Gentoo Linux Security Advisory 201606-10 - Multiple vulnerabilities have been found in PHP, the worst of which could lead to arbitrary code execution, or cause a Denial of Service condition. Versions less than 5.6.19 are affected.
11f795a7de85515d82acb7e31ed076476df493af2eac39961d98ae5a569b9c65Red Hat Security Advisory 2015-1187-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way the PHP module for the Apache httpd web server handled pipelined requests. A remote attacker could use this flaw to trigger the execution of a PHP script in a deinitialized interpreter, causing it to crash or, possibly, execute arbitrary code. A flaw was found in the way PHP parsed multipart HTTP POST requests. A specially crafted request could cause PHP to use an excessive amount of CPU time.
b34c749711ea3b7e7d1f8a9142f1a2421a5974fbdf7e052124d26207fc456487Red Hat Security Advisory 2015-1186-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way the PHP module for the Apache httpd web server handled pipelined requests. A remote attacker could use this flaw to trigger the execution of a PHP script in a deinitialized interpreter, causing it to crash or, possibly, execute arbitrary code. A flaw was found in the way PHP parsed multipart HTTP POST requests. A specially crafted request could cause PHP to use an excessive amount of CPU time.
0b7187415bdc0d78cd103b4bbf0cb103aecd6b3554e4079ac4b6be16514b3447Red Hat Security Advisory 2015-1135-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way the PHP module for the Apache httpd web server handled pipelined requests. A remote attacker could use this flaw to trigger the execution of a PHP script in a deinitialized interpreter, causing it to crash or, possibly, execute arbitrary code. A flaw was found in the way PHP parsed multipart HTTP POST requests. A specially crafted request could cause PHP to use an excessive amount of CPU time.
cd29d265756a82b81294b5b57ef3c66093befd38401aca38c86228d6f38a5a66Mandriva Linux Security Advisory 2015-209 - Update PHP packages address buffer over-read and overflow vulnerabilities. PHP has been updated to version 5.5.24, which fixes these issues and other bugs. Additionally the timezonedb packages has been upgraded to the latest version and the PECL packages which requires so has been rebuilt for php-5.5.24.
7240fd4534def87429d91c637b7729d5691e7f8862de87105b7fb9fae468642eSlackware Security Advisory - New php packages are available for Slackware 14.0, 14.1, and -current to fix security issues.
99ad1abcd26dab08695811257c2998e0a30dd4949338dc99aae75015340fafe9Ubuntu Security Notice 2572-1 - It was discovered that PHP incorrectly handled cleanup when used with Apache 2.4. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that PHP incorrectly handled opening tar, zip or phar archives through the PHAR extension. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
244c6d018bed72ec3bf51a251a141d8c6742d2dddff7af1f4fe2c11621debdd0
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed