Page 22 of 537 results (0.009 seconds)

CVSS: 9.8EPSS: 3%CPEs: 30EXPL: 1

CVE-2016-4540 – php: OOB read in grapheme_stripos and grapheme_strpos when negative offset is used

https://notcve.org/view.php?id=CVE-2016-4540

The grapheme_stripos function in ext/intl/grapheme/grapheme_string.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a negative offset. La función grapheme_stripos en ext/intl/grapheme/grapheme_string.c en PHP en versiones anteriores a 5.5.35, 5.6.x en versiones anteriores a 5.6.21 y 7.x en versiones anteriores a 7.0.6 permite a atacantes remotos provocar una denegación de servicio (lectura fuera de límites) o posiblemente tener otro impacto no especificado a través de un desplazamiento negativo. • http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183736.html http://lists.opensuse.org/opensuse-updates/2016-05/msg00086.html http://lists.opensuse.org/opensuse-updates/2016-06/msg00027.html http://php.net/ChangeLog-5.php http://php.net/ChangeLog-7.php http://rhn.redhat.com/errata/RHSA-2016-2750.html http://www.debian.org/security/2016/dsa-3602 http://www.openwall.com/lists/oss-security/2016/05/05/21 http://www.securityfocus.com/bid/90172 https:/ • CWE-125: Out-of-bounds Read •

CVSS: 8.8EPSS: 3%CPEs: 23EXPL: 1

CVE-2016-4342 – php: use of uninitialized pointer in PharFileInfo::getContent

https://notcve.org/view.php?id=CVE-2016-4342

ext/phar/phar_object.c in PHP before 5.5.32, 5.6.x before 5.6.18, and 7.x before 7.0.3 mishandles zero-length uncompressed data, which allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted (1) TAR, (2) ZIP, or (3) PHAR archive. ext/phar/phar_object.c en PHP en versiones anteriores a 5.5.32, 5.6.x en versiones anteriores a 5.6.18 y 7.x en versiones anteriores a 7.0.3 no maneja correctamente los datos sin comprimir de longitud cero, lo que permite a atacantes remotos provocar una denegación de servicio (corrupción de la memoria dinámica) o posiblemente tener otro impacto no especificado a través de un archivo (1) TAR, (2) ZIP o (3) PHAR manipulado. • http://lists.opensuse.org/opensuse-updates/2016-05/msg00086.html http://lists.opensuse.org/opensuse-updates/2016-06/msg00027.html http://php.net/ChangeLog-5.php http://php.net/ChangeLog-7.php http://rhn.redhat.com/errata/RHSA-2016-2750.html http://www.openwall.com/lists/oss-security/2016/04/28/2 http://www.securityfocus.com/bid/89154 https://bugs.php.net/bug.php?id=71354 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-665: Improper Initialization •

CVSS: 7.5EPSS: 6%CPEs: 2EXPL: 1

CVE-2015-8877 – gd: gdImageScaleTwoPass function in gd_interpolation.c uses inconsistent allocate and free approaches

https://notcve.org/view.php?id=CVE-2015-8877

The gdImageScaleTwoPass function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.0, as used in PHP before 5.6.12, uses inconsistent allocate and free approaches, which allows remote attackers to cause a denial of service (memory consumption) via a crafted call, as demonstrated by a call to the PHP imagescale function. La función gdImageScaleTwoPass en gd_interpolation.c en el GD Graphics Library (también conocido como libgd) en versiones anteriores a 2.2.0, como es utilizado en PHP en versiones anteriores a 5.6.12, usa asignaciones inconsistentes y enfoques libres, lo que permite a atacantes remotos provocar una denegación del servicio (consumo de memoria) a través de una llamada manipulada, según lo demostrado mediante una llamada a la función PHP imagescale. • http://rhn.redhat.com/errata/RHSA-2016-2750.html http://www.debian.org/security/2016/dsa-3587 http://www.php.net/ChangeLog-5.php http://www.ubuntu.com/usn/USN-2987-1 https://bugs.php.net/bug.php?id=70064 https://github.com/libgd/libgd/commit/4751b606fa38edc456d627140898a7ec679fcc24 https://github.com/libgd/libgd/issues/173 https://access.redhat.com/security/cve/CVE-2015-8877 https://bugzilla.redhat.com/show_bug.cgi?id=1338907 • CWE-399: Resource Management Errors CWE-772: Missing Release of Resource after Effective Lifetime •

CVSS: 8.8EPSS: 29%CPEs: 4EXPL: 1

CVE-2016-4343 – php: Uninitialized pointer in phar_make_dirstream()

https://notcve.org/view.php?id=CVE-2016-4343

The phar_make_dirstream function in ext/phar/dirstream.c in PHP before 5.6.18 and 7.x before 7.0.3 mishandles zero-size ././@LongLink files, which allows remote attackers to cause a denial of service (uninitialized pointer dereference) or possibly have unspecified other impact via a crafted TAR archive. La función phar_make_dirstream en ext/phar/dirstream.c en PHP en versiones anteriores a 5.6.18 y 7.x en versiones anteriores a 7.0.3 no maneja correctamente archivos ././@LongLink de tamaño cero, lo que permite a atacantes remotos provocar una denegación de servicio (referencia a puntero no inicializado) o posiblemente tener otro impacto no especificado a través de un archivo TAR manipulado. • http://lists.opensuse.org/opensuse-updates/2016-05/msg00086.html http://php.net/ChangeLog-5.php http://php.net/ChangeLog-7.php http://rhn.redhat.com/errata/RHSA-2016-2750.html http://www.openwall.com/lists/oss-security/2016/04/28/2 http://www.securityfocus.com/bid/89179 https://bugs.php.net/bug.php?id=71331 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDi • CWE-456: Missing Initialization of a Variable CWE-824: Access of Uninitialized Pointer •

CVSS: 9.8EPSS: 1%CPEs: 31EXPL: 1

CVE-2016-4543 – php: Out-of-bounds heap memory read in exif_read_data() caused by malformed input

https://notcve.org/view.php?id=CVE-2016-4543

The exif_process_IFD_in_JPEG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not validate IFD sizes, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data. La función exif_process_IFD_in_JPEG en ext/exif/exif.c en PHP en versiones anteriores a 5.5.35, 5.6.x en versiones anteriores a 5.6.21 y 7.x en versiones anteriores a 7.0.6 no valida tamaños IFD, lo que permite a atacantes remotos provocar una denegación de servicio (lectura fuera de límites) o posiblemente tener otro impacto no especificado a través de datos de cabecera manipulados. • http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183736.html http://lists.opensuse.org/opensuse-updates/2016-05/msg00086.html http://lists.opensuse.org/opensuse-updates/2016-06/msg00027.html http://php.net/ChangeLog-5.php http://php.net/ChangeLog-7.php http://rhn.redhat.com/errata/RHSA-2016-2750.html http://www.debian.org/security/2016/dsa-3602 http://www.openwall.com/lists/oss-security/2016/05/05/21 http://www.securityfocus.com/bid/89844 https:/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •