-7064 A one byte out-of-bounds read, which could potentially lead to information disclosure or crash. CVE-2020-7066 An URL containing zero \0 character will be truncated at it, which may cause some...

Debian: Security Advisory (DLA-2188-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 2188-1] php5 security update

Package : php5 Version : 5.6.40+dfsg-0+deb8u11 CVE ID : CVE-2020-7064 CVE-2020-7066 CVE-2020-7067 Three issues have been found in php5, a server-side, HTML-embedded scripting language. CVE-2020-7064 A one byte out-of-bounds read, which could potentially lead to information disclosure or crash...

DLA-2188-1 php5 - security update

Bulletin has no description...

Debian DLA-2160-1 : php5 security update

Two security issues have been identified and fixed in php5, a server-side, HTML-embedded scripting language. CVE-2020-7062 is about a possible NULL pointer derefernce, which would likely lead to a crash, during a failed upload with progress tracking. CVE-2020-7063 is about wrong file permissions ...

Debian: Security Advisory (DLA-2160-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 2160-1] php5 security update

Package : php5 Version : 5.6.40+dfsg-0+deb8u10 CVE ID : CVE-2020-7062 CVE-2020-7063 Two security issues have been identified and fixed in php5, a server-side, HTML-embedded scripting language. CVE-2020-7062 is about a possible null pointer derefernce, which would likely lead to a crash, during a...

DLA-2160-1 php5 - security update

Bulletin has no description...

SUSE SLES12 Security Update : php5 (SUSE-SU-2020:0658-1)

This update for php5 fixes the following issues : CVE-2020-7062: Fixed a NULL pointer dereference when using file upload functionality under specific circumstances bsc1165280. CVE-2020-7063: Fixed an issue where adding files change the permissions to default bsc1165289. Note that Tenable Network...

SUSE-SU-2020:0658-1 Security update for php5

This update for php5 fixes the following issues: - CVE-2020-7062: Fixed a null pointer dereference when using file upload functionality under specific circumstances bsc1165280. - CVE-2020-7063: Fixed an issue where adding files change the permissions to default bsc1165289...

CVE-2015-7341

JNews Joomla Component before 8.5.0 allows arbitrary File Upload via Subscribers or Templates, as demonstrated by the .php5 extension...

Design/Logic Flaw

JNews Joomla Component before 8.5.0 allows arbitrary File Upload via Subscribers or Templates, as demonstrated by the .php5 extension...

CVE-2015-7341

JNews Joomla Component before 8.5.0 allows arbitrary File Upload via Subscribers or Templates, as demonstrated by the .php5 extension...