Amazon Linux AMI update for php54
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 3 |
| CVE-ID | CVE-2014-3669 CVE-2014-3668 CVE-2014-3670 |
| CWE-ID | CWE-190 CWE-119 CWE-122 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Amazon Linux AMI Operating systems & Components / Operating system |
| Vendor | Amazon Web Services |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) Integer overflow
EUVDB-ID: #VU16098
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2014-3669
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition or execute arbitrary code on the target system.
The vulnerability exists due to integer overflow in the object_custom function in ext/standard/var_unserializer.c in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2. A remote attacker can trigger memory corruption via an argument to the unserialize function that triggers calculation of a large length value and cause the service to crash or execute arbitrary code.
MitigationUpdate the affected packages:
i686:Vulnerable software versions
php54-debuginfo-5.4.34-1.62.amzn1.i686
php54-mbstring-5.4.34-1.62.amzn1.i686
php54-5.4.34-1.62.amzn1.i686
php54-xml-5.4.34-1.62.amzn1.i686
php54-devel-5.4.34-1.62.amzn1.i686
php54-bcmath-5.4.34-1.62.amzn1.i686
php54-odbc-5.4.34-1.62.amzn1.i686
php54-snmp-5.4.34-1.62.amzn1.i686
php54-gd-5.4.34-1.62.amzn1.i686
php54-soap-5.4.34-1.62.amzn1.i686
php54-xmlrpc-5.4.34-1.62.amzn1.i686
php54-intl-5.4.34-1.62.amzn1.i686
php54-fpm-5.4.34-1.62.amzn1.i686
php54-pdo-5.4.34-1.62.amzn1.i686
php54-mssql-5.4.34-1.62.amzn1.i686
php54-imap-5.4.34-1.62.amzn1.i686
php54-mysql-5.4.34-1.62.amzn1.i686
php54-pgsql-5.4.34-1.62.amzn1.i686
php54-embedded-5.4.34-1.62.amzn1.i686
php54-pspell-5.4.34-1.62.amzn1.i686
php54-enchant-5.4.34-1.62.amzn1.i686
php54-common-5.4.34-1.62.amzn1.i686
php54-recode-5.4.34-1.62.amzn1.i686
php54-dba-5.4.34-1.62.amzn1.i686
php54-ldap-5.4.34-1.62.amzn1.i686
php54-cli-5.4.34-1.62.amzn1.i686
php54-tidy-5.4.34-1.62.amzn1.i686
php54-mcrypt-5.4.34-1.62.amzn1.i686
php54-mysqlnd-5.4.34-1.62.amzn1.i686
php54-process-5.4.34-1.62.amzn1.i686
src:
php54-5.4.34-1.62.amzn1.src
x86_64:
php54-fpm-5.4.34-1.62.amzn1.x86_64
php54-5.4.34-1.62.amzn1.x86_64
php54-mssql-5.4.34-1.62.amzn1.x86_64
php54-debuginfo-5.4.34-1.62.amzn1.x86_64
php54-gd-5.4.34-1.62.amzn1.x86_64
php54-imap-5.4.34-1.62.amzn1.x86_64
php54-embedded-5.4.34-1.62.amzn1.x86_64
php54-mcrypt-5.4.34-1.62.amzn1.x86_64
php54-pdo-5.4.34-1.62.amzn1.x86_64
php54-pgsql-5.4.34-1.62.amzn1.x86_64
php54-common-5.4.34-1.62.amzn1.x86_64
php54-dba-5.4.34-1.62.amzn1.x86_64
php54-tidy-5.4.34-1.62.amzn1.x86_64
php54-bcmath-5.4.34-1.62.amzn1.x86_64
php54-odbc-5.4.34-1.62.amzn1.x86_64
php54-mysql-5.4.34-1.62.amzn1.x86_64
php54-cli-5.4.34-1.62.amzn1.x86_64
php54-ldap-5.4.34-1.62.amzn1.x86_64
php54-process-5.4.34-1.62.amzn1.x86_64
php54-snmp-5.4.34-1.62.amzn1.x86_64
php54-devel-5.4.34-1.62.amzn1.x86_64
php54-mbstring-5.4.34-1.62.amzn1.x86_64
php54-soap-5.4.34-1.62.amzn1.x86_64
php54-enchant-5.4.34-1.62.amzn1.x86_64
php54-pspell-5.4.34-1.62.amzn1.x86_64
php54-mysqlnd-5.4.34-1.62.amzn1.x86_64
php54-intl-5.4.34-1.62.amzn1.x86_64
php54-xml-5.4.34-1.62.amzn1.x86_64
php54-xmlrpc-5.4.34-1.62.amzn1.x86_64
php54-recode-5.4.34-1.62.amzn1.x86_64
Amazon Linux AMI: All versions
CPE2.3 External linkshttps://alas.aws.amazon.com/ALAS-2014-434.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Buffer overflow
EUVDB-ID: #VU16097
Risk: Low
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2014-3668
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists due to buffer overflow in the date_from_ISO8601 function in the mkgmtime implementation in libxmlrpc/xmlrpc.c in the XMLRPC extension in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2. A remote attacker can trigger memory corruption via a crafted first argument to the xmlrpc_set_type function or (2) a crafted argument to the xmlrpc_decode function, related to an out-of-bounds read operation and cause the service to crash.
MitigationUpdate the affected packages:
i686:Vulnerable software versions
php54-debuginfo-5.4.34-1.62.amzn1.i686
php54-mbstring-5.4.34-1.62.amzn1.i686
php54-5.4.34-1.62.amzn1.i686
php54-xml-5.4.34-1.62.amzn1.i686
php54-devel-5.4.34-1.62.amzn1.i686
php54-bcmath-5.4.34-1.62.amzn1.i686
php54-odbc-5.4.34-1.62.amzn1.i686
php54-snmp-5.4.34-1.62.amzn1.i686
php54-gd-5.4.34-1.62.amzn1.i686
php54-soap-5.4.34-1.62.amzn1.i686
php54-xmlrpc-5.4.34-1.62.amzn1.i686
php54-intl-5.4.34-1.62.amzn1.i686
php54-fpm-5.4.34-1.62.amzn1.i686
php54-pdo-5.4.34-1.62.amzn1.i686
php54-mssql-5.4.34-1.62.amzn1.i686
php54-imap-5.4.34-1.62.amzn1.i686
php54-mysql-5.4.34-1.62.amzn1.i686
php54-pgsql-5.4.34-1.62.amzn1.i686
php54-embedded-5.4.34-1.62.amzn1.i686
php54-pspell-5.4.34-1.62.amzn1.i686
php54-enchant-5.4.34-1.62.amzn1.i686
php54-common-5.4.34-1.62.amzn1.i686
php54-recode-5.4.34-1.62.amzn1.i686
php54-dba-5.4.34-1.62.amzn1.i686
php54-ldap-5.4.34-1.62.amzn1.i686
php54-cli-5.4.34-1.62.amzn1.i686
php54-tidy-5.4.34-1.62.amzn1.i686
php54-mcrypt-5.4.34-1.62.amzn1.i686
php54-mysqlnd-5.4.34-1.62.amzn1.i686
php54-process-5.4.34-1.62.amzn1.i686
src:
php54-5.4.34-1.62.amzn1.src
x86_64:
php54-fpm-5.4.34-1.62.amzn1.x86_64
php54-5.4.34-1.62.amzn1.x86_64
php54-mssql-5.4.34-1.62.amzn1.x86_64
php54-debuginfo-5.4.34-1.62.amzn1.x86_64
php54-gd-5.4.34-1.62.amzn1.x86_64
php54-imap-5.4.34-1.62.amzn1.x86_64
php54-embedded-5.4.34-1.62.amzn1.x86_64
php54-mcrypt-5.4.34-1.62.amzn1.x86_64
php54-pdo-5.4.34-1.62.amzn1.x86_64
php54-pgsql-5.4.34-1.62.amzn1.x86_64
php54-common-5.4.34-1.62.amzn1.x86_64
php54-dba-5.4.34-1.62.amzn1.x86_64
php54-tidy-5.4.34-1.62.amzn1.x86_64
php54-bcmath-5.4.34-1.62.amzn1.x86_64
php54-odbc-5.4.34-1.62.amzn1.x86_64
php54-mysql-5.4.34-1.62.amzn1.x86_64
php54-cli-5.4.34-1.62.amzn1.x86_64
php54-ldap-5.4.34-1.62.amzn1.x86_64
php54-process-5.4.34-1.62.amzn1.x86_64
php54-snmp-5.4.34-1.62.amzn1.x86_64
php54-devel-5.4.34-1.62.amzn1.x86_64
php54-mbstring-5.4.34-1.62.amzn1.x86_64
php54-soap-5.4.34-1.62.amzn1.x86_64
php54-enchant-5.4.34-1.62.amzn1.x86_64
php54-pspell-5.4.34-1.62.amzn1.x86_64
php54-mysqlnd-5.4.34-1.62.amzn1.x86_64
php54-intl-5.4.34-1.62.amzn1.x86_64
php54-xml-5.4.34-1.62.amzn1.x86_64
php54-xmlrpc-5.4.34-1.62.amzn1.x86_64
php54-recode-5.4.34-1.62.amzn1.x86_64
Amazon Linux AMI: All versions
CPE2.3 External linkshttps://alas.aws.amazon.com/ALAS-2014-434.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Heap-based buffer overflow
EUVDB-ID: #VU16099
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2014-3670
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to heap-based buffer overflow when exif_ifd_make_value function in exif.c in the EXIF extension in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2 operates on floating-point arrays incorrectly. A remote attacker can trigger memory corruption via a crafted JPEG image with TIFF thumbnail data that is improperly handled by the exif_thumbnail function and cause the application to crash or execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected packages:
i686:Vulnerable software versions
php54-debuginfo-5.4.34-1.62.amzn1.i686
php54-mbstring-5.4.34-1.62.amzn1.i686
php54-5.4.34-1.62.amzn1.i686
php54-xml-5.4.34-1.62.amzn1.i686
php54-devel-5.4.34-1.62.amzn1.i686
php54-bcmath-5.4.34-1.62.amzn1.i686
php54-odbc-5.4.34-1.62.amzn1.i686
php54-snmp-5.4.34-1.62.amzn1.i686
php54-gd-5.4.34-1.62.amzn1.i686
php54-soap-5.4.34-1.62.amzn1.i686
php54-xmlrpc-5.4.34-1.62.amzn1.i686
php54-intl-5.4.34-1.62.amzn1.i686
php54-fpm-5.4.34-1.62.amzn1.i686
php54-pdo-5.4.34-1.62.amzn1.i686
php54-mssql-5.4.34-1.62.amzn1.i686
php54-imap-5.4.34-1.62.amzn1.i686
php54-mysql-5.4.34-1.62.amzn1.i686
php54-pgsql-5.4.34-1.62.amzn1.i686
php54-embedded-5.4.34-1.62.amzn1.i686
php54-pspell-5.4.34-1.62.amzn1.i686
php54-enchant-5.4.34-1.62.amzn1.i686
php54-common-5.4.34-1.62.amzn1.i686
php54-recode-5.4.34-1.62.amzn1.i686
php54-dba-5.4.34-1.62.amzn1.i686
php54-ldap-5.4.34-1.62.amzn1.i686
php54-cli-5.4.34-1.62.amzn1.i686
php54-tidy-5.4.34-1.62.amzn1.i686
php54-mcrypt-5.4.34-1.62.amzn1.i686
php54-mysqlnd-5.4.34-1.62.amzn1.i686
php54-process-5.4.34-1.62.amzn1.i686
src:
php54-5.4.34-1.62.amzn1.src
x86_64:
php54-fpm-5.4.34-1.62.amzn1.x86_64
php54-5.4.34-1.62.amzn1.x86_64
php54-mssql-5.4.34-1.62.amzn1.x86_64
php54-debuginfo-5.4.34-1.62.amzn1.x86_64
php54-gd-5.4.34-1.62.amzn1.x86_64
php54-imap-5.4.34-1.62.amzn1.x86_64
php54-embedded-5.4.34-1.62.amzn1.x86_64
php54-mcrypt-5.4.34-1.62.amzn1.x86_64
php54-pdo-5.4.34-1.62.amzn1.x86_64
php54-pgsql-5.4.34-1.62.amzn1.x86_64
php54-common-5.4.34-1.62.amzn1.x86_64
php54-dba-5.4.34-1.62.amzn1.x86_64
php54-tidy-5.4.34-1.62.amzn1.x86_64
php54-bcmath-5.4.34-1.62.amzn1.x86_64
php54-odbc-5.4.34-1.62.amzn1.x86_64
php54-mysql-5.4.34-1.62.amzn1.x86_64
php54-cli-5.4.34-1.62.amzn1.x86_64
php54-ldap-5.4.34-1.62.amzn1.x86_64
php54-process-5.4.34-1.62.amzn1.x86_64
php54-snmp-5.4.34-1.62.amzn1.x86_64
php54-devel-5.4.34-1.62.amzn1.x86_64
php54-mbstring-5.4.34-1.62.amzn1.x86_64
php54-soap-5.4.34-1.62.amzn1.x86_64
php54-enchant-5.4.34-1.62.amzn1.x86_64
php54-pspell-5.4.34-1.62.amzn1.x86_64
php54-mysqlnd-5.4.34-1.62.amzn1.x86_64
php54-intl-5.4.34-1.62.amzn1.x86_64
php54-xml-5.4.34-1.62.amzn1.x86_64
php54-xmlrpc-5.4.34-1.62.amzn1.x86_64
php54-recode-5.4.34-1.62.amzn1.x86_64
Amazon Linux AMI: All versions
CPE2.3 External linkshttps://alas.aws.amazon.com/ALAS-2014-434.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
