UbuntuUSN-2126-1PHP vulnerabilities
10 High
AI Score
Confidence
High
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.058 Low
EPSS
Percentile
93.3%
Releases
- Ubuntu 13.10
- Ubuntu 12.10
- Ubuntu 12.04
- Ubuntu 10.04
Packages
- php5 - HTML-embedded scripting language interpreter
Details
Bernd Melchers discovered that PHP’s embedded libmagic library incorrectly
handled indirect offset values. An attacker could use this issue to cause
PHP to consume resources or crash, resulting in a denial of service.
(CVE-2014-1943)
It was discovered that PHP incorrectly handled certain values when using
the imagecrop function. An attacker could possibly use this issue to cause
PHP to crash, resulting in a denial of service, obtain sensitive
information, or possibly execute arbitrary code. This issue only affected
Ubuntu 13.10. (CVE-2013-7226, CVE-2013-7327, CVE-2013-7328, CVE-2014-2020)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 13.10 | noarch | php5-cli | < 5.5.3+dfsg-1ubuntu2.2 | UNKNOWN |
| Ubuntu | 13.10 | noarch | libapache2-mod-php5 | < 5.5.3+dfsg-1ubuntu2.2 | UNKNOWN |
| Ubuntu | 13.10 | noarch | libapache2-mod-php5filter | < 5.5.3+dfsg-1ubuntu2.2 | UNKNOWN |
| Ubuntu | 13.10 | noarch | libphp5-embed | < 5.5.3+dfsg-1ubuntu2.2 | UNKNOWN |
| Ubuntu | 13.10 | noarch | php5-cgi | < 5.5.3+dfsg-1ubuntu2.2 | UNKNOWN |
| Ubuntu | 13.10 | noarch | php5-common | < 5.5.3+dfsg-1ubuntu2.2 | UNKNOWN |
| Ubuntu | 13.10 | noarch | php5-curl | < 5.5.3+dfsg-1ubuntu2.2 | UNKNOWN |
| Ubuntu | 13.10 | noarch | php5-dbg | < 5.5.3+dfsg-1ubuntu2.2 | UNKNOWN |
| Ubuntu | 13.10 | noarch | php5-dev | < 5.5.3+dfsg-1ubuntu2.2 | UNKNOWN |
| Ubuntu | 13.10 | noarch | php5-enchant | < 5.5.3+dfsg-1ubuntu2.2 | UNKNOWN |
Related
10 High
AI Score
Confidence
High
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.058 Low
EPSS
Percentile
93.3%