[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

ALAS-2015-509 --- php54

ID: oval:org.secpod.oval:def:1200048Date: (C)2015-12-29   (M)2024-02-19
Class: PATCHFamily: unix




A buffer overflow vulnerability was found in PHP"s phar implementation. See https://bugs.php.net/bug.php?id=69324 for more details. A use-after-free flaw was found in PHP"s phar paths implementation. A malicious script author could possibly use this flaw to disclose certain portions of server memory. A buffer over-read flaw was found in the GD library. A specially crafted GIF file could cause an application using the gdImageCreateFromGif function to crash. A NULL pointer dereference flaw was found in PHP"s pgsql extension. A specially crafted table name passed to function as pg_insert or pg_select could cause a PHP application to crash. A buffer overflow flaw was found in the way PHP"s Phar extension parsed Phar archives. A specially crafted archive could cause PHP to crash or, possibly, execute arbitrary code when opened

Platform:
Amazon Linux AMI
Product:
php54
Reference:
ALAS-2015-509
CVE-2015-2783
CVE-2015-3329
CVE-2015-2301
CVE-2015-1352
CVE-2014-9709
CVE    5
CVE-2014-9709
CVE-2015-1352
CVE-2015-3329
CVE-2015-2301
...
CPE    2
cpe:/o:amazon:linux
cpe:/a:php:php54

© SecPod Technologies