Download
| Alert*
|
oval:org.secpod.oval:def:39599
The host is installed with Apple Mac OS X or Server 10.12.3 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle crafted EXIF data. Successful exploitation could allow attackers to divide the minimum representable negative integer by ... oval:org.secpod.oval:def:76713 The exif_convert_any_to_int function in ext/exif/exif.c in PHP before 5.6.30, 7.0.x before 7.0.15, and 7.1.x before 7.1.1 allows remote attackers to cause a denial of service (application crash) via crafted EXIF data that triggers an attempt to divide the minimum representable negative integer by -1 ... oval:org.secpod.oval:def:39033 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:51730 php7.0: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:1600519 Integer overflow in gd_io.c in the GD Graphics Library before 2.2.4 allows remote attackers to have unspecified impact via vectors involving the number of horizontal and vertical chunks in an image. In all versions of PHP 7, during the unserialization process, resizing the "properties"; hash table ... oval:org.secpod.oval:def:39728 Integer overflow in gd_io.c in the GD Graphics Library before 2.2.4 allows remote attackers to have unspecified impact via vectors involving the number of horizontal and vertical chunks in an image.The object_common1 function in ext/standard/var_unserializer.c in PHP before 5.6.30, 7.0.x before 7.0 ... oval:org.secpod.oval:def:602769 Several issues have been discovered in PHP, a widely-used open source general-purpose scripting language. CVE-2016-10158 Loading a TIFF or JPEG malicious file can lead to a Denial-of-Service attack when the EXIF header is being parsed. CVE-2016-10159 Loading a malicious phar archive can cause an ext ... oval:org.secpod.oval:def:703466 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:703488 php7.0: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:89044520 This update for php53 fixes the following security issues: - CVE-2016-7478: When unserializing untrusted input data, PHP could end up in an infinite loop, causing denial of service - CVE-2016-10158: The exif_convert_any_to_int function in ext/exif/exif.c in PHP allowed remote attackers to cause a d ... oval:org.secpod.oval:def:52834 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:504906 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: rh-php70-php . Security Fix: * php: Heap overflow in mysqlnd when not receiving UNSIGNED_FLAG in BIT field * php: Use after free in wddx_dese ... oval:org.secpod.oval:def:39718 The host is missing a security update according to Apple advisory, APPLE-SA-2017-03-27-3. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary ... |
