- Home
- CVEs with nessus.description==PHP was updated to fix ten security issues.
The following vulnerabilities were fixed :
- CVE-2014-9709: A specially crafted GIF file could cause
a buffer read overflow in php-gd (bnc#923946)
- CVE-2015-2301: Memory was use after it was freed in PHAR
(bnc#922022)
- CVE-2015-2305: heap overflow vulnerability in regcomp.c
(bnc#922452)
- CVE-2014-9705: heap buffer overflow in Enchant
(bnc#922451)
- CVE-2015-2787: use-after-free vulnerability in the
process_nested_data function (bnc#924972)
- unserialize SoapClient type confusion (bnc#925109)
- CVE-2015-2348: move_uploaded_file truncates a pathNAME
upon encountering a x00 character (bnc#924970)
- CVE-2015-3330: Specially crafted PHAR files could, when
executed under Apache httpd 2.4 (apache2handler), allow
arbitrary code execution (bnc#928506)
- CVE-2015-3329: Specially crafted PHAR data could lead to
disclosure of sensitive information due to a buffer
overflow (bnc#928506)
- CVE-2015-2783: Specially crafted PHAR data could lead to
disclosure of sensitive information due to a buffer
over-read (bnc#928511)
Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top