Showing 1 - 3 of 3

CVE-2016-4544

Status Candidate

Overview

The exif_process_TIFF_in_JPEG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not validate TIFF start data, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data.

Related Files

Gentoo Linux Security Advisory 201611-22: Posted Dec 1, 2016; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 201611-22 - Multiple vulnerabilities have been found in PHP, the worst of which could lead to arbitrary code execution or cause a Denial of Service condition. Versions less than 5.6.28 are affected.; tags | advisory, denial of service, arbitrary, php, vulnerability, code execution; systems | linux, gentoo; advisories | CVE-2015-8865, CVE-2016-3074, CVE-2016-4071, CVE-2016-4072, CVE-2016-4073, CVE-2016-4537, CVE-2016-4538, CVE-2016-4539, CVE-2016-4540, CVE-2016-4541, CVE-2016-4542, CVE-2016-4543, CVE-2016-4544, CVE-2016-5385, CVE-2016-6289, CVE-2016-6290, CVE-2016-6291, CVE-2016-6292, CVE-2016-6294, CVE-2016-6295, CVE-2016-6296, CVE-2016-6297, CVE-2016-7124, CVE-2016-7125, CVE-2016-7126, CVE-2016-7127, CVE-2016-7128, CVE-2016-7129; MD5 | f073cc5b80f46496a9c6ec7f001331ad; Download | Favorite | Comments (0)

Debian Security Advisory 3602-1: Posted Jun 14, 2016; Authored by Debian | Site debian.org; Debian Linux Security Advisory 3602-1 - Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development.; tags | advisory, web, php, vulnerability; systems | linux, debian; advisories | CVE-2013-7456, CVE-2016-3074, CVE-2016-4537, CVE-2016-4538, CVE-2016-4539, CVE-2016-4540, CVE-2016-4541, CVE-2016-4542, CVE-2016-4543, CVE-2016-4544, CVE-2016-5093, CVE-2016-5094, CVE-2016-5095, CVE-2016-5096; MD5 | b329343ab91d468e907230f7e181aed7; Download | Favorite | Comments (0)

Ubuntu Security Notice USN-2984-1: Posted May 24, 2016; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 2984-1 - It was discovered that the PHP Fileinfo component incorrectly handled certain magic files. An attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS. Hans Jerry Illikainen discovered that the PHP Zip extension incorrectly handled certain malformed Zip archives. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS. Various other issues were also addressed.; tags | advisory, remote, denial of service, arbitrary, php; systems | linux, ubuntu; advisories | CVE-2015-8865, CVE-2016-3078, CVE-2016-3132, CVE-2016-4070, CVE-2016-4071, CVE-2016-4072, CVE-2016-4073, CVE-2016-4342, CVE-2016-4343, CVE-2016-4537, CVE-2016-4538, CVE-2016-4539, CVE-2016-4540, CVE-2016-4541, CVE-2016-4542, CVE-2016-4543, CVE-2016-4544; MD5 | 50c1db5a82ce2fc56bc26d8613361ba0; Download | Favorite | Comments (0)

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Ubuntu 54 files
Red Hat 44 files
KingSkrupellos 24 files
Debian 16 files
Google Security Research 13 files
Victor Mondragon 10 files
Alejandra Sanchez 10 files
cp77fk4r 8 files
digitalwhisper 8 files
saelo 7 files

File Archives

Systems

AIX (413)
Apple (1,639)
BSD (347)
Cisco (1,850)
Debian (5,772)
Fedora (1,685)
FreeBSD (1,213)
Gentoo (3,688)
HPUX (868)
iOS (209)
iPhone (105)
IRIX (220)
Juniper (67)
Linux (35,358)
Mac OS X (656)
Mandriva (3,105)
NetBSD (255)
OpenBSD (460)
RedHat (7,285)
Slackware (901)
Solaris (1,580)
SUSE (1,444)
Ubuntu (6,182)
UNIX (8,470)
UnixWare (175)
Windows (5,488)
Other

CVE-2016-4544

Overview

Related Files

File Archive:

June 2019

Top Authors In Last 30 Days

File Tags

File Archives

Systems