- Home
- CVEs with nessus.description==PHP was updated to fix ten security issues.
The following vulnerabilities were fixed :
- CVE-2014-9709: A specially crafted GIF file could cause a buffer read overflow in php-gd (bnc#923946)
- CVE-2015-2301: Memory was use after it was freed in PHAR (bnc#922022)
- CVE-2015-2305: heap overflow vulnerability in regcomp.c (bnc#922452)
- CVE-2014-9705: heap buffer overflow in Enchant (bnc#922451)
- CVE-2015-2787: use-after-free vulnerability in the process_nested_data function (bnc#924972)
- unserialize SoapClient type confusion (bnc#925109)
- CVE-2015-2348: move_uploaded_file truncates a pathNAME upon encountering a x00 character (bnc#924970)
- CVE-2015-3330: Specially crafted PHAR files could, when executed under Apache httpd 2.4 (apache2handler), allow arbitrary code execution (bnc#928506)
- CVE-2015-3329: Specially crafted PHAR data could lead to disclosure of sensitive information due to a buffer overflow (bnc#928506)
- CVE-2015-2783: Specially crafted PHAR data could lead to disclosure of sensitive information due to a buffer over-read (bnc#928511)
Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top