EUVD-2016-1350

Malware in sbrugna...

SUSE CVE-2016-7131

ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service NULL pointer dereference and application crash or possibly have unspecified other impact via a malformed wddxPacket XML document that is mishandled in a wddxdeserialize call, as...

SUSE CVE-2016-7413

Use-after-free vulnerability in the wddxstackdestroy function in ext/wddx/wddx.c in PHP before 5.6.26 and 7.x before 7.0.11 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a wddxPacket XML document that lacks an end-tag for a recordset field...

SUSE CVE-2016-7418

The phpwddxpushelement function in ext/wddx/wddx.c in PHP before 5.6.26 and 7.x before 7.0.11 allows remote attackers to cause a denial of service invalid pointer access and out-of-bounds read or possibly have unspecified other impact via an incorrect boolean element in a wddxPacket XML document,...

SUSE CVE-2016-9934

ext/wddx/wddx.c in PHP before 5.6.28 and 7.x before 7.0.13 allows remote attackers to cause a denial of service NULL pointer dereference via crafted serialized data in a wddxPacket XML document, as demonstrated by a PDORow string...

SUSE CVE-2016-9935

The phpwddxpushelement function in ext/wddx/wddx.c in PHP before 5.6.29 and 7.x before 7.0.14 allows remote attackers to cause a denial of service out-of-bounds read and memory corruption or possibly have unspecified other impact via an empty boolean element in a wddxPacket XML document...

SUSE CVE-2016-10162

The phpwddxpopelement function in ext/wddx/wddx.c in PHP 7.0.x before 7.0.15 and 7.1.x before 7.1.1 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via an inapplicable class name in a wddxPacket XML document, leading to mishandling in a...

The vulnerability of the ext/wddx/wddx.c component of the PHP interpreter allows a attacker to cause a service failure.

The vulnerability of the ext/wddx/wddx.c component of the PHP interpreter is related to the assignment of a null pointer. Exploiting this vulnerability can allow an attacker to cause a service failure by using specially created serialized data in an XML document called wddxPacket...

Mageia: Security Advisory (MGASA-2016-0422)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

php: NULL Pointer Dereference in WDDX Packet Deserialization with PDORow

ext/wddx/wddx.c in PHP before 5.6.28 and 7.x before 7.0.13 allows remote attackers to cause a denial of service NULL pointer dereference via crafted serialized data in a wddxPacket XML document, as demonstrated by a PDORow string...

php: Null pointer dereference when unserializing PHP object

The phpwddxpopelement function in ext/wddx/wddx.c in PHP 7.0.x before 7.0.15 and 7.1.x before 7.1.1 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via an inapplicable class name in a wddxPacket XML document, leading to mishandling in a...

php: Null pointer dereference in php_wddx_push_element

The phpwddxpushelement function in ext/wddx/wddx.c in PHP before 5.6.26 and 7.x before 7.0.11 allows remote attackers to cause a denial of service invalid pointer access and out-of-bounds read or possibly have unspecified other impact via an incorrect boolean element in a wddxPacket XML document,...

USN-3211-1 php7.0 vulnerabilities

It was discovered that PHP incorrectly handled certain invalid objects when unserializing data. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2016-7479 It was discovered that PHP incorrectly handled certain...

PHP Denial of Service Vulnerability (CNVD-2017-01943)

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. The language supports multiple syntaxes, multiple databases and operating systems, and support for C, C++ for program extensions and so on. A...

USN-3196-1 php5 vulnerabilities

It was discovered that PHP incorrectly handled certain arguments to the localegetdisplayname function. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2014-9912 It was discovered that PHP incorrectly handled...

UBUNTU-CVE-2016-10162

The phpwddxpopelement function in ext/wddx/wddx.c in PHP 7.0.x before 7.0.15 and 7.1.x before 7.1.1 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via an inapplicable class name in a wddxPacket XML document, leading to mishandling in a...

openSUSE Security Update : php5 (openSUSE-2016-1505)

This security update for php5 fixes the following issues : - a call to ImageFillToBorder could cause a stack overflow leading to stack exhaustion when the image used was not truecolor CVE-2016-9933, boo1015187 - deserialization of a WDDX packet containing a PDORow object could crash php...

Updated php packages fix security vulnerability

NULL Pointer Dereference in WDDX Packet Deserialization with PDORow in PHP before 5.6.28 CVE-2016-9934. Invalid read when wddx decodes empty boolean element in PHP before 5.6.29 CVE-2016-9935...

MGASA-2016-0422 Updated php packages fix security vulnerability

NULL Pointer Dereference in WDDX Packet Deserialization with PDORow in PHP before 5.6.28 CVE-2016-9934. Invalid read when wddx decodes empty boolean element in PHP before 5.6.29 CVE-2016-9935...

php: wddx_deserialize null dereference

The phpwddxpopelement function in ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service NULL pointer dereference and application crash or possibly have unspecified other impact via an invalid base64 binary value, as demonstrated by a...