CVSS: 9.8EPSS: 2%CPEs: 5EXPL: 0CVE-2016-10160 – php: Off-by-one error in phar_parse_pharfile when loading crafted phar archive
https://notcve.org/view.php?id=CVE-2016-10160
24 Jan 2017 — Off-by-one error in the phar_parse_pharfile function in ext/phar/phar.c in PHP before 5.6.30 and 7.0.x before 7.0.15 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted PHAR archive with an alias mismatch. Error por un paso en la función phar_parse_pharfile en ext/phar/phar.c en PHP en versiones anteriores a 5.6.30 y 7.0.x en versiones anteriores a 7.0.15 permite a atacantes remotos provocar una denegación de servicio (corrupción de memor... • http://php.net/ChangeLog-5.php • CWE-193: Off-by-one Error •
CVSS: 7.5EPSS: 5%CPEs: 17EXPL: 0CVE-2016-10158 – php: Wrong calculation in exif_convert_any_to_int function
https://notcve.org/view.php?id=CVE-2016-10158
24 Jan 2017 — The exif_convert_any_to_int function in ext/exif/exif.c in PHP before 5.6.30, 7.0.x before 7.0.15, and 7.1.x before 7.1.1 allows remote attackers to cause a denial of service (application crash) via crafted EXIF data that triggers an attempt to divide the minimum representable negative integer by -1. La función exif_convert_any_to_int en ext/exif/exif.c en PHP en versiones anteriores a 5.6.30, 7.0.x en versiones anteriores a 7.0.15, y 7.1.x en versiones anteriores a 7.1.1 permite a atacantes remotos provoca... • http://php.net/ChangeLog-5.php • CWE-189: Numeric Errors CWE-682: Incorrect Calculation •
CVSS: 9.8EPSS: 1%CPEs: 15EXPL: 1CVE-2016-7479 – php: Use-after-free vulnerability when resizing the 'properties' hash table of a serialized object
https://notcve.org/view.php?id=CVE-2016-7479
12 Jan 2017 — In all versions of PHP 7, during the unserialization process, resizing the 'properties' hash table of a serialized object may lead to use-after-free. A remote attacker may exploit this bug to gain arbitrary code execution. En todas las versiones de PHP 7, durante el proceso no serializado, redimensionando las "propiedades" de la tabla hash de un objeto serializado puede conducir a un uso después de liberación de memoria. Un atacante remoto puede explotar este error para obtener ejecución de código arbitrari... • http://blog.checkpoint.com/2016/12/27/check-point-discovers-three-zero-day-vulnerabilities-web-programming-language-php-7 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2016-7480
https://notcve.org/view.php?id=CVE-2016-7480
11 Jan 2017 — The SplObjectStorage unserialize implementation in ext/spl/spl_observer.c in PHP before 7.0.12 does not verify that a key is an object, which allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized memory access) via crafted serialized data. La implementación no serializable SplObjectStorage en ext/spl/spl_observer.c en PHP en versiones anteriores a 7.0.12 no verifica que una clave sea un objeto, lo que permite a atacantes remotos ejecutar código arbitrario o provocar u... • http://blog.checkpoint.com/2016/12/27/check-point-discovers-three-zero-day-vulnerabilities-web-programming-language-php-7 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 9%CPEs: 202EXPL: 1CVE-2016-7478 – Ubuntu Security Notice USN-3196-1
https://notcve.org/view.php?id=CVE-2016-7478
11 Jan 2017 — Zend/zend_exceptions.c in PHP, possibly 5.x before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (infinite loop) via a crafted Exception object in serialized data, a related issue to CVE-2015-8876. cccZend/zend_exceptions.c en PHP, posiblemente en 5.x en versiones anteriores a 5.6.28 y 7.x en versiones anteriores a 7.0.13, permite a atacantes remotos provocar una denegación de servicio (bucle infinito) a través de un objeto Exception manipulado en datos serializados, un ... • http://blog.checkpoint.com/2016/12/27/check-point-discovers-three-zero-day-vulnerabilities-web-programming-language-php-7 •
CVSS: 9.8EPSS: 39%CPEs: 3EXPL: 1CVE-2017-5340 – php: Use of uninitialized memory in unserialize()
https://notcve.org/view.php?id=CVE-2017-5340
11 Jan 2017 — Zend/zend_hash.c in PHP before 7.0.15 and 7.1.x before 7.1.1 mishandles certain cases that require large array allocations, which allows remote attackers to execute arbitrary code or cause a denial of service (integer overflow, uninitialized memory access, and use of arbitrary destructor function pointers) via crafted serialized data. Zend/zend_hash.c en PHP en versiones anteriores a 7.0.15 y 7.1.x en versiones anteriores a 7.1.1 no maneja adecuadamente ciertos casos que requieren asignaciones de array gran... • http://www.securityfocus.com/bid/95371 • CWE-190: Integer Overflow or Wraparound CWE-456: Missing Initialization of a Variable •
CVSS: 9.8EPSS: 1%CPEs: 62EXPL: 0CVE-2014-9912 – Ubuntu Security Notice USN-3196-1
https://notcve.org/view.php?id=CVE-2014-9912
04 Jan 2017 — The get_icu_disp_value_src_php function in ext/intl/locale/locale_methods.c in PHP before 5.3.29, 5.4.x before 5.4.30, and 5.5.x before 5.5.14 does not properly restrict calls to the ICU uresbund.cpp component, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a locale_get_display_name call with a long first argument. La función get_icu_disp_value_src_php en ext/intl/locale/locale_methods.c en PHP en versiones anteriores a 5.3.29, 5.4.... • http://www.openwall.com/lists/oss-security/2016/11/25/1 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 14EXPL: 0CVE-2016-9138
https://notcve.org/view.php?id=CVE-2016-9138
04 Jan 2017 — PHP through 5.6.27 and 7.x through 7.0.12 mishandles property modification during __wakeup processing, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data, as demonstrated by Exception::__toString with DateInterval::__wakeup. PHP hasta la versión 5.6.27 y 7.x hasta la versión 7.0.12 no maneja adecuadamente la modificación de propiedades durante el procesamiento de __wakeup, lo que permite a atacantes remotos provocar una denegación... • http://www.openwall.com/lists/oss-security/2016/11/01/2 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 1%CPEs: 13EXPL: 1CVE-2016-9137 – Ubuntu Security Notice USN-3196-1
https://notcve.org/view.php?id=CVE-2016-9137
04 Jan 2017 — Use-after-free vulnerability in the CURLFile implementation in ext/curl/curl_file.c in PHP before 5.6.27 and 7.x before 7.0.12 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data that is mishandled during __wakeup processing. Vulnerabilidad de uso después de liberación de memoria en la implementación de CURLFile en ext/curl/curl_file.c en PHP en versiones anteriores a 5.6.27 y 7.x en versiones anteriores a 7.0.12 permite a atacantes remo... • http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=0e6fe3a4c96be2d3e88389a5776f878021b4c59f • CWE-416: Use After Free •
CVSS: 9.8EPSS: 1%CPEs: 14EXPL: 1CVE-2016-9936 – php: Use After Free in unserialize()
https://notcve.org/view.php?id=CVE-2016-9936
04 Jan 2017 — The unserialize implementation in ext/standard/var.c in PHP 7.x before 7.0.14 allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted serialized data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-6834. La implementación no serializada en ext/standard/var.c en PHP 7.x en versiones anteriores a 7.0.14 permite a atacantes remotos provocar una denegación de servicio (uso después de liberación) o posiblemente tener o... • http://lists.opensuse.org/opensuse-updates/2017-01/msg00034.html • CWE-416: Use After Free •