DSA-3195-1 php5 -- php5ID: oval:org.secpod.oval:def:602007 | Date: (C)2015-03-26 (M)2024-02-19 |
Class: PATCH | Family: unix |
Multiple vulnerabilities have been discovered in the PHP language: CVE-2015-2305 Guido Vranken discovered a heap overflow in the ereg extension . CVE-2014-9705 Buffer overflow in the enchant extension. CVE-2015-0231 Stefan Esser discovered a use-after-free in the unserialisation of objects. CVE-2015-0232 Alex Eubanks discovered incorrect memory management in the exif extension. CVE-2015-0273 Use-after-free in the unserialisation of DateTimeZone.