Showing 1 - 3 of 3

CVE-2016-4544

Status Candidate

Overview

The exif_process_TIFF_in_JPEG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not validate TIFF start data, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data.

Related Files

Gentoo Linux Security Advisory 201611-22: Posted Dec 1, 2016; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 201611-22 - Multiple vulnerabilities have been found in PHP, the worst of which could lead to arbitrary code execution or cause a Denial of Service condition. Versions less than 5.6.28 are affected.; tags | advisory, denial of service, arbitrary, php, vulnerability, code execution; systems | linux, gentoo; advisories | CVE-2015-8865, CVE-2016-3074, CVE-2016-4071, CVE-2016-4072, CVE-2016-4073, CVE-2016-4537, CVE-2016-4538, CVE-2016-4539, CVE-2016-4540, CVE-2016-4541, CVE-2016-4542, CVE-2016-4543, CVE-2016-4544, CVE-2016-5385, CVE-2016-6289, CVE-2016-6290, CVE-2016-6291, CVE-2016-6292, CVE-2016-6294, CVE-2016-6295, CVE-2016-6296, CVE-2016-6297, CVE-2016-7124, CVE-2016-7125, CVE-2016-7126, CVE-2016-7127, CVE-2016-7128, CVE-2016-7129; SHA-256 | 52e724112af437f442f0e544ef13d31b93ca4b1cc384b4d064b812122fe84921; Download | Favorite | View

Debian Security Advisory 3602-1: Posted Jun 14, 2016; Authored by Debian | Site debian.org; Debian Linux Security Advisory 3602-1 - Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development.; tags | advisory, web, php, vulnerability; systems | linux, debian; advisories | CVE-2013-7456, CVE-2016-3074, CVE-2016-4537, CVE-2016-4538, CVE-2016-4539, CVE-2016-4540, CVE-2016-4541, CVE-2016-4542, CVE-2016-4543, CVE-2016-4544, CVE-2016-5093, CVE-2016-5094, CVE-2016-5095, CVE-2016-5096; SHA-256 | 69376414ca1d610772cd1608a7ba57acbe421f8906037e8304764a1a92db5b5d; Download | Favorite | View

Ubuntu Security Notice USN-2984-1: Posted May 24, 2016; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 2984-1 - It was discovered that the PHP Fileinfo component incorrectly handled certain magic files. An attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS. Hans Jerry Illikainen discovered that the PHP Zip extension incorrectly handled certain malformed Zip archives. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS. Various other issues were also addressed.; tags | advisory, remote, denial of service, arbitrary, php; systems | linux, ubuntu; advisories | CVE-2015-8865, CVE-2016-3078, CVE-2016-3132, CVE-2016-4070, CVE-2016-4071, CVE-2016-4072, CVE-2016-4073, CVE-2016-4342, CVE-2016-4343, CVE-2016-4537, CVE-2016-4538, CVE-2016-4539, CVE-2016-4540, CVE-2016-4541, CVE-2016-4542, CVE-2016-4543, CVE-2016-4544; SHA-256 | 264cfc8cd7257e3fdc5b3ecb5d21a1ddea22e0c427eef2997d33a60a1c152159; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 282 files
Jay Turla 150 files
indoushka 149 files
Ubuntu 69 files
h00die 54 files
juan vazquez 43 files
sinn3r 41 files
Gentoo 31 files
H D Moore 31 files
Debian 30 files

File Archives

Systems

AIX (429)
Apple (2,104)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,117)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,567)
HPUX (880)
iOS (387)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,059)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,725)
Slackware (941)
Solaris (1,614)
SUSE (1,444)
Ubuntu (9,806)
UNIX (9,449)
UnixWare (187)
Windows (6,762)
Other

CVE-2016-4544

Overview

Related Files

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems