SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   PHP Vendors:   PHP Group
PHP Multiple Flaws Let Remote and Local Users Obtain Potentially Sensitive Information, Deny Service, and Execute Arbitrary Code
SecurityTracker Alert ID:  1036680
SecurityTracker URL:  http://securitytracker.com/id/1036680
CVE Reference:   CVE-2016-7124, CVE-2016-7125, CVE-2016-7126, CVE-2016-7127, CVE-2016-7128, CVE-2016-7129, CVE-2016-7130, CVE-2016-7131, CVE-2016-7132, CVE-2016-7134   (Links to External Site)
Updated:  Sep 12 2016
Original Entry Date:  Aug 20 2016
Impact:   Denial of service via local system, Denial of service via network, Disclosure of system information, Disclosure of user information, Execution of arbitrary code via local system, Execution of arbitrary code via network, Root access via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to versions 5.6.25, 7.0.10
Description:   Several vulnerabilities were reported in PHP. A remote or local user can cause denial of service conditions on the target system. A remote or local user can execute arbitrary code on the target system. A remote or local user can obtain potentially sensitive information on the target system.

The specific impact depends on the application using PHP.

An integer overflow may occur in the Bz2 component.

A use-after-free memory error may occur in the Core component in unserialize() [CVE-2016-7124]. Version 5.x is affected.

A memory leak may occur in the Core component in microtime(). Version 7.x is affected.

A session data injection flaw may occur in the Core component [CVE-2016-7125].

A buffer overflow may occur in the Calendar component in zif_cal_from_jd().

An integer overflow may occur in the Curl component in curl_escape() [CVE-2016-7134].

An integer overflow may occur in the Ereg component in sql_regcase(). Version 5.x is affected.

A memory leak may occur in the EXIF component in exif_process_IFD_in_TIFF() [CVE-2016-7128].

A memory write error may occur in the GD component in imagegammacorrect() [CVE-2016-7127] and in imagetruecolortopalette() [CVE-2016-7126]. Version 7.x is affected.

A buffer overflow may occur in the mbstring component.

An integer overflow may occur in the Mcrypt component. Version 7.x is affected.

An integer overflow may occur in the SNMP component in php_snmp_parse_oid().

An integer overflow may occur in the Standard component in base64_decode(). Version 5.x is affected.

An integer overflow may occur in the Standard component in quoted_printable_encode(). Version 5.x is affected.

An integer overflow may occur in the Standard component in urlencode(). Version 5.x is affected.

An integer overflow may occur in the Standard component in php_uuencode(). Version 5.x is affected.

A protocol downgrade flaw may occur in the Streams component in the 'ftps://' wrapper.

A packet injection flaw may occur in the Wddx component in wddx_serialize_value().

A memory access error may occur in the Wddx component in wddx_deserialize().

A null pointer dereference may occur in the Wddx component.

A null pointer dereference may occur in the Wddx component with invalid xml [CVE-2016-7131, CVE-2016-7132].

A null pointer dereference may occur in the Wddx component in php_wddx_pop_element() [CVE-2016-7130] and php_wddx_process_data() [CVE-2016-7129].

A null pointer dereference may occur in the Zip component in zend_virtual_cwd() [CVE-2016-7133]. Version 7.x is affected.

Impact:   A remote or local user can cause denial of service conditions.

A remote or local user can execute arbitrary code on the target system.

A remote or local user can obtain potentially sensitive information on the target system.

Solution:   The vendor has issued a fix (5.6.25, 7.0.10).

The vendor advisories are available at:

http://www.php.net/ChangeLog-5.php#5.6.25
http://www.php.net/ChangeLog-7.php#7.0.10

Vendor URL:  www.php.net/ChangeLog-5.php#5.6.25 (Links to External Site)
Cause:   Access control error, Boundary error, Exception handling error, Input validation error, State error
Underlying OS:  Linux (Any), UNIX (Any), Windows (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
Oct 5 2016 (Ubuntu Issues Fix) PHP Multiple Flaws Let Remote and Local Users Obtain Potentially Sensitive Information, Deny Service, and Execute Arbitrary Code
Ubuntu has issued a fix for Ubuntu Linux 12.04 LTS, 14.04 LTS, and 16.04 LTS.



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC