DLA-1509-1 php5 - security update

Bulletin has no description...

USN-3766-1: PHP vulnerabilities

It was discovered that PHP incorrectly handled restarting certain child processes when php-fpm is used. A remote attacker could possibly use this issue to cause a denial of service. This issue was only addressed in Ubuntu 18.04 LTS. CVE-2015-9253 It was discovered that PHP incorrectly handled...

openSUSE: Security Advisory for php5 (openSUSE-SU-2018:2694-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE Security Update : php5 (openSUSE-2018-998)

This update for php5 fixes the following issues : The following security issues were fixed : - CVE-2018-10360: Fixed an out-of-bounds read in the docorenote function in readelf.c in libmagic.a, which allowed remote attackers to cause a denial of service via a crafted ELF file bsc1096984 -...

Security update for php5 (moderate)

This update for php5 fixes the following issues: The following security issues were fixed: - CVE-2018-10360: Fixed an out-of-bounds read in the docorenote function in readelf.c in libmagic.a, which allowed remote attackers to cause a denial of service via a crafted ELF file bsc1096984 -...

SUSE-SU-2018:2682-1 Security update for php5

This update for php5 fixes the following issues: The following security issues were fixed: - CVE-2018-10360: Fixed an out-of-bounds read in the docorenote function in readelf.c in libmagic.a, which allowed remote attackers to cause a denial of service via a crafted ELF file bsc1096984 -...

Debian: Security Advisory (DLA-1490-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 1490-1] php5 security update

Package : php5 Version : 5.6.37+dfsg-0+deb8u1 CVE ID : CVE-2018-14851 CVE-2018-14883 Debian Bug : 890266 Two vulnerabilities have been discovered in php5, a server-side, HTML-embedded scripting language. One CVE-2018-14851 results in a potential denial of service out-of-bounds read and applicatio...

DLA-1490-1 php5 - security update

Bulletin has no description...

Remote code execution

The websites that were built from Zeta Producer Desktop CMS before 14.2.1 are vulnerable to unauthenticated remote code execution due to a default component that permits arbitrary upload of PHP files, because the formmailer widget blocks .php files but not .php5 or .phtml files. This is related t...

[SECURITY] [DLA 1397-1] php5 security update

Package : php5 Version : 5.6.36+dfsg-0+deb8u1 CVE ID : CVE-2018-7584 CVE-2018-10545 CVE-2018-10546 CVE-2018-10547 CVE-2018-10548 CVE-2018-10549 Several vulnerabilities were found in PHP, a widely-used open source general purpose scripting language: CVE-2018-7584 A stack-buffer-overflow while...

DLA-1397-1 php5 - security update

Bulletin has no description...

Security Bulletin: Multiple vulnerabilities in php5 affect IBM Flex System Manager (FSM) (CVE-2017-9227, CVE-2017-9226 CVE-2017-9224)

Summary Multiple vulnerabilities have been identified in php5 that is embedded in the FSM. This bulletin addresses these vulnerabilities. Vulnerability Details CVEID: CVE-2017-9227 DESCRIPTION: Oniguruma is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by...

Security Bulletin: IBM Flex System Manager (FSM) is affected by a php5 vulnerability (CVE-2016-10158)

Summary A vulnerability has been identified in php5 that is embedded in the IBM FSM. This bulletin addresses the vulnerability. Vulnerability Details CVEID: CVE-2016-10158 DESCRIPTION: PHP is vulnerable to a denial of service, caused by an off-by-one error in exifconvertanytoint function in...

Security Bulletin: IBM Flex System Manager (FSM) is affected by php5 vulnerabilities (CVE-2016-9933, CVE-2016-9935)

Summary Multiple security vulnerabilities have been identified in php5 that is embedded in IBM FSM. This bulletin addresses these issues. Vulnerability Details CVEID: CVE-2016-9933 DESCRIPTION: GD Graphics Library libgd as used in PHP is vulnerable to a denial of service, caused by a stack...

Security Bulletin: IBM Flex System Manager (FSM) is affected by multiple php5 vulnerabilities (CVE-2016-6911, CVE-2016-8670)

Summary Multiple security vulnerabilities have been identified in php5 that is embedded in IBM FSM. This bulletin addresses these issues. Vulnerability Details CVEID: CVE-2016-6911 DESCRIPTION: libgd2 - GD Graphics Library is vulnerable to a denial of service, caused by a missing check for...

Security Bulletin: Multiple vulnerabilities in php5 affect IBM Flex System Manager (FSM) (CVE-2015-6836, CVE-2015-6837, CVE-2015-6838)

Summary Multiple security vulnerabilities have been discovered in php5 that is embedded in the IBM FSM. This bulletin addresses these vulnerabilities. Vulnerability Details CVEID: CVE-2015-6836 DESCRIPTION: PHP could allow a remote attacker to execute arbitrary code on the system, caused by a typ...

Security update for php5 (important)

This update for php5 fixes the following issues: Security issues fixed: - CVE-2018-10545: Fix access controls in FPM child processes bsc1091367. - CVE-2018-10547: Fix Reflected XSS on the PHAR 403 and 404 error pages bsc1091362. - CVE-2018-10546: Fix an infinite loop exists in ext/iconv/iconv.c...

openSUSE Security Update : php5 (openSUSE-2018-465)

This update for php5 fixes the following issues : Security issues fixed : - CVE-2018-10545: Fix access controls in FPM child processes bsc1091367. - CVE-2018-10547: Fix Reflected XSS on the PHAR 403 and 404 error pages bsc1091362. - CVE-2018-10546: Fix an infinite loop exists in ext/iconv/iconv.c...

openSUSE: Security Advisory for php5 (openSUSE-SU-2018:1317-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...