what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Ubuntu Security Notice USN-2501-1

Posted Feb 17, 2015

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2501-1 - Stefan Esser discovered that PHP incorrectly handled unserializing objects. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2015-0231) Brian Carpenter discovered that the PHP CGI component incorrectly handled invalid files. A local attacker could use this issue to obtain sensitive information, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 14.10. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, local, cgi, php

systems | linux, ubuntu

advisories | CVE-2014-8142, CVE-2014-9427, CVE-2014-9652, CVE-2015-0231, CVE-2015-0232, CVE-2015-1351, CVE-2015-1352

SHA-256 | 87581be317b7551f9d11aa00fc90c8ccbf8b821794084bfafde6b9df107ac894

Download | Favorite | View

Related Files

No related files