Debian: Security Advisory (DSA-3783-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DLA-818-1 php5 - security update

Bulletin has no description...

PHP LibGD Heap Buffer Overflow Exploit

Proof of concept exploit for CVE-2016-3074 targeting Ubuntu 15.10 x86-64 with php5-gd and php5-fpm running behind nginx. !/usr/bin/env python2 PoC for CVE-2016-3074 targeting Ubuntu 15.10 x86-64 with php5-gd and php5-fpm running behind nginx. ,---- | $ python exploit.py --bind-port 5555...

PHP LibGD Heap Buffer Overflow

!/usr/bin/env python2 PoC for CVE-2016-3074 targeting Ubuntu 15.10 x86-64 with php5-gd and php5-fpm running behind nginx. ,---- | $ python exploit.py --bind-port 5555 http://1.2.3.4/upload.php | this may take a while | offset 912 of 10000... | + connected to 1.2.3.4:5555 | id | uid=33www-data...

openSUSE Security Update : php5 (openSUSE-2017-62)

This update for php5 fixes the following issues : - CVE-2016-9933 Possible stack overflow on truecolor images handling bsc1015187 - CVE-2016-9934 Dereference from NULL pointer could lead to crash bsc1015188 - CVE-2016-9935 Invalid read could lead to crash bsc1015189 This update was imported from...

SUSE-SU-2017:0038-1 Security update for php5

This update for php5 fixes the following issues: CVE-2016-9933 Possible stack overflow on truecolor images handling bsc1015187 CVE-2016-9934 Dereference from NULL pointer could lead to crash bsc1015188 CVE-2016-9935 Invalid read could lead to crash bsc1015189...

openSUSE Security Update : php5 (openSUSE-2016-1505)

This security update for php5 fixes the following issues : - a call to ImageFillToBorder could cause a stack overflow leading to stack exhaustion when the image used was not truecolor CVE-2016-9933, boo1015187 - deserialization of a WDDX packet containing a PDORow object could crash php...

DLA-758-1 libgd2 - security update

Bulletin has no description...

Debian DLA-758-1 : libgd2 security update

It was discovered that invalid color causes stack exhaustion by recursive call to function gdImageFillToBorder when the image used is truecolor. The vulnerability can be exploited through php5 which uses system's libgd2 library through the imagefilltoborder PHP function to cause denial of service...

Debian DSA-3737-1 : php5 - security update

Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development. The vulnerabilities are addressed by upgrading PHP to the new upstream version 5.6.29, which includes additional bug fixes. Please refer to the upstream changelog for mor...

[SECURITY] [DLA 749-1] php5 security update

Package : php5 Version : 5.4.45-0+deb7u6 CVE ID : CVE-2016-5385 CVE-2016-7124 CVE-2016-7128 CVE-2016-7129 CVE-2016-7130 CVE-2016-7131 CVE-2016-7132 CVE-2016-7411 CVE-2016-7412 CVE-2016-7413 CVE-2016-7414 CVE-2016-7416 CVE-2016-7417 CVE-2016-7418 CVE-2016-5385 PHP through 7.0.8 does not attempt to...

Debian Security Advisory DSA 3737-1 (php5 - security update)

Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development. The vulnerabilities are addressed by upgrading PHP to the new upstream version 5.6.29, which includes additional bug fixes. Please refer to the upstream changelog for mor...

DLA-749-1 php5 - security update

Bulletin has no description...

Debian: Security Advisory (DSA-3737-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-3732-1 : php5 - security update

Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development. The vulnerabilities are addressed by upgrading PHP to the new upstream version 5.6.28, which includes additional bug fixes. Please refer to the upstream changelog for mor...

[SECURITY] [DSA 3732-1] php5 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3732-1 [email protected] https://www.debian.org/security/ Sebastien Delafond December 13, 2016 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3732-1] php5 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3732-1 [email protected] https://www.debian.org/security/ Sebastien Delafond December 13, 2016 https://www.debian.org/security/faq -...

openSUSE Security Update : php5 (openSUSE-2016-1449)

This update for php5 fixes the following issues : - CVE-2016-9137: Use After Free in unserialize bsc1008029 - CVE-2016-5773: ZipArchive class Use After Free Vulnerability in PHP's GC bsc986247 This update was imported from the SUSE:SLE-12:Update update project. %NASLMINLEVEL 70300 C Tenable Netwo...

Debian Security Advisory DSA 3732-1 (php5 - security update)

Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development. The vulnerabilities are addressed by upgrading PHP to the new upstream version 5.6.28, which includes additional bug fixes. Please refer to the upstream changelog for mor...

SUSE SLED12 / SLES12 Security Update : php5 (SUSE-SU-2016:2975-1)

This update for php5 fixes the following issues : - CVE-2016-9137: Use After Free in unserialize bsc1008029 - CVE-2016-5773: ZipArchive class Use After Free Vulnerability in PHP's GC bsc986247 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE...