Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
archlinuxArch LinuxASA-201601-10
HistoryJan 14, 2016 - 12:00 a.m.

php: multiple issues

2016-01-1400:00:00
Arch Linux
lists.archlinux.org
21

0.089 Low

EPSS

Percentile

94.6%

JSON
  • CVE-2016-1903 (information disclosure)

An out-of-bounds vulnerability has been discovered in
ext/gd/libgd/gd_interpolation.c in the gdImageRotateInterpolated
function. The background color of an image is passed in as an integer
that represents an index to the color palette. As there is a lack of
validation of that parameter, one can pass in a large number that
exceeds the color palette array. This reads memory beyond the color
palette. Information of the memory leak can then be obtained via the
background color after the image has been rotated.

  • CVE-2016-1904 (arbitrary code execution)

A not further specified integer overflow vulnerability has been
discovered in ext/standard/exec.c (in the php_escape_shell_cmd function
and the php_escape_shell_arg function). This issue results in a heap
buffer overflow that is leading to a denial of service or possibly
arbitrary code execution.

OSVersionArchitecturePackageVersionFilename
anyanyanyphp< 7.0.2-1UNKNOWN

Related

f5 2
nessus 12
amazon 1
openvas 10
prion 2
ubuntucve 2
debiancve 2
nvd 2
cve 2
openwrt 4
mageia 1
cvelist 2
slackware 1
kaspersky 2
ubuntu 2
veracode 57
redhat 1
rosalinux 1
oracle 1
f5
f5
SOL59722044 - PHP vulnerabilities CVE-2016-1903 and CVE-2016-1904
2016-03-07 00:00:00
K59722044 : PHP vulnerabilities CVE-2016-1903 and CVE-2016-1904
2016-03-08 00:00:00
nessus
nessus
PHP 7.x < 7.0.2 Multiple Vulnerabilities
2019-01-09 00:00:00
PHP 7.x < 7.0.2 Multiple Vulnerabilities
2016-02-10 00:00:00
PHP 5.5.x < 5.5.31 / 5.6.x < 5.6.17 / 7.0.x < 7.0.2 Multiple Vulnerabilities
2016-01-29 00:00:00
amazon
amazon
Medium: php56, php55
2016-01-18 11:00:00
openvas
openvas
PHP Out of Bounds Read Memory Corruption Vulnerability - 01 (Mar 2016) - Windows
2016-03-01 00:00:00
PHP Multiple Integer Overflow Vulnerabilities (Mar 2016) - Linux
2016-03-01 00:00:00
Amazon Linux: Security Advisory (ALAS-2016-640)
2016-01-20 00:00:00
prion
prion
Integer overflow
2016-01-19 05:59:00
Out-of-bounds
2016-01-19 05:59:00
ubuntucve
ubuntucve
CVE-2016-1903
2016-01-19 00:00:00
CVE-2016-1904
2016-01-19 00:00:00
debiancve
debiancve
CVE-2016-1903
2016-01-19 05:59:00
CVE-2016-1904
2016-01-19 05:59:00
nvd
nvd
CVE-2016-1903
2016-01-19 05:59:08
CVE-2016-1904
2016-01-19 05:59:09
cve
cve
CVE-2016-1903
2016-01-19 05:59:08
CVE-2016-1904
2016-01-19 05:59:09
openwrt
openwrt
php: Security update (CVE-2016-1903)
2016-01-28 12:25:14
prosody: Security update (2 CVEs)
2016-01-28 12:25:32
php: Security update (7 CVEs)
2016-01-28 12:23:45
mageia
mageia
Updated php packages fix security vulnerability
2016-01-17 03:26:26
cvelist
cvelist
CVE-2016-1903
2016-01-19 02:00:00
CVE-2016-1904
2016-01-19 02:00:00
slackware
slackware
[slackware-security] php
2016-02-04 00:07:13
kaspersky
kaspersky
KLA10747 Obsolete PHP version in XAMPP & WAMP
2016-01-19 00:00:00
KLA10746 Multiple vulnerabilities in PHP
2016-01-19 00:00:00
ubuntu
ubuntu
PHP regression
2016-04-27 00:00:00
PHP vulnerabilities
2016-04-21 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 06:02:26
Null Pointer Dereference
2019-05-02 06:02:24
Insecure Pseudo Random Number Generator
2019-05-02 06:02:16
redhat
redhat
(RHSA-2016:2750) Moderate: rh-php56 security, bug fix, and enhancement update
2016-11-15 11:13:31
rosalinux
rosalinux
Advisory ROSA-SA-2021-1950
2021-07-02 17:57:45
oracle
oracle
Oracle Critical Patch Update Advisory - January 2017
2017-01-17 00:00:00

0.089 Low

EPSS

Percentile

94.6%

JSON
Related for ASA-201601-10
f52nessus12amazon1openvas10prion2ubuntucve2debiancve2nvd2cve2openwrt4mageia1cvelist2slackware1kaspersky2ubuntu2veracode57redhat1rosalinux1oracle1