HP Security Bulletin HPSBST03671 2 - A security vulnerability in PHP was addressed by the HPE StoreEver MSL6480 Tape Library firmware version 5.10. The vulnerability could be exploited remotely to allow Unauthorized Disclosure of Information or Denial of Service via the Ethernet Management Interface. Please note that the Management Interface cannot access data stored on tape media, so this vulnerability does not allow for remote unauthorized disclosure of data stored on tape media or remote denial of service. Revision 2 of this advisory.
fb67b891b56562e11316c0a51423d76fGentoo Linux Security Advisory 201612-9 - Multiple vulnerabilities have been found in GD, the worst of which allows remote attackers to execute arbitrary code. Versions less than 2.2.3 are affected.
eba366b42804a6674922d4f6746456c4Red Hat Security Advisory 2016-2598-02 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: A flaw was found in the way certain error conditions were handled by bzread() function in PHP. An attacker could use this flaw to upload a specially crafted bz2 archive which, when parsed via the vulnerable function, could cause the application to crash or execute arbitrary code with the permissions of the user running the PHP application.
c24c3b3604c9b8a4625cf131df6d379bDebian Linux Security Advisory 3619-1 - Several vulnerabilities were discovered in libgd2, a library for programmatic graphics creation and manipulation. A remote attacker can take advantage of these flaws to cause a denial-of-service against an application using the libgd2 library (application crash), or potentially to execute arbitrary code with the privileges of the user running the application.
6bd19a8db24a767ff2742463be6d29d7Ubuntu Security Notice 3030-1 - It was discovered that the GD library incorrectly handled memory when using gdImageScaleTwoPass(). A remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS. It was discovered that the GD library incorrectly handled certain malformed XBM images. If a user or automated system were tricked into processing a specially crafted XBM image, an attacker could cause a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 15.10 and Ubuntu 16.04 LTS. Various other issues were also addressed.
ef39990c4f9e8c080a3fc1ab49e9460eSlackware Security Advisory - New php packages are available for Slackware 14.0, 14.1, and -current to fix security issues.
73007a31f0fe7b4fdc204bee51247a98
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed