HP Security Bulletin HPSBST03671 2 - A security vulnerability in PHP was addressed by the HPE StoreEver MSL6480 Tape Library firmware version 5.10. The vulnerability could be exploited remotely to allow Unauthorized Disclosure of Information or Denial of Service via the Ethernet Management Interface. Please note that the Management Interface cannot access data stored on tape media, so this vulnerability does not allow for remote unauthorized disclosure of data stored on tape media or remote denial of service. Revision 2 of this advisory.
74f9f0b80ca8d59cd41c5d09975ba20cb91f186b15a715a72840744163cf4c42Red Hat Security Advisory 2016-2598-02 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix: A flaw was found in the way certain error conditions were handled by bzread() function in PHP. An attacker could use this flaw to upload a specially crafted bz2 archive which, when parsed via the vulnerable function, could cause the application to crash or execute arbitrary code with the permissions of the user running the PHP application.
0ac1d44bc1b4ff934ac63b7a99f65417137a7c3af28173760451af2b834039d0Ubuntu Security Notice 3045-1 - It was discovered that PHP incorrectly handled certain SplMinHeap::compare operations. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. Various other issues were also addressed.
47fc0ea179e44d1fcb53b84c0bfce2c297ab17348494c2a4bfed673be21e1948Slackware Security Advisory - New php packages are available for Slackware 14.0, 14.1, and -current to fix security issues.
20b6bfa73054d012cdaf01c59877c6e8e69753ff9a59afe3f8573733bbc90549
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed