Red Hat Security Advisory 2018-1296-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: rh-php70-php. Issues addressed include buffer overflow, cross site scripting, denial of service, heap overflow, remote file inclusion, and use-after-free vulnerabilities.
7d3b1f62dd47f6ccce2cd1aa1495159b5a0ec53d7009c7657d7a8518e489c754Apple Security Advisory 2017-03-27-3 - macOS Sierra 10.12.4, Security Update 2017-001 El Capitan, and Security Update 2017-001 Yosemite are now available and address multiple vulnerabilities.
54a3d5f1eafce35231db5001f3683c3b0fd1ddc198a138e24dfe71082667f5b2buntu Security Notice 3211-2 - USN-3211-1 fixed vulnerabilities in PHP by updating to the new 7.0.15 upstream release. PHP 7.0.15 introduced a regression when using MySQL with large blobs. This update fixes the problem with a backported fix. It was discovered that PHP incorrectly handled certain invalid objects when unserializing data. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that PHP incorrectly handled certain invalid objects when unserializing data. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that PHP incorrectly handled unserializing certain wddxPacket XML documents. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
395852aeeb90db3e7f13ca41dc38ada3e18b361a3bb7c07acfca5df0267d117cUbuntu Security Notice 3211-1 - It was discovered that PHP incorrectly handled certain invalid objects when unserializing data. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that PHP incorrectly handled certain invalid objects when unserializing data. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
ee725f310771fc35d7cc3ac15e95e4674c6a5a8b5ec3ed497c4f369a51d9cb9eGentoo Linux Security Advisory 201702-29 - Multiple vulnerabilities have been found in PHP, the worst of which could lead to arbitrary code execution or cause a Denial of Service condition. Versions less than 5.6.30 are affected.
ec42c36b4767f530d07746cdd108f513497e414b8bdd65fe5815c133f70a9192Ubuntu Security Notice 3196-1 - It was discovered that PHP incorrectly handled certain arguments to the locale_get_display_name function. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that PHP incorrectly handled certain invalid objects when unserializing data. A remote attacker could use this issue to cause PHP to hang, resulting in a denial of service. Various other issues were also addressed.
93a3a63f183948f98ba44574ebc7c6018713099ee6eeda9cb488a74da210e230Slackware Security Advisory - New php packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.
5054ac2d26cabfc26e61bb9b5a91e4b509c19fce4f38e23de656fbf80a92804eDebian Linux Security Advisory 3783-1 - Several issues have been discovered in PHP, a widely-used open source general-purpose scripting language.
ebbe1c793550190b2bc47c8667a87f2d51ed603b010931f7a0749bc6c465e05e
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed