Описание
Security update for php53
php53 was updated to fix five security issues.
These security issues were fixed:
- CVE-2016-5769: mcrypt: Heap Overflow due to integer overflows (bsc#986388).
- CVE-2015-8935: XSS in header() with Internet Explorer (bsc#986004).
- CVE-2016-5772: Double Free Courruption in wddx_deserialize (bsc#986244).
- CVE-2016-5766: Integer Overflow in _gd2GetHeader() resulting in heap overflow (bsc#986386).
- CVE-2016-5767: Integer Overflow in gdImagePaletteToTrueColor() resulting in heap overflow (bsc#986393).
Список пакетов
SUSE Linux Enterprise Server 11 SP4
SUSE Linux Enterprise Server for SAP Applications 11 SP4
SUSE Linux Enterprise Software Development Kit 11 SP4
Ссылки
- Link for SUSE-SU-2016:2013-1
- E-Mail link for SUSE-SU-2016:2013-1
- SUSE Security Ratings
- SUSE Bug 986004
- SUSE Bug 986244
- SUSE Bug 986386
- SUSE Bug 986388
- SUSE Bug 986393
- SUSE CVE CVE-2015-8935 page
- SUSE CVE CVE-2016-5766 page
- SUSE CVE CVE-2016-5767 page
- SUSE CVE CVE-2016-5769 page
- SUSE CVE CVE-2016-5772 page
Описание
The sapi_header_op function in main/SAPI.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 supports deprecated line folding without considering browser compatibility, which allows remote attackers to conduct cross-site scripting (XSS) attacks against Internet Explorer by leveraging (1) %0A%20 or (2) %0D%0A%20 mishandling in the header function.
Затронутые продукты
Ссылки
- CVE-2015-8935
- SUSE Bug 986004
Описание
Integer overflow in the _gd2GetHeader function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via crafted chunk dimensions in an image.
Затронутые продукты
Ссылки
- CVE-2016-5766
- SUSE Bug 986386
Описание
Integer overflow in the gdImageCreate function in gd.c in the GD Graphics Library (aka libgd) before 2.0.34RC1, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted image dimensions.
Затронутые продукты
Ссылки
- CVE-2016-5767
- SUSE Bug 986393
Описание
Multiple integer overflows in mcrypt.c in the mcrypt extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allow remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted length value, related to the (1) mcrypt_generic and (2) mdecrypt_generic functions.
Затронутые продукты
Ссылки
- CVE-2016-5769
- SUSE Bug 986388
Описание
Double free vulnerability in the php_wddx_process_data function in wddx.c in the WDDX extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted XML data that is mishandled in a wddx_deserialize call.
Затронутые продукты
Ссылки
- CVE-2016-5772
- SUSE Bug 986244