- Home
- CVEs with nessus.description==A stack consumption vulnerability in GD in PHP allows remote attackers
to cause a denial of service via a crafted imagefilltoborder call.
(CVE-2015-8874)
An integer overflow, leading to a heap-based buffer overflow was found
in the imagecreatefromgd2() function of PHP's gd extension. A remote
attacker could use this flaw to crash a PHP application or execute
arbitrary code with the privileges of the user running that PHP
application, using gd via a specially crafted GD2 image.
(CVE-2016-5766)
An integer overflow, leading to a heap-based buffer overflow was found
in the gdImagePaletteToTrueColor() function of PHP's gd extension. A
remote attacker could use this flaw to crash a PHP application or
execute arbitrary code with the privileges of the user running that
PHP application, using gd via a specially crafted image buffer.
(CVE-2016-5767)
A double free flaw was found in the mb_ereg_replace_callback()
function of php which is used to perform regex search. This flaw could
possibly cause a PHP application to crash. (CVE-2016-5768)
The mcrypt_generic() and mdecrypt_generic() functions are prone to
integer overflows, resulting in a heap-based overflow. A remote
attacker could use this flaw to crash a PHP application or execute
arbitrary code with the privileges of the user running that PHP
application. (CVE-2016-5769)
A type confusion issue was found in the SPLFileObject fread()
function. A remote attacker able to submit a specially crafted input
to a PHP application, which uses this function, could use this flaw to
execute arbitrary code with the privileges of the user running that
PHP application. (CVE-2016-5770)
A use-after-free vulnerability that can occur when calling
unserialize() on untrusted input was discovered. A remote attacker
could use this flaw to crash a PHP application or execute arbitrary
code with the privileges of the user running that PHP application if
the application unserializes untrusted input. (CVE-2016-5771 ,
CVE-2016-5773)
A double free can occur in wddx_deserialize() when trying to
deserialize malicious XML input from user's request. This flaw could
possibly cause a PHP application to crash. (CVE-2016-5772)
It was discovered that PHP did not properly protect against the
HTTP_PROXY variable name clash. A remote attacker could possibly use
this flaw to redirect HTTP requests performed by a PHP script to an
attacker-controlled proxy via a malicious HTTP request.
(CVE-2016-5385)
(Updated on 2016-08-17: CVE-2016-5385 was fixed in this release but
was not previously part of this errata)
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top