| Beschreibung: | Summary:
The remote host is missing an update for the 'libgd, php, php-apc' package(s) announced via the MGASA-2015-0040 advisory.
Vulnerability Insight:
Updated php and libgd packages fix security vulnerabilities:
Double free vulnerability in the zend_ts_hash_graceful_destroy function in
zend_ts_hash.c in the Zend Engine in PHP before 5.5.21 allows remote
attackers to cause a denial of service or possibly have unspecified other
impact via unknown vectors (CVE-2014-9425).
sapi/cgi/cgi_main.c in the CGI component in PHP before 5.5.21, when mmap is
used to read a .php file, does not properly consider the mapping's length
during processing of an invalid file that begins with a # character and lacks
a newline character, which causes an out-of-bounds read and might allow remote
attackers to obtain sensitive information from php-cgi process memory by
leveraging the ability to upload a .php file or trigger unexpected code
execution if a valid PHP script is present in memory locations adjacent to the
mapping (CVE-2014-9427).
Use after free vulnerability in unserialize() in PHP before 5.5.21
(CVE-2015-0231).
Free called on an uninitialized pointer in php-exif in PHP before 5.5.21
(CVE-2015-0232).
The readelf.c source file has been removed from PHP's bundled copy of file's
libmagic, eliminating exposure to denial of service issues in ELF file parsing
such as CVE-2014-8116, CVE-2014-8117, CVE-2014-9620 and CVE-2014-9621 in PHP's
fileinfo module.
A buffer read overflow in gd_gif_in.c in the php#68601 bug referenced in the
PHP 5.5.21 ChangeLog has been fixed in the libgd package.
The php package has been updated to version 5.5.21 to fix these issues and
other bugs. Please see the upstream ChangeLog for more information.
Affected Software/OS:
'libgd, php, php-apc' package(s) on Mageia 4.
Solution:
Please install the updated package(s).
CVSS Score:
7.5
CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
