Lucene search
F5F5:K59722044HistoryMar 08, 2016 - 12:00 a.m.
K59722044 : PHP vulnerabilities CVE-2016-1903 and CVE-2016-1904
2016-03-0800:00:00
my.f5.com
18
Security Advisory Description
The gdImageRotateInterpolated function in ext/gd/libgd/gd_interpolation.c in PHP before 5.5.31, 5.6.x before 5.6.17, and 7.x before 7.0.2 allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a large bgd_color argument to the imagerotate function.
Multiple integer overflows in ext/standard/exec.c in PHP 7.x before 7.0.2 allow remote attackers to cause a denial of service or possibly have unspecified other impact via a long string to the (1) php_escape_shell_cmd or (2) php_escape_shell_arg function, leading to a heap-based buffer overflow.
Impact
There is no impact; F5 products are not affected by this vulnerability.
Related
archlinux
archlinux
php: multiple issues
2016-01-14 00:00:00
nessus
nessus
PHP 7.x < 7.0.2 Multiple Vulnerabilities
2019-01-09 00:00:00
PHP 7.x < 7.0.2 Multiple Vulnerabilities
2016-02-10 00:00:00
PHP 5.5.x < 5.5.31 / 5.6.x < 5.6.17 / 7.0.x < 7.0.2 Multiple Vulnerabilities
2016-01-29 00:00:00
f5
f5
SOL59722044 - PHP vulnerabilities CVE-2016-1903 and CVE-2016-1904
2016-03-07 00:00:00
amazon
amazon
Medium: php56, php55
2016-01-18 11:00:00
openvas
openvas
Amazon Linux: Security Advisory (ALAS-2016-640)
2016-01-20 00:00:00
PHP Multiple Integer Overflow Vulnerabilities (Mar 2016) - Windows
2016-03-01 00:00:00
ubuntucve
ubuntucve
CVE-2016-1903
2016-01-19 00:00:00
CVE-2016-1904
2016-01-19 00:00:00
openwrt
openwrt
php: Security update (CVE-2016-1903)
2016-01-28 12:25:14
prosody: Security update (2 CVEs)
2016-01-28 12:25:32
php: Security update (7 CVEs)
2016-01-28 12:23:45
mageia
mageia
Updated php packages fix security vulnerability
2016-01-17 03:26:26
cvelist
cvelist
CVE-2016-1903
2016-01-19 02:00:00
CVE-2016-1904
2016-01-19 02:00:00
debiancve
debiancve
CVE-2016-1903
2016-01-19 05:59:00
CVE-2016-1904
2016-01-19 05:59:00
prion
prion
Integer overflow
2016-01-19 05:59:00
Out-of-bounds
2016-01-19 05:59:00
cve
cve
CVE-2016-1903
2016-01-19 05:59:08
CVE-2016-1904
2016-01-19 05:59:09
nvd
nvd
CVE-2016-1903
2016-01-19 05:59:08
CVE-2016-1904
2016-01-19 05:59:09
slackware
slackware
[slackware-security] php
2016-02-04 00:07:13
kaspersky
kaspersky
KLA10746 Multiple vulnerabilities in PHP
2016-01-19 00:00:00
KLA10747 Obsolete PHP version in XAMPP & WAMP
2016-01-19 00:00:00
ubuntu
ubuntu
PHP regression
2016-04-27 00:00:00
PHP vulnerabilities
2016-04-21 00:00:00
veracode
veracode
Out-Of-Bounds Read
2019-05-02 06:02:24
Arbitrary Code Execution
2019-05-02 06:02:23
Denial Of Service (DoS)
2019-05-02 06:02:21
redhat
redhat
rosalinux
rosalinux
Advisory ROSA-SA-2021-1950
2021-07-02 17:57:45
oracle
oracle
Oracle Critical Patch Update Advisory - January 2017
2017-01-17 00:00:00