13 matches found
K63914421: PHP vulnerability CVE-2016-5770
Security Advisory Description Integer overflow in the SplFileObject::fread function in spldirectory.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large integer argument, a...
K30363030: PHP vulnerability CVE-2016-5771
Security Advisory Description splarray.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to execute arbitrary code or cause a denial of service use-after-free and...
SUSE CVE-2016-5770
Integer overflow in the SplFileObject::fread function in spldirectory.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large integer argument, a related issue to CVE-2016-5096...
SUSE CVE-2016-5771
splarray.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to execute arbitrary code or cause a denial of service use-after-free and application crash via crafted...
CVE-2016-5771
splarray.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to execute arbitrary code or cause a denial of service use-after-free and application crash via crafted...
CVE-2016-5770
Integer overflow in the SplFileObject::fread function in spldirectory.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large integer argument, a related issue to CVE-2016-5096...
CVE-2016-5771
splarray.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to execute arbitrary code or cause a denial of service use-after-free and application crash via crafted...
EUVD-2016-6706
splarray.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to execute arbitrary code or cause a denial of service use-after-free and application crash via crafted...
CVE-2016-5771
CVE-2016-5771 affects the PHP SPL extension (spl_array.c) in PHP before 5.5.37 and 5.6.x before 5.6.23. The issue arises from how unserialize interacts with garbage collection, enabling remote attackers to trigger a use-after-free and cause a denial of service or potentially execute arbitrary cod...
CVE-2016-5771
splarray.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to execute arbitrary code or cause a denial of service use-after-free and application crash via crafted...
CVE-2016-5771
splarray.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to execute arbitrary code or cause a denial of service use-after-free and application crash via crafted...
PHP 5.4.x < 5.4.30 Multiple Vulnerabilities
According to its banner, the version of PHP 5.4.x installed on the remote host is a version prior to 5.4.30. It is, therefore, affected by the following vulnerabilities : - Boundary checking errors exist related to the Fileinfo extension, Composite Document Format CDF handling and the functions...
CVE-2011-0754
The SplFileInfo::getType function in the Standard PHP Library SPL extension in PHP before 5.3.4 on Windows does not properly detect symbolic links, which might make it easier for local users to conduct symlink attacks by leveraging cross-platform differences in the stat structure, related to lack...