Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в PHP
дополнено с 11 февраля 2015 г.
Опубликовано:22 февраля 2015 г.
Источник:
SecurityVulns ID:14261
Тип:библиотека
Уровень опасности:
6/10
Описание:DoS в exif_process_unicode(), выполнение кода в var_unserializer.re, раскрытие информации.
Затронутые продукты:PHP : PHP 5.6
CVE:CVE-2015-1352 (The build_tablename function in pgsql.c in the PostgreSQL (aka pgsql) extension in PHP through 5.6.7 does not validate token extraction for table names, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted name.)
 CVE-2015-1351 (Use-after-free vulnerability in the _zend_shared_memdup function in zend_shared_alloc.c in the OPcache extension in PHP through 5.6.7 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.)
 CVE-2015-0232 (The exif_process_unicode function in ext/exif/exif.c in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized pointer free and application crash) via crafted EXIF data in a JPEG image.)
 CVE-2015-0231 (Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages improper handling of duplicate numerical keys within the serialized properties of an object. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-8142.)
 CVE-2014-9427 (sapi/cgi/cgi_main.c in the CGI component in PHP through 5.4.36, 5.5.x through 5.5.20, and 5.6.x through 5.6.4, when mmap is used to read a .php file, does not properly consider the mapping's length during processing of an invalid file that begins with a # character and lacks a newline character, which causes an out-of-bounds read and might (1) allow remote attackers to obtain sensitive information from php-cgi process memory by leveraging the ability to upload a .php file or (2) trigger unexpected code execution if a valid PHP script is present in memory locations adjacent to the mapping.)
Оригинальный текстdocumentUBUNTU, [USN-2501-1] PHP vulnerabilities (22.02.2015)
 documentMANDRIVA, [ MDVSA-2015:032 ] php (11.02.2015)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород