Amazon Linux AMI update for php70



Published: 2017-03-29
Risk High
Patch available YES
Number of vulnerabilities 9
CVE-ID CVE-2016-10168
CVE-2016-7479
CVE-2016-10161
CVE-2016-10160
CVE-2016-10162
CVE-2016-10158
CVE-2016-10159
CVE-2016-10167
CVE-2017-5340
CWE-ID CWE-190
CWE-416
CWE-126
CWE-193
CWE-476
CWE-682
CWE-20
Exploitation vector Network
Public exploit Public exploit code for vulnerability #2 is available.
Vulnerable software
Subscribe
Amazon Linux AMI
Operating systems & Components / Operating system

Vendor Amazon Web Services

Security Bulletin

This security bulletin contains information about 9 vulnerabilities.

1) Integer overflow

EUVDB-ID: #VU7576

Risk: High

CVSSv3.1:

CVE-ID: CVE-2016-10168

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack and potentially compromise vulnerable system.

The vulnerability exists due to integer overflow when processing the number of horizontal and vertical chunks in an image in gd_io.c. A remote attacker create a specially crafted image file, trigger memory corruption and crash the affected application or execute arbitrary code on the target system.

Mitigation

Update the affected packages.

i686:
    php70-common-7.0.16-1.21.amzn1.i686
    php70-7.0.16-1.21.amzn1.i686
    php70-bcmath-7.0.16-1.21.amzn1.i686
    php70-zip-7.0.16-1.21.amzn1.i686
    php70-xml-7.0.16-1.21.amzn1.i686
    php70-gmp-7.0.16-1.21.amzn1.i686
    php70-ldap-7.0.16-1.21.amzn1.i686
    php70-pdo-dblib-7.0.16-1.21.amzn1.i686
    php70-gd-7.0.16-1.21.amzn1.i686
    php70-mysqlnd-7.0.16-1.21.amzn1.i686
    php70-embedded-7.0.16-1.21.amzn1.i686
    php70-opcache-7.0.16-1.21.amzn1.i686
    php70-tidy-7.0.16-1.21.amzn1.i686
    php70-intl-7.0.16-1.21.amzn1.i686
    php70-process-7.0.16-1.21.amzn1.i686
    php70-soap-7.0.16-1.21.amzn1.i686
    php70-imap-7.0.16-1.21.amzn1.i686
    php70-pdo-7.0.16-1.21.amzn1.i686
    php70-mcrypt-7.0.16-1.21.amzn1.i686
    php70-mbstring-7.0.16-1.21.amzn1.i686
    php70-fpm-7.0.16-1.21.amzn1.i686
    php70-dba-7.0.16-1.21.amzn1.i686
    php70-cli-7.0.16-1.21.amzn1.i686
    php70-pspell-7.0.16-1.21.amzn1.i686
    php70-dbg-7.0.16-1.21.amzn1.i686
    php70-pgsql-7.0.16-1.21.amzn1.i686
    php70-recode-7.0.16-1.21.amzn1.i686
    php70-xmlrpc-7.0.16-1.21.amzn1.i686
    php70-debuginfo-7.0.16-1.21.amzn1.i686
    php70-enchant-7.0.16-1.21.amzn1.i686
    php70-devel-7.0.16-1.21.amzn1.i686
    php70-json-7.0.16-1.21.amzn1.i686
    php70-snmp-7.0.16-1.21.amzn1.i686
    php70-odbc-7.0.16-1.21.amzn1.i686

src:
    php70-7.0.16-1.21.amzn1.src

x86_64:
    php70-process-7.0.16-1.21.amzn1.x86_64
    php70-opcache-7.0.16-1.21.amzn1.x86_64
    php70-xml-7.0.16-1.21.amzn1.x86_64
    php70-xmlrpc-7.0.16-1.21.amzn1.x86_64
    php70-cli-7.0.16-1.21.amzn1.x86_64
    php70-intl-7.0.16-1.21.amzn1.x86_64
    php70-tidy-7.0.16-1.21.amzn1.x86_64
    php70-common-7.0.16-1.21.amzn1.x86_64
    php70-bcmath-7.0.16-1.21.amzn1.x86_64
    php70-zip-7.0.16-1.21.amzn1.x86_64
    php70-gd-7.0.16-1.21.amzn1.x86_64
    php70-pspell-7.0.16-1.21.amzn1.x86_64
    php70-ldap-7.0.16-1.21.amzn1.x86_64
    php70-pdo-7.0.16-1.21.amzn1.x86_64
    php70-snmp-7.0.16-1.21.amzn1.x86_64
    php70-mbstring-7.0.16-1.21.amzn1.x86_64
    php70-soap-7.0.16-1.21.amzn1.x86_64
    php70-mcrypt-7.0.16-1.21.amzn1.x86_64
    php70-recode-7.0.16-1.21.amzn1.x86_64
    php70-json-7.0.16-1.21.amzn1.x86_64
    php70-dbg-7.0.16-1.21.amzn1.x86_64
    php70-odbc-7.0.16-1.21.amzn1.x86_64
    php70-gmp-7.0.16-1.21.amzn1.x86_64
    php70-7.0.16-1.21.amzn1.x86_64
    php70-fpm-7.0.16-1.21.amzn1.x86_64
    php70-dba-7.0.16-1.21.amzn1.x86_64
    php70-pgsql-7.0.16-1.21.amzn1.x86_64
    php70-mysqlnd-7.0.16-1.21.amzn1.x86_64
    php70-pdo-dblib-7.0.16-1.21.amzn1.x86_64
    php70-debuginfo-7.0.16-1.21.amzn1.x86_64
    php70-imap-7.0.16-1.21.amzn1.x86_64
    php70-devel-7.0.16-1.21.amzn1.x86_64
    php70-enchant-7.0.16-1.21.amzn1.x86_64
    php70-embedded-7.0.16-1.21.amzn1.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions


CPE2.3 External links

http://alas.aws.amazon.com/ALAS-2017-812.html

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

2) Use-after-free error

EUVDB-ID: #VU12900

Risk: High

CVSSv3.1:

CVE-ID: CVE-2016-7479

CWE-ID: CWE-416 - Use After Free

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to resizing the 'properties' hash table of a serialized object during the unserialization process. A remote attacker can trigger use-after-free error and execute arbitrary code.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update the affected packages.

i686:
    php70-common-7.0.16-1.21.amzn1.i686
    php70-7.0.16-1.21.amzn1.i686
    php70-bcmath-7.0.16-1.21.amzn1.i686
    php70-zip-7.0.16-1.21.amzn1.i686
    php70-xml-7.0.16-1.21.amzn1.i686
    php70-gmp-7.0.16-1.21.amzn1.i686
    php70-ldap-7.0.16-1.21.amzn1.i686
    php70-pdo-dblib-7.0.16-1.21.amzn1.i686
    php70-gd-7.0.16-1.21.amzn1.i686
    php70-mysqlnd-7.0.16-1.21.amzn1.i686
    php70-embedded-7.0.16-1.21.amzn1.i686
    php70-opcache-7.0.16-1.21.amzn1.i686
    php70-tidy-7.0.16-1.21.amzn1.i686
    php70-intl-7.0.16-1.21.amzn1.i686
    php70-process-7.0.16-1.21.amzn1.i686
    php70-soap-7.0.16-1.21.amzn1.i686
    php70-imap-7.0.16-1.21.amzn1.i686
    php70-pdo-7.0.16-1.21.amzn1.i686
    php70-mcrypt-7.0.16-1.21.amzn1.i686
    php70-mbstring-7.0.16-1.21.amzn1.i686
    php70-fpm-7.0.16-1.21.amzn1.i686
    php70-dba-7.0.16-1.21.amzn1.i686
    php70-cli-7.0.16-1.21.amzn1.i686
    php70-pspell-7.0.16-1.21.amzn1.i686
    php70-dbg-7.0.16-1.21.amzn1.i686
    php70-pgsql-7.0.16-1.21.amzn1.i686
    php70-recode-7.0.16-1.21.amzn1.i686
    php70-xmlrpc-7.0.16-1.21.amzn1.i686
    php70-debuginfo-7.0.16-1.21.amzn1.i686
    php70-enchant-7.0.16-1.21.amzn1.i686
    php70-devel-7.0.16-1.21.amzn1.i686
    php70-json-7.0.16-1.21.amzn1.i686
    php70-snmp-7.0.16-1.21.amzn1.i686
    php70-odbc-7.0.16-1.21.amzn1.i686

src:
    php70-7.0.16-1.21.amzn1.src

x86_64:
    php70-process-7.0.16-1.21.amzn1.x86_64
    php70-opcache-7.0.16-1.21.amzn1.x86_64
    php70-xml-7.0.16-1.21.amzn1.x86_64
    php70-xmlrpc-7.0.16-1.21.amzn1.x86_64
    php70-cli-7.0.16-1.21.amzn1.x86_64
    php70-intl-7.0.16-1.21.amzn1.x86_64
    php70-tidy-7.0.16-1.21.amzn1.x86_64
    php70-common-7.0.16-1.21.amzn1.x86_64
    php70-bcmath-7.0.16-1.21.amzn1.x86_64
    php70-zip-7.0.16-1.21.amzn1.x86_64
    php70-gd-7.0.16-1.21.amzn1.x86_64
    php70-pspell-7.0.16-1.21.amzn1.x86_64
    php70-ldap-7.0.16-1.21.amzn1.x86_64
    php70-pdo-7.0.16-1.21.amzn1.x86_64
    php70-snmp-7.0.16-1.21.amzn1.x86_64
    php70-mbstring-7.0.16-1.21.amzn1.x86_64
    php70-soap-7.0.16-1.21.amzn1.x86_64
    php70-mcrypt-7.0.16-1.21.amzn1.x86_64
    php70-recode-7.0.16-1.21.amzn1.x86_64
    php70-json-7.0.16-1.21.amzn1.x86_64
    php70-dbg-7.0.16-1.21.amzn1.x86_64
    php70-odbc-7.0.16-1.21.amzn1.x86_64
    php70-gmp-7.0.16-1.21.amzn1.x86_64
    php70-7.0.16-1.21.amzn1.x86_64
    php70-fpm-7.0.16-1.21.amzn1.x86_64
    php70-dba-7.0.16-1.21.amzn1.x86_64
    php70-pgsql-7.0.16-1.21.amzn1.x86_64
    php70-mysqlnd-7.0.16-1.21.amzn1.x86_64
    php70-pdo-dblib-7.0.16-1.21.amzn1.x86_64
    php70-debuginfo-7.0.16-1.21.amzn1.x86_64
    php70-imap-7.0.16-1.21.amzn1.x86_64
    php70-devel-7.0.16-1.21.amzn1.x86_64
    php70-enchant-7.0.16-1.21.amzn1.x86_64
    php70-embedded-7.0.16-1.21.amzn1.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions


CPE2.3 External links

http://alas.aws.amazon.com/ALAS-2017-812.html

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

3) Buffer over-read

EUVDB-ID: #VU12908

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2016-10161

CWE-ID: CWE-126 - Buffer over-read

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists in the object_common1 function in ext/standard/var_unserializer.c due to buffer over-read. A remote attacker can submit specially crafted serialized data that is mishandled in a finish_nested_data call and cause the service to crash.

Mitigation

Update the affected packages.

i686:
    php70-common-7.0.16-1.21.amzn1.i686
    php70-7.0.16-1.21.amzn1.i686
    php70-bcmath-7.0.16-1.21.amzn1.i686
    php70-zip-7.0.16-1.21.amzn1.i686
    php70-xml-7.0.16-1.21.amzn1.i686
    php70-gmp-7.0.16-1.21.amzn1.i686
    php70-ldap-7.0.16-1.21.amzn1.i686
    php70-pdo-dblib-7.0.16-1.21.amzn1.i686
    php70-gd-7.0.16-1.21.amzn1.i686
    php70-mysqlnd-7.0.16-1.21.amzn1.i686
    php70-embedded-7.0.16-1.21.amzn1.i686
    php70-opcache-7.0.16-1.21.amzn1.i686
    php70-tidy-7.0.16-1.21.amzn1.i686
    php70-intl-7.0.16-1.21.amzn1.i686
    php70-process-7.0.16-1.21.amzn1.i686
    php70-soap-7.0.16-1.21.amzn1.i686
    php70-imap-7.0.16-1.21.amzn1.i686
    php70-pdo-7.0.16-1.21.amzn1.i686
    php70-mcrypt-7.0.16-1.21.amzn1.i686
    php70-mbstring-7.0.16-1.21.amzn1.i686
    php70-fpm-7.0.16-1.21.amzn1.i686
    php70-dba-7.0.16-1.21.amzn1.i686
    php70-cli-7.0.16-1.21.amzn1.i686
    php70-pspell-7.0.16-1.21.amzn1.i686
    php70-dbg-7.0.16-1.21.amzn1.i686
    php70-pgsql-7.0.16-1.21.amzn1.i686
    php70-recode-7.0.16-1.21.amzn1.i686
    php70-xmlrpc-7.0.16-1.21.amzn1.i686
    php70-debuginfo-7.0.16-1.21.amzn1.i686
    php70-enchant-7.0.16-1.21.amzn1.i686
    php70-devel-7.0.16-1.21.amzn1.i686
    php70-json-7.0.16-1.21.amzn1.i686
    php70-snmp-7.0.16-1.21.amzn1.i686
    php70-odbc-7.0.16-1.21.amzn1.i686

src:
    php70-7.0.16-1.21.amzn1.src

x86_64:
    php70-process-7.0.16-1.21.amzn1.x86_64
    php70-opcache-7.0.16-1.21.amzn1.x86_64
    php70-xml-7.0.16-1.21.amzn1.x86_64
    php70-xmlrpc-7.0.16-1.21.amzn1.x86_64
    php70-cli-7.0.16-1.21.amzn1.x86_64
    php70-intl-7.0.16-1.21.amzn1.x86_64
    php70-tidy-7.0.16-1.21.amzn1.x86_64
    php70-common-7.0.16-1.21.amzn1.x86_64
    php70-bcmath-7.0.16-1.21.amzn1.x86_64
    php70-zip-7.0.16-1.21.amzn1.x86_64
    php70-gd-7.0.16-1.21.amzn1.x86_64
    php70-pspell-7.0.16-1.21.amzn1.x86_64
    php70-ldap-7.0.16-1.21.amzn1.x86_64
    php70-pdo-7.0.16-1.21.amzn1.x86_64
    php70-snmp-7.0.16-1.21.amzn1.x86_64
    php70-mbstring-7.0.16-1.21.amzn1.x86_64
    php70-soap-7.0.16-1.21.amzn1.x86_64
    php70-mcrypt-7.0.16-1.21.amzn1.x86_64
    php70-recode-7.0.16-1.21.amzn1.x86_64
    php70-json-7.0.16-1.21.amzn1.x86_64
    php70-dbg-7.0.16-1.21.amzn1.x86_64
    php70-odbc-7.0.16-1.21.amzn1.x86_64
    php70-gmp-7.0.16-1.21.amzn1.x86_64
    php70-7.0.16-1.21.amzn1.x86_64
    php70-fpm-7.0.16-1.21.amzn1.x86_64
    php70-dba-7.0.16-1.21.amzn1.x86_64
    php70-pgsql-7.0.16-1.21.amzn1.x86_64
    php70-mysqlnd-7.0.16-1.21.amzn1.x86_64
    php70-pdo-dblib-7.0.16-1.21.amzn1.x86_64
    php70-debuginfo-7.0.16-1.21.amzn1.x86_64
    php70-imap-7.0.16-1.21.amzn1.x86_64
    php70-devel-7.0.16-1.21.amzn1.x86_64
    php70-enchant-7.0.16-1.21.amzn1.x86_64
    php70-embedded-7.0.16-1.21.amzn1.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions


CPE2.3 External links

http://alas.aws.amazon.com/ALAS-2017-812.html

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

4) Off-by-one error

EUVDB-ID: #VU12907

Risk: High

CVSSv3.1:

CVE-ID: CVE-2016-10160

CWE-ID: CWE-193 - Off-by-one Error

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition or execute arbitrary code on the target system.

The weakness exists in the phar_parse_pharfile function in ext/phar/phar.c due to off-by-one error. A remote attacker can submit a specially crafted PHAR archive with an alias mismatch and cause the service to crash or execute arbitrary code.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update the affected packages.

i686:
    php70-common-7.0.16-1.21.amzn1.i686
    php70-7.0.16-1.21.amzn1.i686
    php70-bcmath-7.0.16-1.21.amzn1.i686
    php70-zip-7.0.16-1.21.amzn1.i686
    php70-xml-7.0.16-1.21.amzn1.i686
    php70-gmp-7.0.16-1.21.amzn1.i686
    php70-ldap-7.0.16-1.21.amzn1.i686
    php70-pdo-dblib-7.0.16-1.21.amzn1.i686
    php70-gd-7.0.16-1.21.amzn1.i686
    php70-mysqlnd-7.0.16-1.21.amzn1.i686
    php70-embedded-7.0.16-1.21.amzn1.i686
    php70-opcache-7.0.16-1.21.amzn1.i686
    php70-tidy-7.0.16-1.21.amzn1.i686
    php70-intl-7.0.16-1.21.amzn1.i686
    php70-process-7.0.16-1.21.amzn1.i686
    php70-soap-7.0.16-1.21.amzn1.i686
    php70-imap-7.0.16-1.21.amzn1.i686
    php70-pdo-7.0.16-1.21.amzn1.i686
    php70-mcrypt-7.0.16-1.21.amzn1.i686
    php70-mbstring-7.0.16-1.21.amzn1.i686
    php70-fpm-7.0.16-1.21.amzn1.i686
    php70-dba-7.0.16-1.21.amzn1.i686
    php70-cli-7.0.16-1.21.amzn1.i686
    php70-pspell-7.0.16-1.21.amzn1.i686
    php70-dbg-7.0.16-1.21.amzn1.i686
    php70-pgsql-7.0.16-1.21.amzn1.i686
    php70-recode-7.0.16-1.21.amzn1.i686
    php70-xmlrpc-7.0.16-1.21.amzn1.i686
    php70-debuginfo-7.0.16-1.21.amzn1.i686
    php70-enchant-7.0.16-1.21.amzn1.i686
    php70-devel-7.0.16-1.21.amzn1.i686
    php70-json-7.0.16-1.21.amzn1.i686
    php70-snmp-7.0.16-1.21.amzn1.i686
    php70-odbc-7.0.16-1.21.amzn1.i686

src:
    php70-7.0.16-1.21.amzn1.src

x86_64:
    php70-process-7.0.16-1.21.amzn1.x86_64
    php70-opcache-7.0.16-1.21.amzn1.x86_64
    php70-xml-7.0.16-1.21.amzn1.x86_64
    php70-xmlrpc-7.0.16-1.21.amzn1.x86_64
    php70-cli-7.0.16-1.21.amzn1.x86_64
    php70-intl-7.0.16-1.21.amzn1.x86_64
    php70-tidy-7.0.16-1.21.amzn1.x86_64
    php70-common-7.0.16-1.21.amzn1.x86_64
    php70-bcmath-7.0.16-1.21.amzn1.x86_64
    php70-zip-7.0.16-1.21.amzn1.x86_64
    php70-gd-7.0.16-1.21.amzn1.x86_64
    php70-pspell-7.0.16-1.21.amzn1.x86_64
    php70-ldap-7.0.16-1.21.amzn1.x86_64
    php70-pdo-7.0.16-1.21.amzn1.x86_64
    php70-snmp-7.0.16-1.21.amzn1.x86_64
    php70-mbstring-7.0.16-1.21.amzn1.x86_64
    php70-soap-7.0.16-1.21.amzn1.x86_64
    php70-mcrypt-7.0.16-1.21.amzn1.x86_64
    php70-recode-7.0.16-1.21.amzn1.x86_64
    php70-json-7.0.16-1.21.amzn1.x86_64
    php70-dbg-7.0.16-1.21.amzn1.x86_64
    php70-odbc-7.0.16-1.21.amzn1.x86_64
    php70-gmp-7.0.16-1.21.amzn1.x86_64
    php70-7.0.16-1.21.amzn1.x86_64
    php70-fpm-7.0.16-1.21.amzn1.x86_64
    php70-dba-7.0.16-1.21.amzn1.x86_64
    php70-pgsql-7.0.16-1.21.amzn1.x86_64
    php70-mysqlnd-7.0.16-1.21.amzn1.x86_64
    php70-pdo-dblib-7.0.16-1.21.amzn1.x86_64
    php70-debuginfo-7.0.16-1.21.amzn1.x86_64
    php70-imap-7.0.16-1.21.amzn1.x86_64
    php70-devel-7.0.16-1.21.amzn1.x86_64
    php70-enchant-7.0.16-1.21.amzn1.x86_64
    php70-embedded-7.0.16-1.21.amzn1.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions


CPE2.3 External links

http://alas.aws.amazon.com/ALAS-2017-812.html

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

5) NULL pointer dereference

EUVDB-ID: #VU12909

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2016-10162

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists in the php_wddx_pop_element function in ext/wddx/wddx.c due to NULL pointer dereference. A remote attacker can submit an inapplicable class name in a wddxPacket XML document, leading to mishandling in a wddx_deserialize call, and cause the service to crash.

Mitigation

Update the affected packages.

i686:
    php70-common-7.0.16-1.21.amzn1.i686
    php70-7.0.16-1.21.amzn1.i686
    php70-bcmath-7.0.16-1.21.amzn1.i686
    php70-zip-7.0.16-1.21.amzn1.i686
    php70-xml-7.0.16-1.21.amzn1.i686
    php70-gmp-7.0.16-1.21.amzn1.i686
    php70-ldap-7.0.16-1.21.amzn1.i686
    php70-pdo-dblib-7.0.16-1.21.amzn1.i686
    php70-gd-7.0.16-1.21.amzn1.i686
    php70-mysqlnd-7.0.16-1.21.amzn1.i686
    php70-embedded-7.0.16-1.21.amzn1.i686
    php70-opcache-7.0.16-1.21.amzn1.i686
    php70-tidy-7.0.16-1.21.amzn1.i686
    php70-intl-7.0.16-1.21.amzn1.i686
    php70-process-7.0.16-1.21.amzn1.i686
    php70-soap-7.0.16-1.21.amzn1.i686
    php70-imap-7.0.16-1.21.amzn1.i686
    php70-pdo-7.0.16-1.21.amzn1.i686
    php70-mcrypt-7.0.16-1.21.amzn1.i686
    php70-mbstring-7.0.16-1.21.amzn1.i686
    php70-fpm-7.0.16-1.21.amzn1.i686
    php70-dba-7.0.16-1.21.amzn1.i686
    php70-cli-7.0.16-1.21.amzn1.i686
    php70-pspell-7.0.16-1.21.amzn1.i686
    php70-dbg-7.0.16-1.21.amzn1.i686
    php70-pgsql-7.0.16-1.21.amzn1.i686
    php70-recode-7.0.16-1.21.amzn1.i686
    php70-xmlrpc-7.0.16-1.21.amzn1.i686
    php70-debuginfo-7.0.16-1.21.amzn1.i686
    php70-enchant-7.0.16-1.21.amzn1.i686
    php70-devel-7.0.16-1.21.amzn1.i686
    php70-json-7.0.16-1.21.amzn1.i686
    php70-snmp-7.0.16-1.21.amzn1.i686
    php70-odbc-7.0.16-1.21.amzn1.i686

src:
    php70-7.0.16-1.21.amzn1.src

x86_64:
    php70-process-7.0.16-1.21.amzn1.x86_64
    php70-opcache-7.0.16-1.21.amzn1.x86_64
    php70-xml-7.0.16-1.21.amzn1.x86_64
    php70-xmlrpc-7.0.16-1.21.amzn1.x86_64
    php70-cli-7.0.16-1.21.amzn1.x86_64
    php70-intl-7.0.16-1.21.amzn1.x86_64
    php70-tidy-7.0.16-1.21.amzn1.x86_64
    php70-common-7.0.16-1.21.amzn1.x86_64
    php70-bcmath-7.0.16-1.21.amzn1.x86_64
    php70-zip-7.0.16-1.21.amzn1.x86_64
    php70-gd-7.0.16-1.21.amzn1.x86_64
    php70-pspell-7.0.16-1.21.amzn1.x86_64
    php70-ldap-7.0.16-1.21.amzn1.x86_64
    php70-pdo-7.0.16-1.21.amzn1.x86_64
    php70-snmp-7.0.16-1.21.amzn1.x86_64
    php70-mbstring-7.0.16-1.21.amzn1.x86_64
    php70-soap-7.0.16-1.21.amzn1.x86_64
    php70-mcrypt-7.0.16-1.21.amzn1.x86_64
    php70-recode-7.0.16-1.21.amzn1.x86_64
    php70-json-7.0.16-1.21.amzn1.x86_64
    php70-dbg-7.0.16-1.21.amzn1.x86_64
    php70-odbc-7.0.16-1.21.amzn1.x86_64
    php70-gmp-7.0.16-1.21.amzn1.x86_64
    php70-7.0.16-1.21.amzn1.x86_64
    php70-fpm-7.0.16-1.21.amzn1.x86_64
    php70-dba-7.0.16-1.21.amzn1.x86_64
    php70-pgsql-7.0.16-1.21.amzn1.x86_64
    php70-mysqlnd-7.0.16-1.21.amzn1.x86_64
    php70-pdo-dblib-7.0.16-1.21.amzn1.x86_64
    php70-debuginfo-7.0.16-1.21.amzn1.x86_64
    php70-imap-7.0.16-1.21.amzn1.x86_64
    php70-devel-7.0.16-1.21.amzn1.x86_64
    php70-enchant-7.0.16-1.21.amzn1.x86_64
    php70-embedded-7.0.16-1.21.amzn1.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions


CPE2.3 External links

http://alas.aws.amazon.com/ALAS-2017-812.html

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

6) Incorrect calculation

EUVDB-ID: #VU12905

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2016-10158

CWE-ID: CWE-682 - Incorrect Calculation

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists in the exif_convert_any_to_int function in ext/exif/exif.c due to numeric errors. A remote attacker can submit specially crafted EXIF data that triggers an attempt to divide the minimum representable negative integer by -1 and cause the service to crash.

Mitigation

Update the affected packages.

i686:
    php70-common-7.0.16-1.21.amzn1.i686
    php70-7.0.16-1.21.amzn1.i686
    php70-bcmath-7.0.16-1.21.amzn1.i686
    php70-zip-7.0.16-1.21.amzn1.i686
    php70-xml-7.0.16-1.21.amzn1.i686
    php70-gmp-7.0.16-1.21.amzn1.i686
    php70-ldap-7.0.16-1.21.amzn1.i686
    php70-pdo-dblib-7.0.16-1.21.amzn1.i686
    php70-gd-7.0.16-1.21.amzn1.i686
    php70-mysqlnd-7.0.16-1.21.amzn1.i686
    php70-embedded-7.0.16-1.21.amzn1.i686
    php70-opcache-7.0.16-1.21.amzn1.i686
    php70-tidy-7.0.16-1.21.amzn1.i686
    php70-intl-7.0.16-1.21.amzn1.i686
    php70-process-7.0.16-1.21.amzn1.i686
    php70-soap-7.0.16-1.21.amzn1.i686
    php70-imap-7.0.16-1.21.amzn1.i686
    php70-pdo-7.0.16-1.21.amzn1.i686
    php70-mcrypt-7.0.16-1.21.amzn1.i686
    php70-mbstring-7.0.16-1.21.amzn1.i686
    php70-fpm-7.0.16-1.21.amzn1.i686
    php70-dba-7.0.16-1.21.amzn1.i686
    php70-cli-7.0.16-1.21.amzn1.i686
    php70-pspell-7.0.16-1.21.amzn1.i686
    php70-dbg-7.0.16-1.21.amzn1.i686
    php70-pgsql-7.0.16-1.21.amzn1.i686
    php70-recode-7.0.16-1.21.amzn1.i686
    php70-xmlrpc-7.0.16-1.21.amzn1.i686
    php70-debuginfo-7.0.16-1.21.amzn1.i686
    php70-enchant-7.0.16-1.21.amzn1.i686
    php70-devel-7.0.16-1.21.amzn1.i686
    php70-json-7.0.16-1.21.amzn1.i686
    php70-snmp-7.0.16-1.21.amzn1.i686
    php70-odbc-7.0.16-1.21.amzn1.i686

src:
    php70-7.0.16-1.21.amzn1.src

x86_64:
    php70-process-7.0.16-1.21.amzn1.x86_64
    php70-opcache-7.0.16-1.21.amzn1.x86_64
    php70-xml-7.0.16-1.21.amzn1.x86_64
    php70-xmlrpc-7.0.16-1.21.amzn1.x86_64
    php70-cli-7.0.16-1.21.amzn1.x86_64
    php70-intl-7.0.16-1.21.amzn1.x86_64
    php70-tidy-7.0.16-1.21.amzn1.x86_64
    php70-common-7.0.16-1.21.amzn1.x86_64
    php70-bcmath-7.0.16-1.21.amzn1.x86_64
    php70-zip-7.0.16-1.21.amzn1.x86_64
    php70-gd-7.0.16-1.21.amzn1.x86_64
    php70-pspell-7.0.16-1.21.amzn1.x86_64
    php70-ldap-7.0.16-1.21.amzn1.x86_64
    php70-pdo-7.0.16-1.21.amzn1.x86_64
    php70-snmp-7.0.16-1.21.amzn1.x86_64
    php70-mbstring-7.0.16-1.21.amzn1.x86_64
    php70-soap-7.0.16-1.21.amzn1.x86_64
    php70-mcrypt-7.0.16-1.21.amzn1.x86_64
    php70-recode-7.0.16-1.21.amzn1.x86_64
    php70-json-7.0.16-1.21.amzn1.x86_64
    php70-dbg-7.0.16-1.21.amzn1.x86_64
    php70-odbc-7.0.16-1.21.amzn1.x86_64
    php70-gmp-7.0.16-1.21.amzn1.x86_64
    php70-7.0.16-1.21.amzn1.x86_64
    php70-fpm-7.0.16-1.21.amzn1.x86_64
    php70-dba-7.0.16-1.21.amzn1.x86_64
    php70-pgsql-7.0.16-1.21.amzn1.x86_64
    php70-mysqlnd-7.0.16-1.21.amzn1.x86_64
    php70-pdo-dblib-7.0.16-1.21.amzn1.x86_64
    php70-debuginfo-7.0.16-1.21.amzn1.x86_64
    php70-imap-7.0.16-1.21.amzn1.x86_64
    php70-devel-7.0.16-1.21.amzn1.x86_64
    php70-enchant-7.0.16-1.21.amzn1.x86_64
    php70-embedded-7.0.16-1.21.amzn1.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions


CPE2.3 External links

http://alas.aws.amazon.com/ALAS-2017-812.html

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

7) Integer overflow

EUVDB-ID: #VU12906

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2016-10159

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists in the phar_parse_pharfile function in ext/phar/phar.c due to integer overflow. A remote attacker can submit a truncated manifest entry in a PHAR archive and cause the service to crash.

Mitigation

Update the affected packages.

i686:
    php70-common-7.0.16-1.21.amzn1.i686
    php70-7.0.16-1.21.amzn1.i686
    php70-bcmath-7.0.16-1.21.amzn1.i686
    php70-zip-7.0.16-1.21.amzn1.i686
    php70-xml-7.0.16-1.21.amzn1.i686
    php70-gmp-7.0.16-1.21.amzn1.i686
    php70-ldap-7.0.16-1.21.amzn1.i686
    php70-pdo-dblib-7.0.16-1.21.amzn1.i686
    php70-gd-7.0.16-1.21.amzn1.i686
    php70-mysqlnd-7.0.16-1.21.amzn1.i686
    php70-embedded-7.0.16-1.21.amzn1.i686
    php70-opcache-7.0.16-1.21.amzn1.i686
    php70-tidy-7.0.16-1.21.amzn1.i686
    php70-intl-7.0.16-1.21.amzn1.i686
    php70-process-7.0.16-1.21.amzn1.i686
    php70-soap-7.0.16-1.21.amzn1.i686
    php70-imap-7.0.16-1.21.amzn1.i686
    php70-pdo-7.0.16-1.21.amzn1.i686
    php70-mcrypt-7.0.16-1.21.amzn1.i686
    php70-mbstring-7.0.16-1.21.amzn1.i686
    php70-fpm-7.0.16-1.21.amzn1.i686
    php70-dba-7.0.16-1.21.amzn1.i686
    php70-cli-7.0.16-1.21.amzn1.i686
    php70-pspell-7.0.16-1.21.amzn1.i686
    php70-dbg-7.0.16-1.21.amzn1.i686
    php70-pgsql-7.0.16-1.21.amzn1.i686
    php70-recode-7.0.16-1.21.amzn1.i686
    php70-xmlrpc-7.0.16-1.21.amzn1.i686
    php70-debuginfo-7.0.16-1.21.amzn1.i686
    php70-enchant-7.0.16-1.21.amzn1.i686
    php70-devel-7.0.16-1.21.amzn1.i686
    php70-json-7.0.16-1.21.amzn1.i686
    php70-snmp-7.0.16-1.21.amzn1.i686
    php70-odbc-7.0.16-1.21.amzn1.i686

src:
    php70-7.0.16-1.21.amzn1.src

x86_64:
    php70-process-7.0.16-1.21.amzn1.x86_64
    php70-opcache-7.0.16-1.21.amzn1.x86_64
    php70-xml-7.0.16-1.21.amzn1.x86_64
    php70-xmlrpc-7.0.16-1.21.amzn1.x86_64
    php70-cli-7.0.16-1.21.amzn1.x86_64
    php70-intl-7.0.16-1.21.amzn1.x86_64
    php70-tidy-7.0.16-1.21.amzn1.x86_64
    php70-common-7.0.16-1.21.amzn1.x86_64
    php70-bcmath-7.0.16-1.21.amzn1.x86_64
    php70-zip-7.0.16-1.21.amzn1.x86_64
    php70-gd-7.0.16-1.21.amzn1.x86_64
    php70-pspell-7.0.16-1.21.amzn1.x86_64
    php70-ldap-7.0.16-1.21.amzn1.x86_64
    php70-pdo-7.0.16-1.21.amzn1.x86_64
    php70-snmp-7.0.16-1.21.amzn1.x86_64
    php70-mbstring-7.0.16-1.21.amzn1.x86_64
    php70-soap-7.0.16-1.21.amzn1.x86_64
    php70-mcrypt-7.0.16-1.21.amzn1.x86_64
    php70-recode-7.0.16-1.21.amzn1.x86_64
    php70-json-7.0.16-1.21.amzn1.x86_64
    php70-dbg-7.0.16-1.21.amzn1.x86_64
    php70-odbc-7.0.16-1.21.amzn1.x86_64
    php70-gmp-7.0.16-1.21.amzn1.x86_64
    php70-7.0.16-1.21.amzn1.x86_64
    php70-fpm-7.0.16-1.21.amzn1.x86_64
    php70-dba-7.0.16-1.21.amzn1.x86_64
    php70-pgsql-7.0.16-1.21.amzn1.x86_64
    php70-mysqlnd-7.0.16-1.21.amzn1.x86_64
    php70-pdo-dblib-7.0.16-1.21.amzn1.x86_64
    php70-debuginfo-7.0.16-1.21.amzn1.x86_64
    php70-imap-7.0.16-1.21.amzn1.x86_64
    php70-devel-7.0.16-1.21.amzn1.x86_64
    php70-enchant-7.0.16-1.21.amzn1.x86_64
    php70-embedded-7.0.16-1.21.amzn1.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions


CPE2.3 External links

http://alas.aws.amazon.com/ALAS-2017-812.html

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

8) Improper input validation

EUVDB-ID: #VU7575

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2016-10167

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation when processing images in gdImageCreateFromGd2Ctx() function in gd_gd2.c. A remote attacker can supply a malformed image and crash the application, using the affected library.

Mitigation

Update the affected packages.

i686:
    php70-common-7.0.16-1.21.amzn1.i686
    php70-7.0.16-1.21.amzn1.i686
    php70-bcmath-7.0.16-1.21.amzn1.i686
    php70-zip-7.0.16-1.21.amzn1.i686
    php70-xml-7.0.16-1.21.amzn1.i686
    php70-gmp-7.0.16-1.21.amzn1.i686
    php70-ldap-7.0.16-1.21.amzn1.i686
    php70-pdo-dblib-7.0.16-1.21.amzn1.i686
    php70-gd-7.0.16-1.21.amzn1.i686
    php70-mysqlnd-7.0.16-1.21.amzn1.i686
    php70-embedded-7.0.16-1.21.amzn1.i686
    php70-opcache-7.0.16-1.21.amzn1.i686
    php70-tidy-7.0.16-1.21.amzn1.i686
    php70-intl-7.0.16-1.21.amzn1.i686
    php70-process-7.0.16-1.21.amzn1.i686
    php70-soap-7.0.16-1.21.amzn1.i686
    php70-imap-7.0.16-1.21.amzn1.i686
    php70-pdo-7.0.16-1.21.amzn1.i686
    php70-mcrypt-7.0.16-1.21.amzn1.i686
    php70-mbstring-7.0.16-1.21.amzn1.i686
    php70-fpm-7.0.16-1.21.amzn1.i686
    php70-dba-7.0.16-1.21.amzn1.i686
    php70-cli-7.0.16-1.21.amzn1.i686
    php70-pspell-7.0.16-1.21.amzn1.i686
    php70-dbg-7.0.16-1.21.amzn1.i686
    php70-pgsql-7.0.16-1.21.amzn1.i686
    php70-recode-7.0.16-1.21.amzn1.i686
    php70-xmlrpc-7.0.16-1.21.amzn1.i686
    php70-debuginfo-7.0.16-1.21.amzn1.i686
    php70-enchant-7.0.16-1.21.amzn1.i686
    php70-devel-7.0.16-1.21.amzn1.i686
    php70-json-7.0.16-1.21.amzn1.i686
    php70-snmp-7.0.16-1.21.amzn1.i686
    php70-odbc-7.0.16-1.21.amzn1.i686

src:
    php70-7.0.16-1.21.amzn1.src

x86_64:
    php70-process-7.0.16-1.21.amzn1.x86_64
    php70-opcache-7.0.16-1.21.amzn1.x86_64
    php70-xml-7.0.16-1.21.amzn1.x86_64
    php70-xmlrpc-7.0.16-1.21.amzn1.x86_64
    php70-cli-7.0.16-1.21.amzn1.x86_64
    php70-intl-7.0.16-1.21.amzn1.x86_64
    php70-tidy-7.0.16-1.21.amzn1.x86_64
    php70-common-7.0.16-1.21.amzn1.x86_64
    php70-bcmath-7.0.16-1.21.amzn1.x86_64
    php70-zip-7.0.16-1.21.amzn1.x86_64
    php70-gd-7.0.16-1.21.amzn1.x86_64
    php70-pspell-7.0.16-1.21.amzn1.x86_64
    php70-ldap-7.0.16-1.21.amzn1.x86_64
    php70-pdo-7.0.16-1.21.amzn1.x86_64
    php70-snmp-7.0.16-1.21.amzn1.x86_64
    php70-mbstring-7.0.16-1.21.amzn1.x86_64
    php70-soap-7.0.16-1.21.amzn1.x86_64
    php70-mcrypt-7.0.16-1.21.amzn1.x86_64
    php70-recode-7.0.16-1.21.amzn1.x86_64
    php70-json-7.0.16-1.21.amzn1.x86_64
    php70-dbg-7.0.16-1.21.amzn1.x86_64
    php70-odbc-7.0.16-1.21.amzn1.x86_64
    php70-gmp-7.0.16-1.21.amzn1.x86_64
    php70-7.0.16-1.21.amzn1.x86_64
    php70-fpm-7.0.16-1.21.amzn1.x86_64
    php70-dba-7.0.16-1.21.amzn1.x86_64
    php70-pgsql-7.0.16-1.21.amzn1.x86_64
    php70-mysqlnd-7.0.16-1.21.amzn1.x86_64
    php70-pdo-dblib-7.0.16-1.21.amzn1.x86_64
    php70-debuginfo-7.0.16-1.21.amzn1.x86_64
    php70-imap-7.0.16-1.21.amzn1.x86_64
    php70-devel-7.0.16-1.21.amzn1.x86_64
    php70-enchant-7.0.16-1.21.amzn1.x86_64
    php70-embedded-7.0.16-1.21.amzn1.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions


CPE2.3 External links

http://alas.aws.amazon.com/ALAS-2017-812.html

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

9) Integer overflow

EUVDB-ID: #VU12910

Risk: High

CVSSv3.1:

CVE-ID: CVE-2017-5340

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition or execute arbitrary code on the target system.

The weakness exists in zend/zend_hash.c due to mishandling certain cases that require large array allocations. A remote attacker can submit specially crafted serialized data and cause the service to crash or execute arbitrary code.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update the affected packages.

i686:
    php70-common-7.0.16-1.21.amzn1.i686
    php70-7.0.16-1.21.amzn1.i686
    php70-bcmath-7.0.16-1.21.amzn1.i686
    php70-zip-7.0.16-1.21.amzn1.i686
    php70-xml-7.0.16-1.21.amzn1.i686
    php70-gmp-7.0.16-1.21.amzn1.i686
    php70-ldap-7.0.16-1.21.amzn1.i686
    php70-pdo-dblib-7.0.16-1.21.amzn1.i686
    php70-gd-7.0.16-1.21.amzn1.i686
    php70-mysqlnd-7.0.16-1.21.amzn1.i686
    php70-embedded-7.0.16-1.21.amzn1.i686
    php70-opcache-7.0.16-1.21.amzn1.i686
    php70-tidy-7.0.16-1.21.amzn1.i686
    php70-intl-7.0.16-1.21.amzn1.i686
    php70-process-7.0.16-1.21.amzn1.i686
    php70-soap-7.0.16-1.21.amzn1.i686
    php70-imap-7.0.16-1.21.amzn1.i686
    php70-pdo-7.0.16-1.21.amzn1.i686
    php70-mcrypt-7.0.16-1.21.amzn1.i686
    php70-mbstring-7.0.16-1.21.amzn1.i686
    php70-fpm-7.0.16-1.21.amzn1.i686
    php70-dba-7.0.16-1.21.amzn1.i686
    php70-cli-7.0.16-1.21.amzn1.i686
    php70-pspell-7.0.16-1.21.amzn1.i686
    php70-dbg-7.0.16-1.21.amzn1.i686
    php70-pgsql-7.0.16-1.21.amzn1.i686
    php70-recode-7.0.16-1.21.amzn1.i686
    php70-xmlrpc-7.0.16-1.21.amzn1.i686
    php70-debuginfo-7.0.16-1.21.amzn1.i686
    php70-enchant-7.0.16-1.21.amzn1.i686
    php70-devel-7.0.16-1.21.amzn1.i686
    php70-json-7.0.16-1.21.amzn1.i686
    php70-snmp-7.0.16-1.21.amzn1.i686
    php70-odbc-7.0.16-1.21.amzn1.i686

src:
    php70-7.0.16-1.21.amzn1.src

x86_64:
    php70-process-7.0.16-1.21.amzn1.x86_64
    php70-opcache-7.0.16-1.21.amzn1.x86_64
    php70-xml-7.0.16-1.21.amzn1.x86_64
    php70-xmlrpc-7.0.16-1.21.amzn1.x86_64
    php70-cli-7.0.16-1.21.amzn1.x86_64
    php70-intl-7.0.16-1.21.amzn1.x86_64
    php70-tidy-7.0.16-1.21.amzn1.x86_64
    php70-common-7.0.16-1.21.amzn1.x86_64
    php70-bcmath-7.0.16-1.21.amzn1.x86_64
    php70-zip-7.0.16-1.21.amzn1.x86_64
    php70-gd-7.0.16-1.21.amzn1.x86_64
    php70-pspell-7.0.16-1.21.amzn1.x86_64
    php70-ldap-7.0.16-1.21.amzn1.x86_64
    php70-pdo-7.0.16-1.21.amzn1.x86_64
    php70-snmp-7.0.16-1.21.amzn1.x86_64
    php70-mbstring-7.0.16-1.21.amzn1.x86_64
    php70-soap-7.0.16-1.21.amzn1.x86_64
    php70-mcrypt-7.0.16-1.21.amzn1.x86_64
    php70-recode-7.0.16-1.21.amzn1.x86_64
    php70-json-7.0.16-1.21.amzn1.x86_64
    php70-dbg-7.0.16-1.21.amzn1.x86_64
    php70-odbc-7.0.16-1.21.amzn1.x86_64
    php70-gmp-7.0.16-1.21.amzn1.x86_64
    php70-7.0.16-1.21.amzn1.x86_64
    php70-fpm-7.0.16-1.21.amzn1.x86_64
    php70-dba-7.0.16-1.21.amzn1.x86_64
    php70-pgsql-7.0.16-1.21.amzn1.x86_64
    php70-mysqlnd-7.0.16-1.21.amzn1.x86_64
    php70-pdo-dblib-7.0.16-1.21.amzn1.x86_64
    php70-debuginfo-7.0.16-1.21.amzn1.x86_64
    php70-imap-7.0.16-1.21.amzn1.x86_64
    php70-devel-7.0.16-1.21.amzn1.x86_64
    php70-enchant-7.0.16-1.21.amzn1.x86_64
    php70-embedded-7.0.16-1.21.amzn1.x86_64

Vulnerable software versions

Amazon Linux AMI: All versions


CPE2.3 External links

http://alas.aws.amazon.com/ALAS-2017-812.html

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###