ALAS-2016-728 ---- php55 php56ID: oval:org.secpod.oval:def:1600430 | Date: (C)2016-08-09 (M)2024-04-17 |
Class: PATCH | Family: unix |
A stack consumption vulnerability in GD in PHP allows remote attackers to cause a denial of service via a crafted imagefilltoborder call. An integer overflow, leading to a heap-based buffer overflow was found in the imagecreatefromgd2 function of PHP"s gd extension. A remote attacker could use this flaw to crash a PHP application or execute arbitrary code with the privileges of the user running that PHP application, using gd via a specially crafted GD2 image. An integer overflow, leading to a heap-based buffer overflow was found in the gdImagePaletteToTrueColor function of PHP"s gd extension. A remote attacker could use this flaw to crash a PHP application or execute arbitrary code with the privileges of the user running that PHP application, using gd via a specially crafted image buffer. A double free flaw was found in the mb_ereg_replace_callback function of php which is used to perform regex search. This flaw could possibly cause a PHP application to crash. The mcrypt_generic and mdecrypt_generic functions are prone to integer overflows, resulting in a heap-based overflow. A remote attacker could use this flaw to crash a PHP application or execute arbitrary code with the privileges of the user running that PHP application. A type confusion issue was found in the SPLFileObject fread function. A remote attacker able to submit a specially crafted input to a PHP application, which uses this function, could use this flaw to execute arbitrary code with the privileges of the user running that PHP application. A use-after-free vulnerability that can occur when calling unserialize on untrusted input was discovered. A remote attacker could use this flaw to crash a PHP application or execute arbitrary code with the privileges of the user running that PHP application if the application unserializes untrusted input. A double free can occur in wddx_deserialize when trying to deserialize malicious XML input from user"s request. This flaw could possibly cause a PHP application to crash
Platform: |
Amazon Linux AMI |