SB2017022702 - SUSE Linux update for php53 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2017022702

SB2017022702 - SUSE Linux update for php53

Published: February 27, 2017

Security Bulletin ID SB2017022702
Severity
High
Patch available
YES
Number of vulnerabilities 8
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 38% Low 63%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 8 secuirty vulnerabilities.


1) Incorrect calculation (CVE-ID: CVE-2016-10158)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists in the exif_convert_any_to_int function in ext/exif/exif.c due to numeric errors. A remote attacker can submit specially crafted EXIF data that triggers an attempt to divide the minimum representable negative integer by -1 and cause the service to crash.

2) Integer overflow (CVE-ID: CVE-2016-10159)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists in the phar_parse_pharfile function in ext/phar/phar.c due to integer overflow. A remote attacker can submit a truncated manifest entry in a PHAR archive and cause the service to crash.

3) Off-by-one error (CVE-ID: CVE-2016-10160)

The vulnerability allows a remote attacker to cause DoS condition or execute arbitrary code on the target system.

The weakness exists in the phar_parse_pharfile function in ext/phar/phar.c due to off-by-one error. A remote attacker can submit a specially crafted PHAR archive with an alias mismatch and cause the service to crash or execute arbitrary code.

Successful exploitation of the vulnerability may result in system compromise.

4) Buffer over-read (CVE-ID: CVE-2016-10161)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists in the object_common1 function in ext/standard/var_unserializer.c due to buffer over-read. A remote attacker can submit specially crafted serialized data that is mishandled in a finish_nested_data call and cause the service to crash.

5) Integer underflow (CVE-ID: CVE-2016-10166)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack and potentially compromise vulnerable system.

The vulnerability exists due to integer underflow when decrementing the "u" variable in _gdContributionsAlloc() function in gd_interpolation.c. A remote attacker create a specially crafted image file, trigger memory corruption and crash the affected application or execute arbitrary code on the target system.

6) Improper input validation (CVE-ID: CVE-2016-10167)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation when processing images in gdImageCreateFromGd2Ctx() function in gd_gd2.c. A remote attacker can supply a malformed image and crash the application, using the affected library.

7) Integer overflow (CVE-ID: CVE-2016-10168)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack and potentially compromise vulnerable system.

The vulnerability exists due to integer overflow when processing the number of horizontal and vertical chunks in an image in gd_io.c. A remote attacker create a specially crafted image file, trigger memory corruption and crash the affected application or execute arbitrary code on the target system.

8) Infinite loop (CVE-ID: CVE-2016-7478)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to infinite loop in zend/zend_exceptions.c in PHP, possibly 5.x before 5.6.28 and 7.x before 7.0.13. A remote attacker can trigger infinite loop and cause the service to crash via a crafted Exception object in serialized data.


Remediation

Install update from vendor's website.

References