CVSS: 7.5EPSS: 6%CPEs: 2EXPL: 1CVE-2015-8877 – gd: gdImageScaleTwoPass function in gd_interpolation.c uses inconsistent allocate and free approaches
https://notcve.org/view.php?id=CVE-2015-8877
22 May 2016 — The gdImageScaleTwoPass function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.0, as used in PHP before 5.6.12, uses inconsistent allocate and free approaches, which allows remote attackers to cause a denial of service (memory consumption) via a crafted call, as demonstrated by a call to the PHP imagescale function. La función gdImageScaleTwoPass en gd_interpolation.c en el GD Graphics Library (también conocido como libgd) en versiones anteriores a 2.2.0, como es utilizado en PHP e... • http://rhn.redhat.com/errata/RHSA-2016-2750.html • CWE-399: Resource Management Errors CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 9.8EPSS: 3%CPEs: 30EXPL: 1CVE-2016-4537 – php: bcpowmod accepts negative scale causing heap buffer overflow corrupting _one_ definition
https://notcve.org/view.php?id=CVE-2016-4537
22 May 2016 — The bcpowmod function in ext/bcmath/bcmath.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 accepts a negative integer for the scale argument, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted call. La función bcpowmod en ext/bcmath/bcmath.c en PHP en versiones anteriores a 5.5.35, 5.6.x en versiones anteriores a 5.6.21 y 7.x en versiones anteriores a 7.0.6 acepta un entero negativo para el argumento escala, lo que permite a a... • http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183736.html • CWE-20: Improper Input Validation CWE-122: Heap-based Buffer Overflow •
CVSS: 8.8EPSS: 3%CPEs: 4EXPL: 1CVE-2016-4343 – php: Uninitialized pointer in phar_make_dirstream()
https://notcve.org/view.php?id=CVE-2016-4343
22 May 2016 — The phar_make_dirstream function in ext/phar/dirstream.c in PHP before 5.6.18 and 7.x before 7.0.3 mishandles zero-size ././@LongLink files, which allows remote attackers to cause a denial of service (uninitialized pointer dereference) or possibly have unspecified other impact via a crafted TAR archive. La función phar_make_dirstream en ext/phar/dirstream.c en PHP en versiones anteriores a 5.6.18 y 7.x en versiones anteriores a 7.0.3 no maneja correctamente archivos ././@LongLink de tamaño cero, lo que perm... • http://lists.opensuse.org/opensuse-updates/2016-05/msg00086.html • CWE-456: Missing Initialization of a Variable CWE-824: Access of Uninitialized Pointer •
CVSS: 9.8EPSS: 3%CPEs: 30EXPL: 1CVE-2016-4538 – php: bcpowmod accepts negative scale causing heap buffer overflow corrupting _one_ definition
https://notcve.org/view.php?id=CVE-2016-4538
22 May 2016 — The bcpowmod function in ext/bcmath/bcmath.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 modifies certain data structures without considering whether they are copies of the _zero_, _one_, or _two_ global variable, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted call. La función bcpowmod en ext/bcmath/bcmath.c en PHP en versiones anteriores a 5.5.35, 5.6.x en versiones anteriores a 5.6.21 y 7.x en versiones anteriores a 7.... • http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183736.html • CWE-20: Improper Input Validation CWE-122: Heap-based Buffer Overflow •
CVSS: 8.8EPSS: 4%CPEs: 23EXPL: 1CVE-2016-4342 – php: use of uninitialized pointer in PharFileInfo::getContent
https://notcve.org/view.php?id=CVE-2016-4342
22 May 2016 — ext/phar/phar_object.c in PHP before 5.5.32, 5.6.x before 5.6.18, and 7.x before 7.0.3 mishandles zero-length uncompressed data, which allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted (1) TAR, (2) ZIP, or (3) PHAR archive. ext/phar/phar_object.c en PHP en versiones anteriores a 5.5.32, 5.6.x en versiones anteriores a 5.6.18 y 7.x en versiones anteriores a 7.0.3 no maneja correctamente los datos sin comprimir de longitud cer... • http://lists.opensuse.org/opensuse-updates/2016-05/msg00086.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-665: Improper Initialization •
CVSS: 9.8EPSS: 3%CPEs: 30EXPL: 1CVE-2016-4539 – php: xml_parse_into_struct() can crash when XML parser is re-used
https://notcve.org/view.php?id=CVE-2016-4539
22 May 2016 — The xml_parse_into_struct function in ext/xml/xml.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows remote attackers to cause a denial of service (buffer under-read and segmentation fault) or possibly have unspecified other impact via crafted XML data in the second argument, leading to a parser level of zero. La función xml_parse_into_struct en ext/xml/xml.c en PHP en versiones anteriores a 5.5.35, 5.6.x en versiones anteriores a 5.6.21 y 7.x en versiones anteriores a 7.0.6 permite a ... • http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183736.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 4%CPEs: 30EXPL: 1CVE-2016-4542 – php: Out-of-bounds heap memory read in exif_read_data() caused by malformed input
https://notcve.org/view.php?id=CVE-2016-4542
22 May 2016 — The exif_process_IFD_TAG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not properly construct spprintf arguments, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data. La función exif_process_IFD_TAG en ext/exif/exif.c en PHP en versiones anteriores a 5.5.35, 5.6.x en versiones anteriores a 5.6.21 y 7.x en versiones anteriores a 7.0.6 no construye adecuadamente argu... • http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183736.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 1%CPEs: 31EXPL: 1CVE-2016-4543 – php: Out-of-bounds heap memory read in exif_read_data() caused by malformed input
https://notcve.org/view.php?id=CVE-2016-4543
22 May 2016 — The exif_process_IFD_in_JPEG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not validate IFD sizes, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data. La función exif_process_IFD_in_JPEG en ext/exif/exif.c en PHP en versiones anteriores a 5.5.35, 5.6.x en versiones anteriores a 5.6.21 y 7.x en versiones anteriores a 7.0.6 no valida tamaños IFD, lo que permite a at... • http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183736.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 1%CPEs: 4EXPL: 1CVE-2015-8873 – php: Stack consumption vulnerability in Zend/zend_exceptions.c
https://notcve.org/view.php?id=CVE-2015-8873
16 May 2016 — Stack consumption vulnerability in Zend/zend_exceptions.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allows remote attackers to cause a denial of service (segmentation fault) via recursive method calls. Vulnerabilidad de consumo de pila en Zend/zend_exceptions.c en PHP en versiones anteriores a 5.4.44, 5.5.x en versiones anteriores a 5.5.28 y 5.6.x en versiones anteriores a 5.6.12 permite a atacantes remotos provocar una denegación de servicio (fallo de segmentación) a través de llam... • http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=4d2278143a08b7522de9471d0f014d7357c28fea • CWE-20: Improper Input Validation CWE-674: Uncontrolled Recursion •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2014-0236
https://notcve.org/view.php?id=CVE-2014-0236
16 May 2016 — file before 5.18, as used in the Fileinfo component in PHP before 5.6.0, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a zero root_storage value in a CDF file, related to cdf.c and readcdf.c. file en versiones anteriores a 5.18, tal como se utiliza en el componente Fileinfo en PHP en versiones anteriores a 5.6.0, permite a atacantes remotos provocar una denegación de servicio (referencia a puntero NULO y caída de aplicación) a través de un valor ro... • http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=f3f22ff5c697aef854ffc1918bce708b37481b0f •