CVSS: 9.8EPSS: 3%CPEs: 30EXPL: 1CVE-2016-4540 – php: OOB read in grapheme_stripos and grapheme_strpos when negative offset is used
https://notcve.org/view.php?id=CVE-2016-4540
The grapheme_stripos function in ext/intl/grapheme/grapheme_string.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a negative offset. La función grapheme_stripos en ext/intl/grapheme/grapheme_string.c en PHP en versiones anteriores a 5.5.35, 5.6.x en versiones anteriores a 5.6.21 y 7.x en versiones anteriores a 7.0.6 permite a atacantes remotos provocar una denegación de servicio (lectura fuera de límites) o posiblemente tener otro impacto no especificado a través de un desplazamiento negativo. • http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183736.html http://lists.opensuse.org/opensuse-updates/2016-05/msg00086.html http://lists.opensuse.org/opensuse-updates/2016-06/msg00027.html http://php.net/ChangeLog-5.php http://php.net/ChangeLog-7.php http://rhn.redhat.com/errata/RHSA-2016-2750.html http://www.debian.org/security/2016/dsa-3602 http://www.openwall.com/lists/oss-security/2016/05/05/21 http://www.securityfocus.com/bid/90172 https:/ • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 3%CPEs: 30EXPL: 1CVE-2016-4541 – php: OOB read in grapheme_stripos and grapheme_strpos when negative offset is used
https://notcve.org/view.php?id=CVE-2016-4541
The grapheme_strpos function in ext/intl/grapheme/grapheme_string.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a negative offset. La función grapheme_strpos en ext/intl/grapheme/grapheme_string.c en PHP en versiones anteriores a 5.5.35, 5.6.x en versiones anteriores a 5.6.21 y 7.x en versiones anteriores a 7.0.6 permite a atacantes remotos provocar una denegación de servicio (lectura fuera de rango) o posiblemente tener otro impacto no especificado a través de un desplazamiento negativo. • http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183736.html http://lists.opensuse.org/opensuse-updates/2016-05/msg00086.html http://lists.opensuse.org/opensuse-updates/2016-06/msg00027.html http://php.net/ChangeLog-5.php http://php.net/ChangeLog-7.php http://rhn.redhat.com/errata/RHSA-2016-2750.html http://www.debian.org/security/2016/dsa-3602 http://www.openwall.com/lists/oss-security/2016/05/05/21 http://www.securityfocus.com/bid/90172 https:/ • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 3%CPEs: 30EXPL: 1CVE-2016-4542 – php: Out-of-bounds heap memory read in exif_read_data() caused by malformed input
https://notcve.org/view.php?id=CVE-2016-4542
The exif_process_IFD_TAG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not properly construct spprintf arguments, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data. La función exif_process_IFD_TAG en ext/exif/exif.c en PHP en versiones anteriores a 5.5.35, 5.6.x en versiones anteriores a 5.6.21 y 7.x en versiones anteriores a 7.0.6 no construye adecuadamente argumentos spprintf, lo que permite a atacantes remotos provocar una denegación de servicio (lectura fuera de límites) o posiblemente tener otro impacto no especificado a través de datos de cabecera manipulados. • http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183736.html http://lists.opensuse.org/opensuse-updates/2016-05/msg00086.html http://lists.opensuse.org/opensuse-updates/2016-06/msg00027.html http://php.net/ChangeLog-5.php http://php.net/ChangeLog-7.php http://rhn.redhat.com/errata/RHSA-2016-2750.html http://www.debian.org/security/2016/dsa-3602 http://www.openwall.com/lists/oss-security/2016/05/05/21 http://www.securityfocus.com/bid/89844 https:/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 1%CPEs: 31EXPL: 1CVE-2016-4543 – php: Out-of-bounds heap memory read in exif_read_data() caused by malformed input
https://notcve.org/view.php?id=CVE-2016-4543
The exif_process_IFD_in_JPEG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not validate IFD sizes, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data. La función exif_process_IFD_in_JPEG en ext/exif/exif.c en PHP en versiones anteriores a 5.5.35, 5.6.x en versiones anteriores a 5.6.21 y 7.x en versiones anteriores a 7.0.6 no valida tamaños IFD, lo que permite a atacantes remotos provocar una denegación de servicio (lectura fuera de límites) o posiblemente tener otro impacto no especificado a través de datos de cabecera manipulados. • http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183736.html http://lists.opensuse.org/opensuse-updates/2016-05/msg00086.html http://lists.opensuse.org/opensuse-updates/2016-06/msg00027.html http://php.net/ChangeLog-5.php http://php.net/ChangeLog-7.php http://rhn.redhat.com/errata/RHSA-2016-2750.html http://www.debian.org/security/2016/dsa-3602 http://www.openwall.com/lists/oss-security/2016/05/05/21 http://www.securityfocus.com/bid/89844 https:/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 1%CPEs: 7EXPL: 1CVE-2016-4544 – php: Out-of-bounds heap memory read in exif_read_data() caused by malformed input
https://notcve.org/view.php?id=CVE-2016-4544
The exif_process_TIFF_in_JPEG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not validate TIFF start data, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data. La función exif_process_TIFF_in_JPEG en ext/exif/exif.c en PHP en versiones anteriores a 5.5.35, 5.6.x en versiones anteriores a 5.6.21 y 7.x en versiones anteriores a 7.0.6 no valida los datos de inicio TIFF, lo que permite a atacantes remotos provocar una denegación de servicio (lectura fuera de límites) o posiblemente tener otro impacto no especificado a través de datos de cabecera manipulados. • http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183736.html http://lists.opensuse.org/opensuse-updates/2016-05/msg00086.html http://lists.opensuse.org/opensuse-updates/2016-06/msg00027.html http://php.net/ChangeLog-5.php http://php.net/ChangeLog-7.php http://rhn.redhat.com/errata/RHSA-2016-2750.html http://www.debian.org/security/2016/dsa-3602 http://www.openwall.com/lists/oss-security/2016/05/05/21 http://www.securityfocus.com/bid/89844 https:/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •