SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   OS (UNIX)  >   Apple macOS/OS X Vendors:   Apple
(Apple Issues Fix for Apple macOS/OS X) PHP Multiple Flaws Let Remote and Local Users Obtain Potentially Sensitive Information and Execute Arbitrary Code
SecurityTracker Alert ID:  1036856
SecurityTracker URL:  http://securitytracker.com/id/1036856
CVE Reference:   CVE-2016-6288, CVE-2016-6289, CVE-2016-6290, CVE-2016-6291, CVE-2016-6292, CVE-2016-6294, CVE-2016-6295, CVE-2016-6296, CVE-2016-6297   (Links to External Site)
Date:  Sep 21 2016
Impact:   Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 10.11.6
Description:   Several vulnerabilities were reported in PHP. A remote or local user can obtain potentially sensitive information on the target system. A remote or local user can execute arbitrary code on the target system. Apple macOS/OS X is affected.

A buffer over read error may occur in php_url_parse_ex() [CVE-2016-6288]. Version 5.5.x is affected.

An integer overflow my occur in processing string-typed ZVAL. Version 5.6.x is affected.

A stack overflow may occur in virtual_file_ex() [CVE-2016-6289].

A use-after-free may occur in unserialize() [CVE-2016-6290]. Versions 5.5.x and 5.6.x are affected.

A type confusion error may occur in php_bz2_filter_create(). Version 5.6.x is affected.

An out-of-bounds write may occur due to inadequate error handling in bzread() [CVE-2016-5399].

A null pointer dereference may occur in variant_date_from_timestamp(). Version 7.x is affected.

A heap overflow may occur in curl. Version 7.x is affected.

An out-of-bounds read error may occur in exif_process_IFD_in_MAKERNOTE() [CVE-2016-6291].

A null pointer dereference may occur in exif_process_user_comment() [CVE-2016-6292].

A read/write access error may occur in gdImageAALine(). Version 7.x is affected.

An out-of-bounds access error may occur in imagecropauto(). Version 7.x is affected.

A read/write access error may occur in gdImageTrueColorToPaletteBody().

An out-of-bounds access error may occur in imagegif/output.

An integer overflow may occur in _gdContributionsAlloc().

An out-of-bounds access error may occur in locale_accept_from_http() [CVE-2016-6294].

An out-of-bounds read error may occur in mb_ereg_replace - mbc_to_code. Version 7.x is affected.

A use-after-free memory error may occur in MBString. Version 7.x is affected.

A cast error and heap overflow may occur in mdecrypt_generic(). Version 7.x is affected.

A heap overflow may occur in proc_open() in the processing of the '$env' parameter in the PCRE component. Version 7.x is affected.

A buffer overflow may occur in ps_files_cleanup_dir(). Version 7.x is affected.

A use-after-free memory error may occur in unserialize(). Version 7.x is affected.

A use-after-free memory error may occur in SNMP [CVE-2016-6295].

A heap overflow may occur in simplestring_addn() in 'simplestring.c' in the XMLRPC component [CVE-2016-6296].

A stack overflow may occur in php_stream_zip_opener() [CVE-2016-6297].

Impact:   A remote or local user can obtain potentially sensitive information on the target system.

A remote or local user can execute arbitrary code on the target system.

The impact depends on the application using PHP on the target system.

Solution:   Apple has issued a fix for CVE-2016-6288, CVE-2016-6289, CVE-2016-6290, CVE-2016-6291, CVE-2016-6292, CVE-2016-6294, CVE-2016-6295, CVE-2016-6296, and CVE-2016-6297 for Apple macOS/OS X (10.12).

The Apple advisory is available at:

https://support.apple.com/en-us/HT207170

Vendor URL:  support.apple.com/en-us/HT207170 (Links to External Site)
Cause:   Access control error, Boundary error, Exception handling error, Input validation error

Message History:   This archive entry is a follow-up to the message listed below.
Jul 22 2016 PHP Multiple Flaws Let Remote and Local Users Obtain Potentially Sensitive Information and Execute Arbitrary Code



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC