SB2023011201 - SUSE update for php74

Description

This security bulletin contains information about 3 secuirty vulnerabilities.

1) Out-of-bounds read (CVE-ID: CVE-2014-9709)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error in The GetCode_ function in gd_gif_in.c in GD 2.1.1 and earlier, as used in PHP before 5.5.21 and 5.6.x before 5.6.5,. A remote attacker can perform a denial of service (buffer over-read and application crash) via a crafted GIF image that is improperly handled by the gdImageCreateFromGif function.

2) Security restrictions bypass (CVE-ID: CVE-2015-3411)

The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The weakness exists due to PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 does not ensure that pathnames lack %00 sequences. A remote attacker can read or write to arbitrary files via crafted input to an application that calls (1) a DOMDocument load method, (2) the xmlwriter_open_uri function, (3) the finfo_file function, or (4) the hash_hmac_file function, as demonstrated by a filename.xml attack that bypasses an intended configuration in which client users may read only .xml files.

3) Integer overflow (CVE-ID: CVE-2022-31631)

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to integer overflow when processing untrusted input within the PDO::quote() in PDO_SQLite. A remote attacker can pass a specially crafted input to the application that after being processed by the affected PDO::quote() method will return a quoted string, which can result in a SQL injection.

Remediation

Install update from vendor's website.

References

• https://www.suse.com/support/update/announcement/2023/suse-su-20230072-1/