Debian update for php5



Published: 2017-02-09 | Updated: 2018-11-21
Risk High
Patch available YES
Number of vulnerabilities 4
CVE-ID CVE-2016-10158
CVE-2016-10159
CVE-2016-10160
CVE-2016-10161
CWE-ID CWE-682
CWE-190
CWE-193
CWE-126
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
php (Debian package)
Operating systems & Components / Operating system package or component

Vendor Debian

Security Bulletin

This security bulletin contains information about 4 vulnerabilities.

1) Incorrect calculation

EUVDB-ID: #VU12905

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2016-10158

CWE-ID: CWE-682 - Incorrect Calculation

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists in the exif_convert_any_to_int function in ext/exif/exif.c due to numeric errors. A remote attacker can submit specially crafted EXIF data that triggers an attempt to divide the minimum representable negative integer by -1 and cause the service to crash.

Mitigation

Update the affected package to version: 5.6.30+dfsg-0+deb8u1.

Vulnerable software versions

php (Debian package): 5.6.0+dfsg-1 - 5.6.29+dfsg-0+deb8u1


CPE2.3 External links

http://www.debian.org/security/2018/dsa-3783

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

2) Integer overflow

EUVDB-ID: #VU12906

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2016-10159

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists in the phar_parse_pharfile function in ext/phar/phar.c due to integer overflow. A remote attacker can submit a truncated manifest entry in a PHAR archive and cause the service to crash.

Mitigation

Update the affected package to version: 5.6.30+dfsg-0+deb8u1.

Vulnerable software versions

php (Debian package): 5.6.0+dfsg-1 - 5.6.29+dfsg-0+deb8u1


CPE2.3 External links

http://www.debian.org/security/2018/dsa-3783

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

3) Off-by-one error

EUVDB-ID: #VU12907

Risk: High

CVSSv3.1:

CVE-ID: CVE-2016-10160

CWE-ID: CWE-193 - Off-by-one Error

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition or execute arbitrary code on the target system.

The weakness exists in the phar_parse_pharfile function in ext/phar/phar.c due to off-by-one error. A remote attacker can submit a specially crafted PHAR archive with an alias mismatch and cause the service to crash or execute arbitrary code.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update the affected package to version: 5.6.30+dfsg-0+deb8u1.

Vulnerable software versions

php (Debian package): 5.6.0+dfsg-1 - 5.6.29+dfsg-0+deb8u1


CPE2.3 External links

http://www.debian.org/security/2018/dsa-3783

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

4) Buffer over-read

EUVDB-ID: #VU12908

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2016-10161

CWE-ID: CWE-126 - Buffer over-read

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists in the object_common1 function in ext/standard/var_unserializer.c due to buffer over-read. A remote attacker can submit specially crafted serialized data that is mishandled in a finish_nested_data call and cause the service to crash.

Mitigation

Update the affected package to version: 5.6.30+dfsg-0+deb8u1.

Vulnerable software versions

php (Debian package): 5.6.0+dfsg-1 - 5.6.29+dfsg-0+deb8u1


CPE2.3 External links

http://www.debian.org/security/2018/dsa-3783

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###