CVSS: 9.8EPSS: 1%CPEs: 40EXPL: 1CVE-2016-6295 – php: Use after free in SNMP with GC and unserialize()
https://notcve.org/view.php?id=CVE-2016-6295
25 Jul 2016 — ext/snmp/snmp.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact via crafted serialized data, a related issue to CVE-2016-5773. ext/snmp/snmp.c en PHP en versiones anteriores a 5.5.38, 5.6.x en versiones anteriores a 5.6.24 y 7.x en versiones anteriores a 7.0.9 no interactúa ... • http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=cab1c3b3708eead315e033359d07049b23b147a3 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 1%CPEs: 40EXPL: 1CVE-2016-6294 – php: Out-of-bounds access in locale_accept_from_http
https://notcve.org/view.php?id=CVE-2016-6294
25 Jul 2016 — The locale_accept_from_http function in ext/intl/locale/locale_methods.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 does not properly restrict calls to the ICU uloc_acceptLanguageFromHTTP function, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a call with a long argument. La función locale_accept_from_http en ext/intl/locale/locale_methods.c en PHP en versiones anteriores a 5.5.38, 5.6.x en versiones anterio... • http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=aa82e99ed8003c01f1ef4f0940e56b85c5b032d4 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 1%CPEs: 6EXPL: 0CVE-2016-6207 – php,gd: Integer overflow error within _gdContributionsAlloc()
https://notcve.org/view.php?id=CVE-2016-6207
22 Jul 2016 — Integer overflow in the _gdContributionsAlloc function in gd_interpolation.c in GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds memory write or memory consumption) via unspecified vectors. Desbordamiento de entero en la función _gdContributionsAlloc en gd_interpolation.c en GD Graphics Library (también conocida como libgd) en versiones anteriores a 2.2.3 permite a atacantes remotos causar una denegación de servicio (escritura de memoria fuera ... • http://lists.opensuse.org/opensuse-updates/2016-08/msg00086.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 8.1EPSS: 13%CPEs: 3EXPL: 6CVE-2016-5399 – PHP 5.5.37/5.6.23/7.0.8 - 'bzread()' Out-of-Bounds Write
https://notcve.org/view.php?id=CVE-2016-5399
21 Jul 2016 — The bzread function in ext/bz2/bz2.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via a crafted bz2 archive. La función bzread en ext/bz2/bz2.c en PHP en versiones anteriores a 5.5.38, 5.6.x en versiones anteriores a 5.6.24, y 7.x en versiones anteriores a 7.0.9 permite a atacantes remotos provocar una denegación de servicio (escritura fuera de limites) o ejecutar código arbitrario a travé... • https://packetstorm.news/files/id/137998 • CWE-390: Detection of Error Condition Without Action CWE-787: Out-of-bounds Write •
CVSS: 8.1EPSS: 94%CPEs: 21EXPL: 0CVE-2016-5385 – PHP: sets environmental variable based on user supplied Proxy request header
https://notcve.org/view.php?id=CVE-2016-5385
19 Jul 2016 — PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, as demonstrated by (1) an application that makes a getenv('HTTP_PROXY') call or (2) a CGI configuration of PHP, aka an "httpoxy" issu... • http://lists.opensuse.org/opensuse-updates/2016-08/msg00003.html • CWE-20: Improper Input Validation CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 7.5EPSS: 3%CPEs: 9EXPL: 0CVE-2016-6128 – gd: Invalid color index not properly handled
https://notcve.org/view.php?id=CVE-2016-6128
11 Jul 2016 — The gdImageCropThreshold function in gd_crop.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 7.0.9, allows remote attackers to cause a denial of service (application crash) via an invalid color index. La función gdImageCropThreshold en gd_crop.c en la GD Graphics Library (también conocido como libgd) en versiones anteriores a 2.2.3, como se utiliza en PHP en versiones anteriores a 7.0.9, permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) a trav... • http://lists.opensuse.org/opensuse-updates/2016-08/msg00086.html • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 11%CPEs: 62EXPL: 2CVE-2016-5766 – gd: Integer overflow in _gd2GetHeader() resulting in heap overflow
https://notcve.org/view.php?id=CVE-2016-5766
26 Jun 2016 — Integer overflow in the _gd2GetHeader function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via crafted chunk dimensions in an image. Desbordamiento de entero en la función _gd2GetHeader en gd_gd2.c en la GD Graphics Library (también conocido como libgd) en versiones anter... • http://github.com/php/php-src/commit/7722455726bec8c53458a32851d2a87982cf0eac?w=1 • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 1%CPEs: 6EXPL: 1CVE-2016-5771 – php: Use After Free Vulnerability in PHP's GC algorithm and unserialize
https://notcve.org/view.php?id=CVE-2016-5771
26 Jun 2016 — spl_array.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and application crash) via crafted serialized data. spl_array.c en la extension SPL en PHP en versiones anteriores a 5.5.37 y 5.6.x en versiones anteriores a 5.6.23 interactúa incorrectamente con la implementación no serializada y la recolección de bas... • http://github.com/php/php-src/commit/3f627e580acfdaf0595ae3b115b8bec677f203ee?w=1 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 4%CPEs: 41EXPL: 0CVE-2016-5767 – gd: Integer Overflow in gdImagePaletteToTrueColor() resulting in heap overflow
https://notcve.org/view.php?id=CVE-2016-5767
26 Jun 2016 — Integer overflow in the gdImageCreate function in gd.c in the GD Graphics Library (aka libgd) before 2.0.34RC1, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted image dimensions. Desbordamiento de entero en la función gdImageCreate en gd.c en la GD Graphics Library (también conocido como libgd) en versiones anteriores a 2.0.34... • http://github.com/php/php-src/commit/c395c6e5d7e8df37a21265ff76e48fe75ceb5ae6?w=1 • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 7%CPEs: 41EXPL: 1CVE-2016-5773 – php: ZipArchive class Use After Free Vulnerability in PHP's GC algorithm and unserialize
https://notcve.org/view.php?id=CVE-2016-5773
26 Jun 2016 — php_zip.c in the zip extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and application crash) via crafted serialized data containing a ZipArchive object. php_zip.c en la extension zip en PHP en versiones anteriores a 5.5.37, 5.6.x en versiones anteriores a 5.6.23 y 7.x en versiones anteriores 7.0.8 intera... • http://github.com/php/php-src/commit/f6aef68089221c5ea047d4a74224ee3deead99a6?w=1 • CWE-416: Use After Free •