K15761: Multiple PHP 5.x vulnerabilities

Security Advisory Description CVE-2014-2497 The gdImageCreateFromXpm function in gdxpm.c in libgd, as used in PHP 5.4.26 and earlier, allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted color table in an XPM file. CVE-2014-3597 Multipl...

PHP 5.3.x < 5.3.29, 5.4.x < 5.4.30, 5.5.x < 5.5.14, 5.6.0alpha1 < 5.6.0 Heap Based Buffer Overflow Vulnerability - Windows

PHP is prone to a heap-based buffer overflow vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if...

PHP 5.3.x < 5.3.29, 5.4.x < 5.4.30, 5.5.x < 5.5.14, 5.6.0alpha1 < 5.6.0 Heap Based Buffer Overflow Vulnerability - Linux

PHP is prone to a heap-based buffer overflow vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if...

CentOS 5 / 6 : php / php53 (CESA-2014:1326)

Updated php53 and php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6 respectively. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severi...

php, php53 security update

CentOS Errata and Security Advisory CESA-2014:1326 Updated php53 and php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6 respectively. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring...

Moderate: Red Hat Security Advisory: php53 and php security update

Updated php53 and php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6 respectively. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severi...

USN-2344-1: PHP vulnerabilities

It was discovered that the Fileinfo component in php5 contains an integer overflow. An attacker could use this flaw to cause a denial of service or possibly execute arbitrary code via a crafted CDF file. CVE-2014-3587 It was discovered that the phpparserr function contains multiple buffer...

CVE-2014-3597

CVE-2014-3597 involves multiple buffer overflows in the php_parserr function in ext/standard/dns.c of PHP. The issue affects PHP 5.4.x before 5.4.32 and 5.5.x before 5.5.16, enabling remote DNS servers to cause a denial of service (application crash) or potentially execute arbitrary code via a cr...

PHP php_parserr DNS_TXT Heap Buffer Overflow (CVE-2014-4049)

A heap buffer vulnerability exists in the phpparserr function in PHP. The vulnerability is due to an error in parsing malformed DNS TXT records. An attacker can exploit this vulnerability if the application uses the vulnerable function...