SUSE Linux update for php5



Published: 2016-10-07
Risk High
Patch available YES
Number of vulnerabilities 7
CVE-ID CVE-2016-7411
CVE-2016-7412
CVE-2016-7413
CVE-2016-7414
CVE-2016-7416
CVE-2016-7417
CVE-2016-7418
CWE-ID CWE-284
Exploitation vector Local
Public exploit N/A
Vulnerable software
Subscribe
PHP-Nuke
Web applications / CMS

PHP
Universal components / Libraries / Scripting languages

Vendor Phpnuke.org
PHP Group

Security Bulletin

This security bulletin contains information about 7 vulnerabilities.

1) Arbitrary code execution

EUVDB-ID: #VU529

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2016-7411

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a remote or local user to cause arbitrary code execution on the target system.
The weakness is caused by deserialized object destruction that may result in memory corruption error and allows a malicious user to execute arbitrary code.
Successful explotation of the vulnerability may result in arbitrary code execution on the vulnerable system.

Mitigation

Update the affected packages.

Vulnerable software versions

PHP-Nuke: 5.6

External links

http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00017.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Arbitrary code execution

EUVDB-ID: #VU524

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2016-7412

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a remote or local user to cause arbitrary code execution on the target system.
The weakness is caused by heap overflow during handling of BIT fields in mysqlnd that allows a malicious user to execute arbitrary code.
Successful explotation of the vulnerability may result in arbitrary code execution on the vulnerable system.

Mitigation

Update the affected packages.

Vulnerable software versions

PHP: 5.6.26 - 7.0.11

External links

http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00017.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Arbitrary code execution

EUVDB-ID: #VU527

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2016-7413

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a remote or local user to cause arbitrary code execution on the target system.
The weakness is caused by use-after-free memory error in wddx_deserialize() that allows a malicious user to execute arbitrary code.
Successful explotation of the vulnerability may result in arbitrary code execution on the vulnerable system.

Mitigation

Update the affected packages.

Vulnerable software versions

PHP: 5.6.26 - 7.0.11

External links

http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00017.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Arbitrary code execution

EUVDB-ID: #VU525

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2016-7414

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a remote or local user to cause arbitrary code execution on the target system.
The weakness is caused by out-of-bounds memory error in phar_parse_zipfile() that allows a malicious user to execute arbitrary code.
Successful explotation of the vulnerability may result in arbitrary code execution on the vulnerable system.

Mitigation

Update the affected packages.

Vulnerable software versions

PHP: 5.6.26 - 7.0.11

External links

http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00017.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Arbitrary code execution

EUVDB-ID: #VU523

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2016-7416

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a remote or local user to cause arbitrary code execution on the target system.
The weakness is caused by memory corruption in local data handling that allows a malicious user to get access to the system and cause arbitrary code execution.
Successful explotation of the vulnerability may result in arbitrary code execution on the vulnerable system.

Mitigation

Update the affected packages.

Vulnerable software versions

PHP: 5.6.26 - 7.0.11

External links

http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00017.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Arbitrary code execution

EUVDB-ID: #VU526

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2016-7417

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a remote or local user to cause arbitrary code execution on the target system.
The weakness is caused by unserializing SplArray that leads to memory corruption error and allows a malicious user to execute arbitrary code.
Successful explotation of the vulnerability may result in arbitrary code execution on the vulnerable system.

Mitigation

Update the affected packages.

Vulnerable software versions

PHP: 5.6.26 - 7.0.11

External links

http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00017.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Arbitrary code execution

EUVDB-ID: #VU528

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2016-7418

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a remote or local user to cause arbitrary code execution on the target system.
The weakness is caused by out-of-bounds memory read error in php_wddx_push_element() that allows a malicious user to execute arbitrary code.
Successful explotation of the vulnerability may result in arbitrary code execution on the vulnerable system.

Mitigation

Update the affected packages.

Vulnerable software versions

PHP: 5.6.26 - 7.0.11

External links

http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00017.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###