ALAS-2014-435 ---- php55ID: oval:org.secpod.oval:def:1600015 | Date: (C)2016-01-19 (M)2023-12-07 |
Class: PATCH | Family: unix |
An out of bounds read flaw was found in the way the xmlrpc extension parsed dates in the ISO 8601 format. A specially crafted XML-RPC request or response could possibly cause a PHP application to crash. An integer overflow flaw was found in the way custom objects were unserialized. Specially crafted input processed by the unserialize function could cause a PHP application to crash. A buffer overflow flaw was found in the Exif extension. A specially crafted JPEG or TIFF file could cause a PHP application using the exif_thumbnail function to crash or, possibly, execute arbitrary code with the privileges of the user running that PHP application
Platform: |
Amazon Linux AMI |