SB2017011902 - Arch Linux update for php
Published: January 19, 2017
Security Bulletin ID
SB2017011902
Severity
High
Patch available
YES
Number of vulnerabilities
3
Exploitation vector
Remote access
Highest impact
Code execution
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 3 secuirty vulnerabilities.
1) Out-of-bounds read (CVE-ID: CVE-2016-9935)
The vulnerability allows a remote attacker to cause DoS condition on the target system.The weakness exists in the php_wddx_push_element function in ext/wddx/wddx.c due to out-of-bounds read. A remote attacker can submit an empty boolean element in a wddxPacket XML document and cause the service to crash.
2) Use-after-free error (CVE-ID: CVE-2016-9936)
The vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists in the unserialize implementation in ext/standard/var.c due to use-after-free error. A remote attacker can submit crafted serialized data and cause the service to crash.
3) Integer overflow (CVE-ID: CVE-2017-5340)
The vulnerability allows a remote attacker to cause DoS condition or execute arbitrary code on the target system.The weakness exists in zend/zend_hash.c due to mishandling certain cases that require large array allocations. A remote attacker can submit specially crafted serialized data and cause the service to crash or execute arbitrary code.
Successful exploitation of the vulnerability may result in system compromise.
Remediation
Install update from vendor's website.