Download
| Alert*
oval:org.secpod.oval:def:89045123
This update for gd fixes the following issues: * CVE-2016-9933 possible stackoverflow on malicious truecolor images [bsc#1015187] oval:org.secpod.oval:def:89045174 This update for gd fixes the following issues: * CVE-2016-9933 possible stackoverflow on malicious truecolor images [bsc#1015187] oval:org.secpod.oval:def:39117 libgd2: GD Graphics Library The GD library could be made to crash or run programs if it processed a specially crafted image file. oval:org.secpod.oval:def:89044653 This update for php53 fixes the following issues: * CVE-2014-9912: Stack-based buffer overflow in uloc_getDisplayName [bsc#1012232] * CVE-2016-9933: Possible stack overflow on truecolor images handling [bsc#1015187] * CVE-2016-9934: Dereference from NULL pointer could lead to crash [bsc#1015188] * C ... oval:org.secpod.oval:def:38791 The host is installed with Apple Mac OS X or Server 10.12.2 and is prone to a stack overflow vulnerability. A flaw is present in the application, which fails to properly handle a crafted imagefilltoborder call that triggers use of a negative color value. Successful exploitation could allow attackers ... oval:org.secpod.oval:def:1600498 The SplObjectStorage unserialize implementation in ext/spl/spl_observer.c in PHP before 7.0.12 does not verify that a key is an object, which allows remote attackers to execute arbitrary code or cause a denial of service via crafted serialized data. Use-after-free vulnerability in the CURLFile impl ... oval:org.secpod.oval:def:602697 Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development. The vulnerabilities are addressed by upgrading PHP to the new upstream version 5.6.28, which includes additional bug fixes. Please refer to the upstream changelog for more i ... oval:org.secpod.oval:def:703490 libgd2: GD Graphics Library The GD library could be made to crash or run programs if it processed a specially crafted image file. oval:org.secpod.oval:def:51732 libgd2: GD Graphics Library The GD library could be made to crash or run programs if it processed a specially crafted image file. oval:org.secpod.oval:def:602722 A stack overflow vulnerability was discovered within the gdImageFillToBorder function in libgd2, a library for programmatic graphics creation and manipulation, triggered when invalid colors are used with truecolor images. A remote attacker can take advantage of this flaw to cause a denial-of-service ... oval:org.secpod.oval:def:38789 The host is missing a security update according to Apple advisory, APPLE-SA-2017-01-23-2. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary ... oval:org.secpod.oval:def:1600497 A vulnerability was found in gd. Integer underflow in a calculation in dynamicGetbuf was incorrectly handled, leading in some circumstances to an out of bounds write through a very large argument to memcpy. An attacker could create a crafted image that would lead to a crash or, potentially, code exe ... oval:org.secpod.oval:def:504906 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: rh-php70-php . Security Fix: * php: Heap overflow in mysqlnd when not receiving UNSIGNED_FLAG in BIT field * php: Use after free in wddx_dese ... |