SuSE 11.2 / 11.3 Security Update : PHP5 (SAT Patch Numbers 8087 / 8088)

The following security issues have been fixed : - bnc828020:. CVE-2013-4635 - Integer overflow in SdnToJewish - bnc829207:. CVE-2013-4113 - heap corruption due to badly formed xml %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

SuSE 11.2 Security Update : PHP5 (SAT Patch Number 8086)

The following security issues have been fixed : - bnc828020:. CVE-2013-4635 - Integer overflow in SdnToJewish - bnc807707:. CVE-2013-1635 / CVE-2013-1643 - reading system files via untrusted SOAP input - soap.wsdlcachedir function did not honour PHP openbasedir - bnc829207:. CVE-2013-4113 - heap...

Ubuntu: Security Advisory (USN-1905-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu Update for php5 USN-1905-1

Check for the Version of php5 OpenVAS Vulnerability Test $Id: gbubuntuUSN19051.nasl 8650 2018-02-03 12:16:59Z teissa $ Ubuntu Update for php5 USN-1905-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you...

SuSE 10 Security Update : PHP5 (ZYPP Patch Number 8647)

The following security issues have been fixed : - bnc828020: o Integer overflow in SdnToJewish. CVE-2013-4635 - bnc807707: o reading system files via untrusted SOAP input o soap.wsdlcachedir function did not honour PHP openbasedir. CVE-2013-1635 / CVE-2013-1643 - bnc829207: o heap corruption due ...

Debian DSA-2723-1 : php5 - heap corruption

It was discovered that PHP could perform an invalid free request when processing crafted XML documents, corrupting the heap and potentially leading to arbitrary code execution. Depending on the PHP application, this vulnerability could be exploited remotely. %NASLMINLEVEL 70300 C Tenable Network...

[SECURITY] [DSA 2723-1] php5 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2723-1 [email protected] http://www.debian.org/security/ Florian Weiemr July 17, 2013 http://www.debian.org/security/faq -...

FreeBSD : PHP5 -- Integer overflow in Calendar module (5def3175-f3f9-4476-ba40-b46627cc638c)

The PHP development team reports : Integer overflow in the SdnToJewish function in jewish.c in the Calendar component in PHP before 5.3.26 and 5.4.x before 5.4.16 allows context-dependent attackers to cause a denial of service application hang via a large argument to the jdtojewish function...

Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.04 : php5 vulnerabilities (USN-1905-1)

It was discovered that PHP incorrectly handled the xmlparseintostruct function. If a PHP application parsed untrusted XML, an attacker could use this flaw with a specially crafted XML document to cause PHP to crash, resulting in a denial of service, or to possibly execute arbitrary code...

FreeBSD : PHP5 -- Heap corruption in XML parser (31b145f2-d9d3-49a9-8023-11cf742205dc)

The PHP development team reports : ext/xml/xml.c in PHP before 5.3.27 does not properly consider parsing depth, which allows remote attackers to cause a denial of service heap memory corruption or possibly have unspecified other impact via a crafted document that is processed by the...

Debian Security Advisory DSA 2723-1 (php5 - heap corruption)

It was discovered that PHP could perform an invalid free request when processing crafted XML documents, corrupting the heap and potentially leading to arbitrary code execution. Depending on the PHP application, this vulnerability could be exploited remotely. OpenVAS Vulnerability Test $Id:...

DSA-2723-1 php5 - heap corruption

Bulletin has no description...

Debian: Security Advisory (DSA-2723-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-1872-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu Update for php5 USN-1872-1

Check for the Version of php5 OpenVAS Vulnerability Test $Id: gbubuntuUSN18721.nasl 8466 2018-01-19 06:58:30Z teissa $ Ubuntu Update for php5 USN-1872-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you...

Ubuntu 13.04 : php5 vulnerability (USN-1872-1)

It was discovered that PHP incorrectly handled the quotedprintableencode function. An attacker could use this flaw to cause PHP to crash, resulting in a denial of service, or to possibly execute arbitrary code. Note that Tenable Network Security has extracted the preceding description block...

FreeBSD : php5 -- Heap based buffer overflow in quoted_printable_encode (59e7163c-cf84-11e2-907b-0025905a4770)

The PHP development team reports : A Heap-based buffer overflow flaw was found in the php quotedprintableencode function. A remote attacker could use this flaw to cause php to crash or execute arbitrary code with the permission of the user running php %NASLMINLEVEL 70300 C Tenable Network Securit...

PHP5 -- Integer overflow in Calendar module

The PHP development team reports: Integer overflow in the SdnToJewish function in jewish.c in the Calendar component in PHP before 5.3.26 and 5.4.x before 5.4.16 allows context-dependent attackers to cause a denial of service application hang via a large argument to the jdtojewish function...

FreeBSD : php5 -- Multiple vulnerabilities (1d23109a-9005-11e2-9602-d43d7e0c7c02)

The PHP development team reports : PHP does not validate the relationship between the soap.wsdlcachedir directive and the openbasedir directive, which allows remote attackers to bypass intended access restrictions by triggering the creation of cached SOAP WSDL files in an arbitrary directory. The...

Ubuntu Update for php5 USN-1761-1

Check for the Version of php5 OpenVAS Vulnerability Test $Id: gbubuntuUSN17611.nasl 7958 2017-12-01 06:47:47Z santu $ Ubuntu Update for php5 USN-1761-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you...