SB2015031801 - Ubuntu update for PHP 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2015031801

SB2015031801 - Ubuntu update for PHP

Published: March 18, 2015 Updated: November 27, 2018

Security Bulletin ID SB2015031801
Severity
High
Patch available
YES
Number of vulnerabilities 4
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 50% Low 50%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 4 secuirty vulnerabilities.


1) Resource exhaustion (CVE-ID: CVE-2014-8117)

The vulnerability allows a remote attacker to cause DoS condition.

The weakness exists due to resource exhaustion when softmagic.c in file before 5.21 does not properly limit recursion. A remote attacker can trigger CPU consumption and cause the service to crash.

2) Heap-based buffer overflow (CVE-ID: CVE-2014-9705)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to heap-based buffer overflow in the enchant_broker_request_dict function in ext/enchant/enchant.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6. A remote attacker can trigger memory corruption via vectors that trigger creation of multiple dictionaries and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


3) Use-after-free error (CVE-ID: CVE-2015-0273)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to multiple use-after-free vulnerabilities in ext/date/php_date.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6. A remote attacker can trigger memory corruption via crafted serialized input containing a (1) R or (2) r type specifier in (a) DateTimeZone data handled by the php_date_timezone_initialize_from_hash function or (b) DateTime data handled by the php_date_initialize_from_hash function and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


4) Use-after-free error (CVE-ID: CVE-2015-2301)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to use-after-free vulnerability in the phar_rename_archive function in phar_object.c in PHP before 5.5.22 and 5.6.x before 5.6.6. A remote attacker can trigger memory corruption via vectors that trigger an attempted renaming of a Phar archive to the name of an existing file and cause the service to crash.


Remediation

Install update from vendor's website.

References