Download
| Alert*
oval:org.secpod.oval:def:602015
The previous update for php5, DSA-3198-1, introduced a regression causing segmentation faults when using SoapClient::__setSoapHeader. Updated packages are now available to address this regression. For reference, the original advisory text follows. Multiple vulnerabilities have been discovered in the ... oval:org.secpod.oval:def:1200063 A use-after-free flaw was found in the way PHP"s unserialize function processed data. If a remote attacker was able to pass crafted input to PHP"s unserialize function, they could cause the PHP interpreter to crash or, possibly, execute arbitrary code. An integer overflow flaw, leading to a heap-bas ... oval:org.secpod.oval:def:601998 Multiple vulnerabilities have been discovered in the PHP language: CVE-2015-2301 Use-after-free in the phar extension. CVE-2015-2331 Emmanuel Law discovered an integer overflow in the processing of ZIP archives, resulting in denial of service or potentially the execution of arbitrary code. oval:org.secpod.oval:def:1200091 A use-after-free flaw was found in the way PHP"s unserialize function processed data. If a remote attacker was able to pass crafted input to PHP"s unserialize function, they could cause the PHP interpreter to crash or, possibly, execute arbitrary code. An integer overflow flaw, leading to a heap-bas ... oval:org.secpod.oval:def:108594 libzip is a C library for reading, creating, and modifying zip archives. Files can be added from data buffers, files, or compressed data copied directly from other zip archives. Changes made without closing the archive can be reverted. The API is documented by man pages. oval:org.secpod.oval:def:108751 libzip is a C library for reading, creating, and modifying zip archives. Files can be added from data buffers, files, or compressed data copied directly from other zip archives. Changes made without closing the archive can be reverted. The API is documented by man pages. oval:org.secpod.oval:def:108587 PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fai ... oval:org.secpod.oval:def:108745 libzip is a C library for reading, creating, and modifying zip archives. Files can be added from data buffers, files, or compressed data copied directly from other zip archives. Changes made without closing the archive can be reverted. The API is documented by man pages. oval:org.secpod.oval:def:108585 PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fai ... oval:org.secpod.oval:def:108653 libzip is a C library for reading, creating, and modifying zip archives. Files can be added from data buffers, files, or compressed data copied directly from other zip archives. Changes made without closing the archive can be reverted. The API is documented by man pages. oval:org.secpod.oval:def:30961 The host is missing a security update according to Apple advisory, APPLE-SA-2015-09-30-3. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code, dis ... oval:org.secpod.oval:def:1200071 A use-after-free flaw was found in the way PHP"s unserialize function processed data. If a remote attacker was able to pass crafted input to PHP"s unserialize function, they could cause the PHP interpreter to crash or, possibly, execute arbitrary code. An integer overflow flaw, leading to a heap-bas ... oval:org.secpod.oval:def:30885 The host is installed with Apple Mac OS X or Server 10.6.8 before 10.11 and is prone to an integer overflow vulnerability. A flaw is present in the application, which fails to properly handle a ZIP archive that contains many entries. Successful exploitation could allow attackers to execute arbitrary ... oval:org.secpod.oval:def:97632 [CLSA-2022:1651177943] Fix of 227 CVE |