CVSS: 9.8EPSS: 6%CPEs: 31EXPL: 1CVE-2016-4543 – php: Out-of-bounds heap memory read in exif_read_data() caused by malformed input
https://notcve.org/view.php?id=CVE-2016-4543
22 May 2016 — The exif_process_IFD_in_JPEG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not validate IFD sizes, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data. La función exif_process_IFD_in_JPEG en ext/exif/exif.c en PHP en versiones anteriores a 5.5.35, 5.6.x en versiones anteriores a 5.6.21 y 7.x en versiones anteriores a 7.0.6 no valida tamaños IFD, lo que permite a at... • http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183736.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 16%CPEs: 6EXPL: 0CVE-2015-8867 – php: openssl_random_pseudo_bytes() is not cryptographically secure
https://notcve.org/view.php?id=CVE-2015-8867
22 May 2016 — The openssl_random_pseudo_bytes function in ext/openssl/openssl.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 incorrectly relies on the deprecated RAND_pseudo_bytes function, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors. La función openssl_random_pseudo_bytes en ext/openssl/openssl.c en PHP en versiones anteriores a 5.4.44, 5.5.x en versiones anteriores a 5.5.28 y 5.6.x en versiones anteriores a 5.6.12 se basa incorre... • http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=16023f3e3b9c06cf677c3c980e8d574e4c162827 • CWE-310: Cryptographic Issues •
CVSS: 9.8EPSS: 4%CPEs: 30EXPL: 1CVE-2016-4540 – php: OOB read in grapheme_stripos and grapheme_strpos when negative offset is used
https://notcve.org/view.php?id=CVE-2016-4540
22 May 2016 — The grapheme_stripos function in ext/intl/grapheme/grapheme_string.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a negative offset. La función grapheme_stripos en ext/intl/grapheme/grapheme_string.c en PHP en versiones anteriores a 5.5.35, 5.6.x en versiones anteriores a 5.6.21 y 7.x en versiones anteriores a 7.0.6 permite a atacantes remotos provocar una denegación de ... • http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183736.html • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 1%CPEs: 30EXPL: 1CVE-2016-4542 – php: Out-of-bounds heap memory read in exif_read_data() caused by malformed input
https://notcve.org/view.php?id=CVE-2016-4542
22 May 2016 — The exif_process_IFD_TAG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not properly construct spprintf arguments, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data. La función exif_process_IFD_TAG en ext/exif/exif.c en PHP en versiones anteriores a 5.5.35, 5.6.x en versiones anteriores a 5.6.21 y 7.x en versiones anteriores a 7.0.6 no construye adecuadamente argu... • http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183736.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2015-8878
https://notcve.org/view.php?id=CVE-2015-8878
22 May 2016 — main/php_open_temporary_file.c in PHP before 5.5.28 and 5.6.x before 5.6.12 does not ensure thread safety, which allows remote attackers to cause a denial of service (race condition and heap memory corruption) by leveraging an application that performs many temporary-file accesses. main/php_open_temporary_file.c en versiones anteriores a 5.5.28 y 5.6.x en versiones anteriores a 5.6.12 no asegura la protección contra amenazas, lo que permite a atacantes remotos provocar una denegación del servicio (condición... • http://www.php.net/ChangeLog-5.php • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.5EPSS: 2%CPEs: 2EXPL: 1CVE-2015-8879 – php: odbc_bindcols function mishandles driver behavior for SQL_WVARCHAR columns
https://notcve.org/view.php?id=CVE-2015-8879
22 May 2016 — The odbc_bindcols function in ext/odbc/php_odbc.c in PHP before 5.6.12 mishandles driver behavior for SQL_WVARCHAR columns, which allows remote attackers to cause a denial of service (application crash) in opportunistic circumstances by leveraging use of the odbc_fetch_array function to access a certain type of Microsoft SQL Server table. La función odbc_bindcols en ext/odbc/php_odbc.c en PHP en versiones anteriores a 5.6.12 no maneja correctamente el comportamiento del controlador para columnas SQL_WVARCHA... • http://rhn.redhat.com/errata/RHSA-2016-2750.html • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 1%CPEs: 30EXPL: 1CVE-2016-4541 – php: OOB read in grapheme_stripos and grapheme_strpos when negative offset is used
https://notcve.org/view.php?id=CVE-2016-4541
22 May 2016 — The grapheme_strpos function in ext/intl/grapheme/grapheme_string.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a negative offset. La función grapheme_strpos en ext/intl/grapheme/grapheme_string.c en PHP en versiones anteriores a 5.5.35, 5.6.x en versiones anteriores a 5.6.21 y 7.x en versiones anteriores a 7.0.6 permite a atacantes remotos provocar una denegación de se... • http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183736.html • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 5%CPEs: 7EXPL: 1CVE-2016-4544 – php: Out-of-bounds heap memory read in exif_read_data() caused by malformed input
https://notcve.org/view.php?id=CVE-2016-4544
22 May 2016 — The exif_process_TIFF_in_JPEG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not validate TIFF start data, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data. La función exif_process_TIFF_in_JPEG en ext/exif/exif.c en PHP en versiones anteriores a 5.5.35, 5.6.x en versiones anteriores a 5.6.21 y 7.x en versiones anteriores a 7.0.6 no valida los datos de inicio TIFF... • http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183736.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 2%CPEs: 2EXPL: 1CVE-2015-8877 – gd: gdImageScaleTwoPass function in gd_interpolation.c uses inconsistent allocate and free approaches
https://notcve.org/view.php?id=CVE-2015-8877
22 May 2016 — The gdImageScaleTwoPass function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.0, as used in PHP before 5.6.12, uses inconsistent allocate and free approaches, which allows remote attackers to cause a denial of service (memory consumption) via a crafted call, as demonstrated by a call to the PHP imagescale function. La función gdImageScaleTwoPass en gd_interpolation.c en el GD Graphics Library (también conocido como libgd) en versiones anteriores a 2.2.0, como es utilizado en PHP e... • http://rhn.redhat.com/errata/RHSA-2016-2750.html • CWE-399: Resource Management Errors CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 9.8EPSS: 3%CPEs: 30EXPL: 1CVE-2016-4537 – php: bcpowmod accepts negative scale causing heap buffer overflow corrupting _one_ definition
https://notcve.org/view.php?id=CVE-2016-4537
22 May 2016 — The bcpowmod function in ext/bcmath/bcmath.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 accepts a negative integer for the scale argument, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted call. La función bcpowmod en ext/bcmath/bcmath.c en PHP en versiones anteriores a 5.5.35, 5.6.x en versiones anteriores a 5.6.21 y 7.x en versiones anteriores a 7.0.6 acepta un entero negativo para el argumento escala, lo que permite a a... • http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183736.html • CWE-20: Improper Input Validation CWE-122: Heap-based Buffer Overflow •