Search for packages
| purl | pkg:deb/debian/php5@5.3.3-7%2Bsqueeze17 |
| Next non-vulnerable version | 5.6.33+dfsg-0+deb8u1 |
| Latest non-vulnerable version | 5.6.33+dfsg-0+deb8u1 |
| Risk | 10.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-1252-8g9h-aaae
Aliases: CVE-2016-7414 |
The ZIP signature-verification feature in PHP before 5.6.26 and 7.x before 7.0.11 does not ensure that the uncompressed_filesize field is large enough, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via a crafted PHAR archive, related to ext/phar/util.c and ext/phar/zip.c. |
Affected by 0 other vulnerabilities. |
|
VCID-12qt-uvs5-aaar
Aliases: CVE-2016-4537 |
The bcpowmod function in ext/bcmath/bcmath.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 accepts a negative integer for the scale argument, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted call. |
Affected by 0 other vulnerabilities. |
|
VCID-1r2m-8se6-aaaq
Aliases: CVE-2017-11142 |
In PHP before 5.6.31, 7.x before 7.0.17, and 7.1.x before 7.1.3, remote attackers could cause a CPU consumption denial of service attack by injecting long form variables, related to main/php_variables.c. |
Affected by 0 other vulnerabilities. |
|
VCID-2tge-77hh-aaaa
Aliases: CVE-2016-9933 |
Stack consumption vulnerability in the gdImageFillToBorder function in gd.c in the GD Graphics Library (aka libgd) before 2.2.2, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (segmentation violation) via a crafted imagefilltoborder call that triggers use of a negative color value. |
Affected by 0 other vulnerabilities. |
|
VCID-2uke-xd5u-aaab
Aliases: CVE-2011-1938 |
CVE-2011-1938 php: stack-based buffer overflow in socket_connect() |
Affected by 97 other vulnerabilities. |
|
VCID-2x4r-thvu-aaap
Aliases: CVE-2015-6831 |
Multiple use-after-free vulnerabilities in SPL in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allow remote attackers to execute arbitrary code via vectors involving (1) ArrayObject, (2) SplObjectStorage, and (3) SplDoublyLinkedList, which are mishandled during unserialization. |
Affected by 97 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-32s8-srh9-aaas
Aliases: CVE-2016-7127 |
The imagegammacorrect function in ext/gd/gd.c in PHP before 5.6.25 and 7.x before 7.0.10 does not properly validate gamma values, which allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact by providing different signs for the second and third arguments. |
Affected by 0 other vulnerabilities. |
|
VCID-3c18-v2g4-aaaf
Aliases: CVE-2015-2305 |
Integer overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer) alpha3.8.g5 on 32-bit platforms, as used in NetBSD through 6.1.5 and other products, might allow context-dependent attackers to execute arbitrary code via a large regular expression that leads to a heap-based buffer overflow. |
Affected by 97 other vulnerabilities. |
|
VCID-3h84-jpyb-aaam
Aliases: CVE-2016-4541 |
The grapheme_strpos function in ext/intl/grapheme/grapheme_string.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a negative offset. |
Affected by 0 other vulnerabilities. |
|
VCID-3j6s-rced-aaaa
Aliases: CVE-2016-5769 |
Multiple integer overflows in mcrypt.c in the mcrypt extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allow remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted length value, related to the (1) mcrypt_generic and (2) mdecrypt_generic functions. |
Affected by 0 other vulnerabilities. |
|
VCID-3jrq-ku7n-aaan
Aliases: CVE-2015-3329 |
CVE-2015-3329 php: buffer overflow in phar_set_inode() |
Affected by 97 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-3khx-vu3n-aaad
Aliases: CVE-2016-4073 |
Multiple integer overflows in the mbfl_strcut function in ext/mbstring/libmbfl/mbfl/mbfilter.c in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted mb_strcut call. |
Affected by 0 other vulnerabilities. |
|
VCID-3m4w-fcrw-aaaq
Aliases: CVE-2015-1352 |
CVE-2015-1352 php: NULL pointer dereference in pgsql extension |
Affected by 97 other vulnerabilities. |
|
VCID-4bjr-smu3-aaah
Aliases: CVE-2016-9935 |
The php_wddx_push_element function in ext/wddx/wddx.c in PHP before 5.6.29 and 7.x before 7.0.14 allows remote attackers to cause a denial of service (out-of-bounds read and memory corruption) or possibly have unspecified other impact via an empty boolean element in a wddxPacket XML document. |
Affected by 0 other vulnerabilities. |
|
VCID-4hyb-chh2-aaam
Aliases: CVE-2015-0231 |
CVE-2015-0231 php: use after free vulnerability in unserialize() (incomplete fix of CVE-2014-8142) |
Affected by 97 other vulnerabilities. |
|
VCID-51uc-bzg4-aaag
Aliases: CVE-2016-5095 |
CVE-2016-5095 php: Integer overflow in php_filter_full_special_chars |
Affected by 0 other vulnerabilities. |
|
VCID-59fn-ybff-aaan
Aliases: CVE-2014-3487 |
The cdf_read_property_info function in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, does not properly validate a stream offset, which allows remote attackers to cause a denial of service (application crash) via a crafted CDF file. |
Affected by 97 other vulnerabilities. |
|
VCID-5aug-72yr-aaab
Aliases: CVE-2016-9934 |
ext/wddx/wddx.c in PHP before 5.6.28 and 7.x before 7.0.13 allows remote attackers to cause a denial of service (NULL pointer dereference) via crafted serialized data in a wddxPacket XML document, as demonstrated by a PDORow string. |
Affected by 0 other vulnerabilities. |
|
VCID-5t8p-jv5n-aaad
Aliases: CVE-2016-7411 |
ext/standard/var_unserializer.re in PHP before 5.6.26 mishandles object-deserialization failures, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via an unserialize call that references a partially constructed object. |
Affected by 0 other vulnerabilities. |
|
VCID-5ynh-zkyv-aaas
Aliases: CVE-2015-2331 |
Integer overflow in the _zip_cdir_new function in zip_dirent.c in libzip 0.11.2 and earlier, as used in the ZIP extension in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a ZIP archive that contains many entries, leading to a heap-based buffer overflow. |
Affected by 97 other vulnerabilities. |
|
VCID-6byw-kc7s-aaas
Aliases: CVE-2015-3307 |
CVE-2015-3307 php: invalid pointer free() in phar_tar_process_metadata() |
Affected by 97 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-6s6r-52vh-aaag
Aliases: CVE-2014-3538 |
file before 5.19 does not properly restrict the amount of data read during a regex search, which allows remote attackers to cause a denial of service (CPU consumption) via a crafted file that triggers backtracking during processing of an awk rule. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-7345. |
Affected by 97 other vulnerabilities. |
|
VCID-6spz-b8a9-aaaf
Aliases: CVE-2015-6838 |
The xsl_ext_function_php function in ext/xsl/xsltprocessor.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13, when libxml2 before 2.9.2 is used, does not consider the possibility of a NULL valuePop return value before proceeding with a free operation after the principal argument loop, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted XML document, a different vulnerability than CVE-2015-6837. |
Affected by 97 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-71uz-yd7t-aaaq
Aliases: CVE-2016-7132 |
ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly have unspecified other impact via an invalid wddxPacket XML document that is mishandled in a wddx_deserialize call, as demonstrated by a stray element inside a boolean element, leading to incorrect pop processing. |
Affected by 0 other vulnerabilities. |
|
VCID-73j4-s6t8-aaad
Aliases: CVE-2015-6837 |
The xsl_ext_function_php function in ext/xsl/xsltprocessor.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13, when libxml2 before 2.9.2 is used, does not consider the possibility of a NULL valuePop return value before proceeding with a free operation during initial error checking, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted XML document, a different vulnerability than CVE-2015-6838. |
Affected by 97 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-82b4-njua-aaab
Aliases: CVE-2017-16642 |
In PHP before 5.6.32, 7.x before 7.0.25, and 7.1.x before 7.1.11, an error in the date extension's timelib_meridian handling of 'front of' and 'back of' directives could be used by attackers able to supply date strings to leak information from the interpreter, related to ext/date/lib/parse_date.c out-of-bounds reads affecting the php_parse_date function. NOTE: this is a different issue than CVE-2017-11145. |
Affected by 0 other vulnerabilities. |
|
VCID-869z-tjdt-aaab
Aliases: CVE-2016-4540 |
The grapheme_stripos function in ext/intl/grapheme/grapheme_string.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a negative offset. |
Affected by 0 other vulnerabilities. |
|
VCID-8gvv-7agg-aaan
Aliases: CVE-2015-2783 |
CVE-2015-2783 php: buffer over-read in Phar metadata parsing |
Affected by 97 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-8hz7-hn9j-aaad
Aliases: CVE-2016-5768 |
Double free vulnerability in the _php_mb_regex_ereg_replace_exec function in php_mbregex.c in the mbstring extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by leveraging a callback exception. |
Affected by 0 other vulnerabilities. |
|
VCID-8mwc-zmcx-aaan
Aliases: CVE-2015-4024 |
CVE-2015-4024 php: multipart/form-data request parsing CPU usage DoS |
Affected by 97 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-8th8-sv29-aaap
Aliases: CVE-2016-4539 |
The xml_parse_into_struct function in ext/xml/xml.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows remote attackers to cause a denial of service (buffer under-read and segmentation fault) or possibly have unspecified other impact via crafted XML data in the second argument, leading to a parser level of zero. |
Affected by 0 other vulnerabilities. |
|
VCID-8zga-bqda-aaag
Aliases: CVE-2014-9705 |
CVE-2014-9705 php: heap buffer overflow in enchant_broker_request_dict() |
Affected by 97 other vulnerabilities. Affected by 94 other vulnerabilities. |
|
VCID-9814-7grr-aaas
Aliases: CVE-2016-10160 |
Off-by-one error in the phar_parse_pharfile function in ext/phar/phar.c in PHP before 5.6.30 and 7.0.x before 7.0.15 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted PHAR archive with an alias mismatch. |
Affected by 0 other vulnerabilities. |
|
VCID-99hm-dy7a-aaac
Aliases: CVE-2016-7417 |
ext/spl/spl_array.c in PHP before 5.6.26 and 7.x before 7.0.11 proceeds with SplArray unserialization without validating a return value and data type, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data. |
Affected by 0 other vulnerabilities. |
|
VCID-9rh2-2cx7-aaaa
Aliases: CVE-2014-3478 |
Buffer overflow in the mconvert function in softmagic.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service (application crash) via a crafted Pascal string in a FILE_PSTRING conversion. |
Affected by 97 other vulnerabilities. |
|
VCID-9ua3-3fhw-aaar
Aliases: CVE-2015-5590 |
Stack-based buffer overflow in the phar_fix_filepath function in ext/phar/phar.c in PHP before 5.4.43, 5.5.x before 5.5.27, and 5.6.x before 5.6.11 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large length value, as demonstrated by mishandling of an e-mail attachment by the imap PHP extension. |
Affected by 97 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-a17y-vjjw-aaac
Aliases: CVE-2015-2348 |
CVE-2015-2348 php: move_uploaded_file() NUL byte injection in file name |
Affected by 97 other vulnerabilities. |
|
VCID-a95k-47kr-aaaa
Aliases: CVE-2016-4070 |
** DISPUTED ** Integer overflow in the php_raw_url_encode function in ext/standard/url.c in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allows remote attackers to cause a denial of service (application crash) via a long string to the rawurlencode function. NOTE: the vendor says "Not sure if this qualifies as security issue (probably not)." |
Affected by 0 other vulnerabilities. |
|
VCID-ahs8-uf3f-aaan
Aliases: CVE-2015-6836 |
The SoapClient __call method in ext/soap/soap.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 does not properly manage headers, which allows remote attackers to execute arbitrary code via crafted serialized data that triggers a "type confusion" in the serialize_function_call function. |
Affected by 97 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-amh3-pcw2-aaad
Aliases: CVE-2016-6297 |
Integer overflow in the php_stream_zip_opener function in ext/zip/zip_stream.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a crafted zip:// URL. |
Affected by 0 other vulnerabilities. |
|
VCID-amks-jmag-aaad
Aliases: CVE-2014-9427 |
CVE-2014-9427 php: out of bounds read when parsing a crafted .php file |
Affected by 97 other vulnerabilities. |
|
VCID-b97a-ea3v-aaap
Aliases: CVE-2016-5094 |
CVE-2016-5094 php: Integer overflow in php_html_entities() |
Affected by 0 other vulnerabilities. |
|
VCID-bc7f-sn66-aaas
Aliases: CVE-2015-5589 |
The phar_convert_to_other function in ext/phar/phar_object.c in PHP before 5.4.43, 5.5.x before 5.5.27, and 5.6.x before 5.6.11 does not validate a file pointer before a close operation, which allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted TAR archive that is mishandled in a Phar::convertToData call. |
Affected by 97 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-bq13-eab4-aaab
Aliases: CVE-2013-4113 |
CVE-2013-4113 php: xml_parse_into_struct buffer overflow when parsing deeply nested XML |
Affected by 97 other vulnerabilities. |
|
VCID-bqhp-8xc5-aaae
Aliases: CVE-2016-5773 |
php_zip.c in the zip extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and application crash) via crafted serialized data containing a ZipArchive object. |
Affected by 0 other vulnerabilities. |
|
VCID-btp8-hyyg-aaak
Aliases: CVE-2014-0237 |
The cdf_unpack_summary_info function in cdf.c in the Fileinfo component in PHP before 5.4.29 and 5.5.x before 5.5.13 allows remote attackers to cause a denial of service (performance degradation) by triggering many file_printf calls. |
Affected by 97 other vulnerabilities. |
|
VCID-bu6h-ssxj-aaar
Aliases: CVE-2017-12933 |
The finish_nested_data function in ext/standard/var_unserializer.re in PHP before 5.6.31, 7.0.x before 7.0.21, and 7.1.x before 7.1.7 is prone to a buffer over-read while unserializing untrusted data. Exploitation of this issue can have an unspecified impact on the integrity of PHP. |
Affected by 0 other vulnerabilities. |
|
VCID-bxkz-2m5x-aaaj
Aliases: CVE-2014-0185 |
CVE-2014-0185 php: insecure default permissions on the FPM unix socket |
Affected by 97 other vulnerabilities. |
|
VCID-c33h-tsg2-aaad
Aliases: CVE-2014-0238 |
The cdf_read_property_info function in cdf.c in the Fileinfo component in PHP before 5.4.29 and 5.5.x before 5.5.13 allows remote attackers to cause a denial of service (infinite loop or out-of-bounds memory access) via a vector that (1) has zero length or (2) is too long. |
Affected by 97 other vulnerabilities. |
|
VCID-c697-xf6v-aaag
Aliases: CVE-2016-6290 |
ext/session/session.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 does not properly maintain a certain hash data structure, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via vectors related to session deserialization. |
Affected by 0 other vulnerabilities. |
|
VCID-c6xe-427b-aaad
Aliases: CVE-2013-4248 |
CVE-2013-4248 php: hostname check bypassing vulnerability in SSL client |
Affected by 97 other vulnerabilities. |
|
VCID-caje-cus3-aaaa
Aliases: CVE-2014-8142 |
CVE-2014-8142 php: use after free vulnerability in unserialize() |
Affected by 97 other vulnerabilities. |
|
VCID-cavj-1gux-aaab
Aliases: CVE-2014-9652 |
The mconvert function in softmagic.c in file before 5.21, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not properly handle a certain string-length field during a copy of a truncated version of a Pascal string, which might allow remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted file. |
Affected by 97 other vulnerabilities. |
|
VCID-cbsr-a6t4-aaan
Aliases: CVE-2015-4598 |
CVE-2015-4598 php: missing null byte checks for paths in DOM and GD extensions |
Affected by 97 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-cfmq-47tt-aaaq
Aliases: CVE-2016-4538 |
The bcpowmod function in ext/bcmath/bcmath.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 modifies certain data structures without considering whether they are copies of the _zero_, _one_, or _two_ global variable, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted call. |
Affected by 0 other vulnerabilities. |
|
VCID-cqj3-udy1-aaad
Aliases: CVE-2014-4049 |
CVE-2014-4049 php: heap-based buffer overflow in DNS TXT record parsing |
Affected by 97 other vulnerabilities. Affected by 94 other vulnerabilities. |
|
VCID-cr4y-qm63-aaaa
Aliases: CVE-2014-3597 |
CVE-2014-3597 php: multiple buffer over-reads in php_parserr |
Affected by 97 other vulnerabilities. |
|
VCID-d8t4-e42z-aaaq
Aliases: CVE-2016-10159 |
Integer overflow in the phar_parse_pharfile function in ext/phar/phar.c in PHP before 5.6.30 and 7.0.x before 7.0.15 allows remote attackers to cause a denial of service (memory consumption or application crash) via a truncated manifest entry in a PHAR archive. |
Affected by 0 other vulnerabilities. |
|
VCID-db51-2ryw-aaah
Aliases: CVE-2014-3669 |
CVE-2014-3669 php: integer overflow in unserialize() |
Affected by 97 other vulnerabilities. |
|
VCID-ddnb-6axg-aaap
Aliases: CVE-2014-3480 |
The cdf_count_chain function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, does not properly validate sector-count data, which allows remote attackers to cause a denial of service (application crash) via a crafted CDF file. |
Affected by 97 other vulnerabilities. |
|
VCID-ddr4-6h3k-aaaa
Aliases: CVE-2015-4022 |
CVE-2015-4022 php: integer overflow leading to heap overflow when reading FTP file listing |
Affected by 97 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-dk9d-5awh-aaac
Aliases: CVE-2017-11143 |
In PHP before 5.6.31, an invalid free in the WDDX deserialization of boolean parameters could be used by attackers able to inject XML for deserialization to crash the PHP interpreter, related to an invalid free for an empty boolean element in ext/wddx/wddx.c. |
Affected by 0 other vulnerabilities. |
|
VCID-dzks-xxg9-aaaf
Aliases: CVE-2016-9137 |
Use-after-free vulnerability in the CURLFile implementation in ext/curl/curl_file.c in PHP before 5.6.27 and 7.x before 7.0.12 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data that is mishandled during __wakeup processing. |
Affected by 0 other vulnerabilities. |
|
VCID-e1sr-6mef-aaaj
Aliases: CVE-2014-1943 |
Fine Free file before 5.17 allows context-dependent attackers to cause a denial of service (infinite recursion, CPU consumption, and crash) via a crafted indirect offset value in the magic of a file. |
Affected by 97 other vulnerabilities. |
|
VCID-e2ge-edan-aaac
Aliases: CVE-2015-2787 |
CVE-2015-2787 php: use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re |
Affected by 97 other vulnerabilities. |
|
VCID-e3hk-3nez-aaah
Aliases: CVE-2016-4542 |
The exif_process_IFD_TAG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not properly construct spprintf arguments, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data. |
Affected by 0 other vulnerabilities. |
|
VCID-ecaw-9d8w-aaas
Aliases: CVE-2014-4670 |
CVE-2014-4670 php: SPL Iterators use-after-free |
Affected by 97 other vulnerabilities. |
|
VCID-edst-5sbq-aaaq
Aliases: CVE-2015-0232 |
CVE-2015-0232 php: Free called on unitialized pointer in exif.c |
Affected by 97 other vulnerabilities. |
|
VCID-eh77-9yza-aaaq
Aliases: CVE-2015-0273 |
CVE-2015-0273 php: use after free vulnerability in unserialize() with DateTimeZone |
Affected by 97 other vulnerabilities. |
|
VCID-ehry-rcpp-aaab
Aliases: CVE-2016-10161 |
The object_common1 function in ext/standard/var_unserializer.c in PHP before 5.6.30, 7.0.x before 7.0.15, and 7.1.x before 7.1.1 allows remote attackers to cause a denial of service (buffer over-read and application crash) via crafted serialized data that is mishandled in a finish_nested_data call. |
Affected by 0 other vulnerabilities. |
|
VCID-epm5-9tkf-aaaf
Aliases: CVE-2016-6289 |
Integer overflow in the virtual_file_ex function in TSRM/tsrm_virtual_cwd.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a crafted extract operation on a ZIP archive. |
Affected by 0 other vulnerabilities. |
|
VCID-ez8q-wn5x-aaak
Aliases: CVE-2016-6292 |
The exif_process_user_comment function in ext/exif/exif.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted JPEG image. |
Affected by 0 other vulnerabilities. |
|
VCID-faaa-qkj3-aaae
Aliases: CVE-2016-7479 |
In all versions of PHP 7, during the unserialization process, resizing the 'properties' hash table of a serialized object may lead to use-after-free. A remote attacker may exploit this bug to gain arbitrary code execution. |
Affected by 0 other vulnerabilities. |
|
VCID-fd29-3s7z-aaar
Aliases: DSA-3074-2 php5 |
regression update |
Affected by 97 other vulnerabilities. |
|
VCID-fgpm-vf17-aaad
Aliases: CVE-2016-4544 |
The exif_process_TIFF_in_JPEG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not validate TIFF start data, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data. |
Affected by 0 other vulnerabilities. |
|
VCID-g3nd-5q64-aaas
Aliases: CVE-2016-6291 |
The exif_process_IFD_in_MAKERNOTE function in ext/exif/exif.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (out-of-bounds array access and memory corruption), obtain sensitive information from process memory, or possibly have unspecified other impact via a crafted JPEG image. |
Affected by 0 other vulnerabilities. |
|
VCID-ga1y-kh3b-aaan
Aliases: CVE-2015-7804 |
CVE-2015-7804 php: uninitialized pointer in phar_make_dirstream() |
Affected by 97 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-gpu8-tehr-aaar
Aliases: CVE-2015-4021 |
CVE-2015-4021 php: memory corruption in phar_parse_tarfile caused by empty entry file name |
Affected by 97 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-gyc3-5a8r-aaar
Aliases: CVE-2015-4026 |
CVE-2015-4026 php: pcntl_exec() accepts paths with NUL character |
Affected by 97 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-hcqt-5qmr-aaaj
Aliases: CVE-2016-7125 |
ext/session/session.c in PHP before 5.6.25 and 7.x before 7.0.10 skips invalid session names in a way that triggers incorrect parsing, which allows remote attackers to inject arbitrary-type session data by leveraging control of a session name, as demonstrated by object injection. |
Affected by 0 other vulnerabilities. |
|
VCID-hfdj-rr97-aaag
Aliases: CVE-2013-6420 |
CVE-2013-6420 php: memory corruption in openssl_x509_parse() |
Affected by 97 other vulnerabilities. |
|
VCID-hrh1-34bm-aaaq
Aliases: CVE-2016-9138 |
PHP through 5.6.27 and 7.x through 7.0.12 mishandles property modification during __wakeup processing, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data, as demonstrated by Exception::__toString with DateInterval::__wakeup. |
Affected by 0 other vulnerabilities. |
|
VCID-huby-p431-aaap
Aliases: CVE-2018-5711 |
gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1, has an integer signedness error that leads to an infinite loop via a crafted GIF file, as demonstrated by a call to the imagecreatefromgif or imagecreatefromstring PHP function. This is related to GetCode_ and gdImageCreateFromGifCtx. |
Affected by 0 other vulnerabilities. |
|
VCID-j3ys-6mb8-aaas
Aliases: CVE-2015-4644 |
CVE-2015-4644 php: NULL pointer dereference in php_pgsql_meta_data() |
Affected by 97 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-j8qb-f87m-aaaf
Aliases: CVE-2013-7345 |
The BEGIN regular expression in the awk script detector in magic/Magdir/commands in file before 5.15 uses multiple wildcards with unlimited repetitions, which allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted ASCII file that triggers a large amount of backtracking, as demonstrated via a file with many newline characters. |
Affected by 97 other vulnerabilities. |
|
VCID-jhah-ksvx-aaag
Aliases: CVE-2015-2301 |
CVE-2015-2301 php: use after free in phar_object.c |
Affected by 97 other vulnerabilities. |
|
VCID-jp2a-f69z-aaaj
Aliases: CVE-2016-7129 |
The php_wddx_process_data function in ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via an invalid ISO 8601 time value, as demonstrated by a wddx_deserialize call that mishandles a dateTime element in a wddxPacket XML document. |
Affected by 0 other vulnerabilities. |
|
VCID-jxwt-uhqc-aaag
Aliases: CVE-2016-7413 |
Use-after-free vulnerability in the wddx_stack_destroy function in ext/wddx/wddx.c in PHP before 5.6.26 and 7.x before 7.0.11 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a wddxPacket XML document that lacks an end-tag for a recordset field element, leading to mishandling in a wddx_deserialize call. |
Affected by 0 other vulnerabilities. |
|
VCID-kg2b-vx21-aaas
Aliases: CVE-2016-5772 |
Double free vulnerability in the php_wddx_process_data function in wddx.c in the WDDX extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted XML data that is mishandled in a wddx_deserialize call. |
Affected by 0 other vulnerabilities. |
|
VCID-khng-y4t1-aaaa
Aliases: CVE-2017-11145 |
In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, an error in the date extension's timelib_meridian parsing code could be used by attackers able to supply date strings to leak information from the interpreter, related to ext/date/lib/parse_date.c out-of-bounds reads affecting the php_parse_date function. NOTE: the correct fix is in the e8b7698f5ee757ce2c8bd10a192a491a498f891c commit, not the bd77ac90d3bdf31ce2a5251ad92e9e75 gist. |
Affected by 0 other vulnerabilities. |
|
VCID-ks9b-8sm9-aaaa
Aliases: CVE-2014-3710 |
The donote function in readelf.c in file through 5.20, as used in the Fileinfo component in PHP 5.4.34, does not ensure that sufficient note headers are present, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file. |
Affected by 97 other vulnerabilities. |
|
VCID-kthc-z751-aaab
Aliases: CVE-2014-3515 |
CVE-2014-3515 php: unserialize() SPL ArrayObject / SPLObjectStorage type confusion flaw |
Affected by 97 other vulnerabilities. |
|
VCID-ktvt-pjew-aaad
Aliases: CVE-2016-6295 |
ext/snmp/snmp.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact via crafted serialized data, a related issue to CVE-2016-5773. |
Affected by 0 other vulnerabilities. |
|
VCID-m32n-gcgz-aaah
Aliases: CVE-2014-3670 |
CVE-2014-3670 php: heap corruption issue in exif_thumbnail() |
Affected by 97 other vulnerabilities. |
|
VCID-mkbd-9asr-aaah
Aliases: CVE-2015-4643 |
CVE-2015-4643 php: integer overflow in ftp_genlist() resulting in heap overflow (improved fix for CVE-2015-4022) |
Affected by 97 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-mwev-5h1b-aaaj
Aliases: CVE-2015-7803 |
CVE-2015-7803 php: NULL pointer dereference in phar_get_fp_offset() |
Affected by 97 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-mxvs-xu78-aaab
Aliases: CVE-2014-3479 |
The cdf_check_stream_offset function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, relies on incorrect sector-size data, which allows remote attackers to cause a denial of service (application crash) via a crafted stream offset in a CDF file. |
Affected by 97 other vulnerabilities. |
|
VCID-n41v-u4d9-aaah
Aliases: CVE-2016-5771 |
spl_array.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and application crash) via crafted serialized data. |
Affected by 0 other vulnerabilities. |
|
VCID-nadp-q9zr-aaah
Aliases: CVE-2016-7124 |
ext/standard/var_unserializer.c in PHP before 5.6.25 and 7.x before 7.0.10 mishandles certain invalid objects, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data that leads to a (1) __destruct call or (2) magic method call. |
Affected by 0 other vulnerabilities. |
|
VCID-ndbp-jqz1-aaap
Aliases: CVE-2016-5770 |
Integer overflow in the SplFileObject::fread function in spl_directory.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large integer argument, a related issue to CVE-2016-5096. |
Affected by 0 other vulnerabilities. |
|
VCID-p4jm-wupx-aaaf
Aliases: CVE-2016-5096 |
CVE-2016-5096 php: Integer underflow causing arbitrary null write in fread/gzread |
Affected by 0 other vulnerabilities. |
|
VCID-pmr1-6a2w-aaag
Aliases: CVE-2014-0207 |
The cdf_read_short_sector function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted CDF file. |
Affected by 97 other vulnerabilities. Affected by 94 other vulnerabilities. |
|
VCID-pw49-d9aa-aaac
Aliases: CVE-2016-5093 |
The get_icu_value_internal function in ext/intl/locale/locale_methods.c in PHP before 5.5.36, 5.6.x before 5.6.22, and 7.x before 7.0.7 does not ensure the presence of a '\0' character, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted locale_get_primary_language call. |
Affected by 0 other vulnerabilities. |
|
VCID-q2vs-jf13-aaam
Aliases: CVE-2016-5385 GHSA-m6ch-gg5f-wxx3 |
HTTP Proxy header vulnerability |
Affected by 0 other vulnerabilities. |
|
VCID-qfm8-jewu-aaap
Aliases: CVE-2016-7130 |
The php_wddx_pop_element function in ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly have unspecified other impact via an invalid base64 binary value, as demonstrated by a wddx_deserialize call that mishandles a binary element in a wddxPacket XML document. |
Affected by 0 other vulnerabilities. |
|
VCID-qg18-gtx4-aaaq
Aliases: CVE-2015-6833 |
Directory traversal vulnerability in the PharData class in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allows remote attackers to write to arbitrary files via a .. (dot dot) in a ZIP archive entry that is mishandled during an extractTo call. |
Affected by 97 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-qjdp-hhy5-aaar
Aliases: DSA-3126-1 php5 |
security update |
Affected by 97 other vulnerabilities. |
|
VCID-qkeq-r2zg-aaak
Aliases: CVE-2016-7126 |
The imagetruecolortopalette function in ext/gd/gd.c in PHP before 5.6.25 and 7.x before 7.0.10 does not properly validate the number of colors, which allows remote attackers to cause a denial of service (select_colors allocation error and out-of-bounds write) or possibly have unspecified other impact via a large value in the third argument. |
Affected by 0 other vulnerabilities. |
|
VCID-qqbe-zhze-aaar
Aliases: CVE-2017-11144 |
In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, the openssl extension PEM sealing code did not check the return value of the OpenSSL sealing function, which could lead to a crash of the PHP interpreter, related to an interpretation conflict for a negative number in ext/openssl/openssl.c, and an OpenSSL documentation omission. |
Affected by 0 other vulnerabilities. |
|
VCID-r27c-71jx-aaar
Aliases: CVE-2015-6835 |
The session deserializer in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 mishandles multiple php_var_unserialize calls, which allow remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via crafted session content. |
Affected by 97 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-rkey-bq9k-aaab
Aliases: CVE-2016-4071 |
Format string vulnerability in the php_snmp_error function in ext/snmp/snmp.c in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allows remote attackers to execute arbitrary code via format string specifiers in an SNMP::get call. |
Affected by 0 other vulnerabilities. |
|
VCID-rn5n-h3v5-aaab
Aliases: CVE-2013-7456 |
gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.1.1, as used in PHP before 5.5.36, 5.6.x before 5.6.22, and 7.x before 7.0.7, allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted image that is mishandled by the imagescale function. |
Affected by 0 other vulnerabilities. |
|
VCID-rz4j-9nvp-aaaq
Aliases: CVE-2016-10158 |
The exif_convert_any_to_int function in ext/exif/exif.c in PHP before 5.6.30, 7.0.x before 7.0.15, and 7.1.x before 7.1.1 allows remote attackers to cause a denial of service (application crash) via crafted EXIF data that triggers an attempt to divide the minimum representable negative integer by -1. |
Affected by 0 other vulnerabilities. |
|
VCID-s7bp-2h8v-aaah
Aliases: CVE-2014-3587 |
Integer overflow in the cdf_read_property_info function in cdf.c in file through 5.19, as used in the Fileinfo component in PHP before 5.4.32 and 5.5.x before 5.5.16, allows remote attackers to cause a denial of service (application crash) via a crafted CDF file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-1571. |
Affected by 97 other vulnerabilities. |
|
VCID-s9m1-697s-aaam
Aliases: CVE-2016-5399 |
The bzread function in ext/bz2/bz2.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via a crafted bz2 archive. |
Affected by 0 other vulnerabilities. |
|
VCID-scjc-2pkm-aaan
Aliases: CVE-2014-2270 |
softmagic.c in file before 5.17 and libmagic allows context-dependent attackers to cause a denial of service (out-of-bounds memory access and crash) via crafted offsets in the softmagic of a PE executable. |
Affected by 97 other vulnerabilities. |
|
VCID-shyf-r48n-aaac
Aliases: CVE-2016-3074 |
Integer signedness error in GD Graphics Library 2.1.1 (aka libgd or libgd2) allows remote attackers to cause a denial of service (crash) or potentially execute arbitrary code via crafted compressed gd2 data, which triggers a heap-based buffer overflow. |
Affected by 0 other vulnerabilities. |
|
VCID-swat-ndf2-aaab
Aliases: CVE-2017-11628 |
In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, a stack-based buffer overflow in the zend_ini_do_op() function in Zend/zend_ini_parser.c could cause a denial of service or potentially allow executing code. NOTE: this is only relevant for PHP applications that accept untrusted input (instead of the system's php.ini file) for the parse_ini_string or parse_ini_file function, e.g., a web application for syntax validation of php.ini directives. |
Affected by 0 other vulnerabilities. |
|
VCID-t4ck-5p4y-aaah
Aliases: CVE-2016-7131 |
ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly have unspecified other impact via a malformed wddxPacket XML document that is mishandled in a wddx_deserialize call, as demonstrated by a tag that lacks a < (less than) character. |
Affected by 0 other vulnerabilities. |
|
VCID-t687-wt36-aaak
Aliases: CVE-2014-8117 |
softmagic.c in file before 5.21 does not properly limit recursion, which allows remote attackers to cause a denial of service (CPU consumption or crash) via unspecified vectors. |
Affected by 97 other vulnerabilities. |
|
VCID-uk9b-bduf-aaas
Aliases: CVE-2016-7478 |
Zend/zend_exceptions.c in PHP, possibly 5.x before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (infinite loop) via a crafted Exception object in serialized data, a related issue to CVE-2015-8876. |
Affected by 0 other vulnerabilities. |
|
VCID-uzjm-61qc-aaap
Aliases: CVE-2015-6834 |
Multiple use-after-free vulnerabilities in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 allow remote attackers to execute arbitrary code via vectors related to (1) the Serializable interface, (2) the SplObjectStorage class, and (3) the SplDoublyLinkedList class, which are mishandled during unserialization. |
Affected by 97 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-v3j4-61jp-aaaf
Aliases: CVE-2012-2386 |
CVE-2012-2386 php: Integer overflow leading to heap-buffer overflow in the Phar extension |
Affected by 97 other vulnerabilities. |
|
VCID-v51t-9vvq-aaah
Aliases: CVE-2018-5712 |
An issue was discovered in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1. There is Reflected XSS on the PHAR 404 error page via the URI of a request for a .phar file. |
Affected by 0 other vulnerabilities. |
|
VCID-va4q-zdk5-aaaq
Aliases: CVE-2016-7128 |
The exif_process_IFD_in_TIFF function in ext/exif/exif.c in PHP before 5.6.25 and 7.x before 7.0.10 mishandles the case of a thumbnail offset that exceeds the file size, which allows remote attackers to obtain sensitive information from process memory via a crafted TIFF image. |
Affected by 0 other vulnerabilities. |
|
VCID-vche-tfhc-aaas
Aliases: CVE-2016-7418 |
The php_wddx_push_element function in ext/wddx/wddx.c in PHP before 5.6.26 and 7.x before 7.0.11 allows remote attackers to cause a denial of service (invalid pointer access and out-of-bounds read) or possibly have unspecified other impact via an incorrect boolean element in a wddxPacket XML document, leading to mishandling in a wddx_deserialize call. |
Affected by 0 other vulnerabilities. |
|
VCID-vfx4-nwys-aaaq
Aliases: DSA-3198-2 php5 |
regression update |
Affected by 97 other vulnerabilities. |
|
VCID-vpd4-cnm8-aaak
Aliases: CVE-2016-7412 |
ext/mysqlnd/mysqlnd_wireprotocol.c in PHP before 5.6.26 and 7.x before 7.0.11 does not verify that a BIT field has the UNSIGNED_FLAG flag, which allows remote MySQL servers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted field metadata. |
Affected by 0 other vulnerabilities. |
|
VCID-vqw1-fjuz-aaap
Aliases: CVE-2016-6296 |
Integer signedness error in the simplestring_addn function in simplestring.c in xmlrpc-epi through 0.54.2, as used in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9, allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a long first argument to the PHP xmlrpc_encode_request function. |
Affected by 0 other vulnerabilities. |
|
VCID-vzen-867m-aaar
Aliases: CVE-2014-4721 |
CVE-2014-4721 php: type confusion issue in phpinfo() leading to information leak |
Affected by 97 other vulnerabilities. |
|
VCID-w58a-861z-aaap
Aliases: CVE-2014-3668 |
CVE-2014-3668 php: xmlrpc ISO8601 date format parsing out-of-bounds read in mkgmtime() |
Affected by 97 other vulnerabilities. |
|
VCID-wxfn-yzjg-aaan
Aliases: CVE-2013-6712 |
CVE-2013-6712 php: heap-based buffer over-read in DateInterval |
Affected by 97 other vulnerabilities. |
|
VCID-xb1g-7p1v-aaab
Aliases: CVE-2016-7416 |
ext/intl/msgformat/msgformat_format.c in PHP before 5.6.26 and 7.x before 7.0.11 does not properly restrict the locale length provided to the Locale class in the ICU library, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a MessageFormatter::formatMessage call with a long first argument. |
Affected by 0 other vulnerabilities. |
|
VCID-xhsd-e5h5-aaaj
Aliases: CVE-2016-4543 |
The exif_process_IFD_in_JPEG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not validate IFD sizes, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data. |
Affected by 0 other vulnerabilities. |
|
VCID-xyng-4f4c-aaaa
Aliases: CVE-2015-4025 |
CVE-2015-4025 php: CVE-2006-7243 regressions in 5.4+ |
Affected by 97 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-ywgx-fd6w-aaam
Aliases: CVE-2015-3330 |
CVE-2015-3330 php: pipelined request executed in deinitialized interpreter under httpd 2.4 |
Affected by 97 other vulnerabilities. |
|
VCID-yzk2-j6nx-aaaq
Aliases: CVE-2015-8865 |
The file_check_mem function in funcs.c in file before 5.23, as used in the Fileinfo component in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5, mishandles continuation-level jumps, which allows context-dependent attackers to cause a denial of service (buffer overflow and application crash) or possibly execute arbitrary code via a crafted magic file. |
Affected by 0 other vulnerabilities. |
|
VCID-z7nu-15rh-aaas
Aliases: CVE-2016-4072 |
The Phar extension in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allows remote attackers to execute arbitrary code via a crafted filename, as demonstrated by mishandling of \0 characters by the phar_analyze_path function in ext/phar/phar.c. |
Affected by 0 other vulnerabilities. |
|
VCID-zxs3-pfnb-aaan
Aliases: CVE-2016-6294 |
The locale_accept_from_http function in ext/intl/locale/locale_methods.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 does not properly restrict calls to the ICU uloc_acceptLanguageFromHTTP function, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a call with a long argument. |
Affected by 0 other vulnerabilities. |
|
VCID-zzgn-q57z-aaac
Aliases: CVE-2015-6832 |
Use-after-free vulnerability in the SPL unserialize implementation in ext/spl/spl_array.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allows remote attackers to execute arbitrary code via crafted serialized data that triggers misuse of an array field. |
Affected by 97 other vulnerabilities. Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||