| Description: | Summary:
PHP is prone to multiple vulnerabilities.
Vulnerability Insight:
Multiple flaws exist due to
- An integer overflow in the 'php_stream_zip_opener' function in 'ext/zip/zip_stream.c'
- An integer signedness error in the 'simplestring_addn' function in 'simplestring.c' in
xmlrpc-epi
- 'ext/snmp/snmp.c' improperly interacts with the unserialize implementation and garbage
collection
- The 'locale_accept_from_http' function in 'ext/intl/locale/locale_methods.c' does not properly
restrict calls to the ICU 'uloc_acceptLanguageFromHTTP' function
- An error in the 'exif_process_user_comment' function of 'ext/exif/exif.c'
- An error in the 'exif_process_IFD_in_MAKERNOTE' function of 'ext/exif/exif.c'
- 'ext/session/session.c' does not properly maintain a certain hash data structure
- An integer overflow in the 'virtual_file_ex' function of 'TSRM/tsrm_virtual_cwd.c'
- An error in the 'php_url_parse_ex' function of 'ext/standard/url.c'
- Integer overflow error within _gdContributionsAlloc()
- Inadequate error handling in bzread()
Vulnerability Impact:
Successfully exploiting these issues may allow attackers to cause a
denial of service obtain sensitive information from process memory, or possibly have unspecified
other impact.
Affected Software/OS:
PHP versions before 5.5.38, 5.6.x before 5.6.24 and 7.0.x before
7.0.9.
Solution:
Update to version 5.5.38, 5.6.24, 7.0.9 or later.
CVSS Score:
7.5
CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
