Page 22 of 140 results (0.008 seconds)

CVSS: 8.6EPSS: 2%CPEs: 38EXPL: 1

CVE-2016-5093 – php: improper nul termination leading to out-of-bounds read in get_icu_value_internal

https://notcve.org/view.php?id=CVE-2016-5093

The get_icu_value_internal function in ext/intl/locale/locale_methods.c in PHP before 5.5.36, 5.6.x before 5.6.22, and 7.x before 7.0.7 does not ensure the presence of a '\0' character, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted locale_get_primary_language call. La función get_icu_value_internal en ext/intl/locale/locale_methods.c en PHP en versiones anteriores a 5.5.36, 5.6.x en versiones anteriores a 5.6.22 y 7.x en versiones anteriores a 7.0.7 no asegura la presencia de un carácter '\0', lo que permite a atacantes remotos provocar una denegación de servicio (lectura fuera de rango) o posiblemente tener otro impacto no especificado a través de una llamada locale_get_primary_language manipulada. • http://php.net/ChangeLog-5.php http://php.net/ChangeLog-7.php http://rhn.redhat.com/errata/RHSA-2016-2750.html http://www.debian.org/security/2016/dsa-3602 http://www.openwall.com/lists/oss-security/2016/05/26/3 http://www.securityfocus.com/bid/90946 https://bugs.php.net/bug.php?id=72241 https://github.com/php/php-src/commit/97eff7eb57fc2320c267a949cffd622c38712484?w=1 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731 https&# • CWE-125: Out-of-bounds Read CWE-170: Improper Null Termination •

CVSS: 8.6EPSS: 4%CPEs: 31EXPL: 0

CVE-2016-5094 – php: Integer overflow in php_html_entities()

https://notcve.org/view.php?id=CVE-2016-5094

Integer overflow in the php_html_entities function in ext/standard/html.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering a large output string from the htmlspecialchars function. Desbordamiento de entero en la función php_html_entities en ext/standard/html.c en PHP en versiones anteriores a 5.5.36 y 5.6.x en versiones anteriores a 5.6.22 permite a atacantes remotos provocar una denegación de servicio o posiblemente tener otro impacto no especificado desencadenando una cadena de salida grande de la función htmlspecialchars. • http://php.net/ChangeLog-5.php http://rhn.redhat.com/errata/RHSA-2016-2750.html http://www.debian.org/security/2016/dsa-3602 http://www.openwall.com/lists/oss-security/2016/05/26/3 http://www.securityfocus.com/bid/90857 https://bugs.php.net/bug.php?id=72135 https://github.com/php/php-src/commit/0da8b8b801f9276359262f1ef8274c7812d3dfda?w=1 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731 https://access.redhat.com/security/cve&#x • CWE-190: Integer Overflow or Wraparound •

CVSS: 8.6EPSS: 6%CPEs: 31EXPL: 1

CVE-2016-5096 – php: Integer underflow causing arbitrary null write in fread/gzread

https://notcve.org/view.php?id=CVE-2016-5096

Integer overflow in the fread function in ext/standard/file.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large integer in the second argument. Desbordamiento de entero en la función fread en ext/standard/file.c en PHP en versiones anteriores a 5.5.36 y 5.6.x en versiones anteriores a 5.6.22 permite a atacantes remotos provocar una denegación de servicio o posiblemente tener otro impacto no especificado a través de un entero grande en el segundo argumento. • http://php.net/ChangeLog-5.php http://rhn.redhat.com/errata/RHSA-2016-2750.html http://www.debian.org/security/2016/dsa-3602 http://www.openwall.com/lists/oss-security/2016/05/26/3 http://www.securityfocus.com/bid/90861 https://bugs.php.net/bug.php?id=72114 https://github.com/php/php-src/commit/abd159cce48f3e34f08e4751c568e09677d5ec9c?w=1 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731 https://access.redhat.com/security/cve&#x • CWE-190: Integer Overflow or Wraparound •

CVSS: 7.6EPSS: 2%CPEs: 39EXPL: 1

CVE-2013-7456 – gd: incorrect boundary adjustment in _gdContributionsCalc

https://notcve.org/view.php?id=CVE-2013-7456

gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.1.1, as used in PHP before 5.5.36, 5.6.x before 5.6.22, and 7.x before 7.0.7, allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted image that is mishandled by the imagescale function. gd_interpolation.c en la GD Graphics Library (también conocido como libgd) en versiones anteriores a 2.1.1, tal como se usa en PHP en versiones anteriores 5.5.36, 5.6.x en versiones anteriores 5.6.22 y 7.x en versiones anteriores 7.0.7, permite a atacantes remotos provocar una denegación de servicio (lectura fuera de rango) o posiblemente tener otro impacto no especificado a través de una imagen manipulada que no es manejada adecuadamente por la función imagescale. • http://php.net/ChangeLog-5.php http://php.net/ChangeLog-7.php http://rhn.redhat.com/errata/RHSA-2016-2750.html http://www.debian.org/security/2016/dsa-3587 http://www.debian.org/security/2016/dsa-3602 http://www.openwall.com/lists/oss-security/2016/05/26/3 http://www.securityfocus.com/bid/90859 http://www.ubuntu.com/usn/USN-3030-1 https://bugs.php.net/bug.php?id=72227 https://github.com/libgd/libgd/commit/4f65a3e4eedaffa1efcf9ee1eb08f0b504fbc31a https:/& • CWE-125: Out-of-bounds Read •

CVSS: 8.8EPSS: 3%CPEs: 23EXPL: 1

CVE-2016-4342 – php: use of uninitialized pointer in PharFileInfo::getContent

https://notcve.org/view.php?id=CVE-2016-4342

ext/phar/phar_object.c in PHP before 5.5.32, 5.6.x before 5.6.18, and 7.x before 7.0.3 mishandles zero-length uncompressed data, which allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted (1) TAR, (2) ZIP, or (3) PHAR archive. ext/phar/phar_object.c en PHP en versiones anteriores a 5.5.32, 5.6.x en versiones anteriores a 5.6.18 y 7.x en versiones anteriores a 7.0.3 no maneja correctamente los datos sin comprimir de longitud cero, lo que permite a atacantes remotos provocar una denegación de servicio (corrupción de la memoria dinámica) o posiblemente tener otro impacto no especificado a través de un archivo (1) TAR, (2) ZIP o (3) PHAR manipulado. • http://lists.opensuse.org/opensuse-updates/2016-05/msg00086.html http://lists.opensuse.org/opensuse-updates/2016-06/msg00027.html http://php.net/ChangeLog-5.php http://php.net/ChangeLog-7.php http://rhn.redhat.com/errata/RHSA-2016-2750.html http://www.openwall.com/lists/oss-security/2016/04/28/2 http://www.securityfocus.com/bid/89154 https://bugs.php.net/bug.php?id=71354 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-665: Improper Initialization •