-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : php5 Version : 5.3.3.1-7+squeeze29 CVE ID : CVE-2015-2305 CVE-2015-2348
CVE-2015-2305 Integer overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer) alpha3.8.g5 on 32-bit platforms, as used in NetBSD through 6.1.5 and other products, might allow context-dependent attackers to execute arbitrary code via a large regular expression that leads to a heap-based buffer overflow. CVE-2015-2348 The move_uploaded_file implementation in ext/standard/basic_functions.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 truncates a pathname upon encountering a \x00 character, which allows remote attackers to bypass intended extension restrictions and create files with unexpected names via a crafted second argument. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-7243. CVE-2016-tmp, Bug #71039 exec functions ignore length but look for NULL termination CVE-2016-tmp, Bug #71089 No check to duplicate zend_extension CVE-2016-tmp, Bug #71201 round() segfault on 64-bit builds CVE-2016-tmp, Bug #71459 Integer overflow in iptcembed() CVE-2016-tmp, Bug #71354 Heap corruption in tar/zip/phar parser CVE-2016-tmp, Bug #71391 NULL Pointer Dereference in phar_tar_setupmetadata() CVE-2016-tmp, Bug #70979 Crash on bad SOAP request -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQJ8BAEBCgBmBQJW1JDjXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5 NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hHhsAP/01tI8DLJZXu8dDolHB//B1d SHOYxKZO7Y3vidVXyyGQdJ+WBai3Ho/yAPptNZpSb6ml9pQBV0atO9n2AYKOEFTo We3L8aEk1sUUC9PQnrT9z7yXOkAxrh/h09IQL1GtOCzZqSq1TXhqu7M6OvVx+m0T PCLY98kBeiGOkuccA9KkPBBMTkoq/T0MwWpzFB+vXHa5lc3p4BJRvu/7xvNiaSoh V4m2ebLInGk8C4yrRRJBl/vCJ4fUhBzCePhBhx/IkEcH0WmGuPv+Zh00UMOAaXZq 5tBaxW37bckg8MzlTbxuIBz6aoooVFzqfGfQrTr2MpM8U/QUOyu9Ew53HDQR5txb nU6odNJVv5gl1qk/IziTUep5Tysqu5ZuN2B6HvOSBJBUaM0zlt1yU2csx1ZYnKN9 LGUsWkXNEIN/eQ3BraGRD4QxAs8CWy+U+JvElsA1FG3aexeO/OZS+nATWzencqmh 81JuOzgnkqvy5e5Jz6zJwK8ogDQ0dYtBlVzZ4SKGOLgTH2GxJVLryV53dv57pJWo eSk5IpAacYvmyiIIutVtnosifpO0InbKMml79UwjvtSY1wiZj6Z1nXqF+aaxeGpu 4FNiiwVfpocpgncjTy+NKjUSJKOaKYi7A1WHsM1FBn38zvjE0G3qQm0ocQD625Eu /Vs7RK+4B1jxVZDH5of2 =xV7K -----END PGP SIGNATURE-----