Showing 1 - 3 of 3

CVE-2016-4544

Status Candidate

Overview

The exif_process_TIFF_in_JPEG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not validate TIFF start data, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data.

Related Files

Gentoo Linux Security Advisory 201611-22: Posted Dec 1, 2016; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 201611-22 - Multiple vulnerabilities have been found in PHP, the worst of which could lead to arbitrary code execution or cause a Denial of Service condition. Versions less than 5.6.28 are affected.; tags | advisory, denial of service, arbitrary, php, vulnerability, code execution; systems | linux, gentoo; advisories | CVE-2015-8865, CVE-2016-3074, CVE-2016-4071, CVE-2016-4072, CVE-2016-4073, CVE-2016-4537, CVE-2016-4538, CVE-2016-4539, CVE-2016-4540, CVE-2016-4541, CVE-2016-4542, CVE-2016-4543, CVE-2016-4544, CVE-2016-5385, CVE-2016-6289, CVE-2016-6290, CVE-2016-6291, CVE-2016-6292, CVE-2016-6294, CVE-2016-6295, CVE-2016-6296, CVE-2016-6297, CVE-2016-7124, CVE-2016-7125, CVE-2016-7126, CVE-2016-7127, CVE-2016-7128, CVE-2016-7129; MD5 | f073cc5b80f46496a9c6ec7f001331ad; Download | Favorite | View

Debian Security Advisory 3602-1: Posted Jun 14, 2016; Authored by Debian | Site debian.org; Debian Linux Security Advisory 3602-1 - Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development.; tags | advisory, web, php, vulnerability; systems | linux, debian; advisories | CVE-2013-7456, CVE-2016-3074, CVE-2016-4537, CVE-2016-4538, CVE-2016-4539, CVE-2016-4540, CVE-2016-4541, CVE-2016-4542, CVE-2016-4543, CVE-2016-4544, CVE-2016-5093, CVE-2016-5094, CVE-2016-5095, CVE-2016-5096; MD5 | b329343ab91d468e907230f7e181aed7; Download | Favorite | View

Ubuntu Security Notice USN-2984-1: Posted May 24, 2016; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 2984-1 - It was discovered that the PHP Fileinfo component incorrectly handled certain magic files. An attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS. Hans Jerry Illikainen discovered that the PHP Zip extension incorrectly handled certain malformed Zip archives. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS. Various other issues were also addressed.; tags | advisory, remote, denial of service, arbitrary, php; systems | linux, ubuntu; advisories | CVE-2015-8865, CVE-2016-3078, CVE-2016-3132, CVE-2016-4070, CVE-2016-4071, CVE-2016-4072, CVE-2016-4073, CVE-2016-4342, CVE-2016-4343, CVE-2016-4537, CVE-2016-4538, CVE-2016-4539, CVE-2016-4540, CVE-2016-4541, CVE-2016-4542, CVE-2016-4543, CVE-2016-4544; MD5 | 50c1db5a82ce2fc56bc26d8613361ba0; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 82 files
Gentoo 55 files
malvuln 47 files
Ubuntu 30 files
faisalfs10x 12 files
Apple 7 files
LiquidWorm 7 files
Google Security Research 6 files
Ron Jost 5 files
Subhadip Nag 4 files

File Archives

Systems

AIX (422)
Apple (1,811)
BSD (368)
CentOS (53)
Cisco (1,907)
Debian (5,946)
Fedora (1,690)
FreeBSD (1,241)
Gentoo (4,148)
HPUX (874)
iOS (295)
iPhone (108)
IRIX (220)
Juniper (67)
Linux (40,407)
Mac OS X (679)
Mandriva (3,105)
NetBSD (255)
OpenBSD (474)
RedHat (10,290)
Slackware (941)
Solaris (1,600)
SUSE (1,444)
Ubuntu (7,346)
UNIX (8,938)
UnixWare (181)
Windows (6,066)
Other

CVE-2016-4544

Overview

Related Files

File Archive:

August 2021

Top Authors In Last 30 Days

File Tags

File Archives

Systems