Created
August 27, 2015 15:11
-
-
Save andrewgross/e125be9312dfe78b036d to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Multiple vulnerabilities have been discovered in the PHP language: | |
CVE-2015-4598 | |
thoger at redhat dot com discovered that paths containing a NUL | |
character were improperly handled, thus allowing an attacker to | |
manipulate unexpected files on the server. | |
CVE-2015-4643 | |
Max Spelsberg discovered an integer overflow flaw leading to a | |
heap-based buffer overflow in PHP's FTP extension, when parsing | |
listings in FTP server responses. This could lead to a a crash or | |
execution of arbitrary code. | |
CVE-2015-4644 | |
A denial of service through a crash could be caused by a segfault | |
in the php_pgsql_meta_data function. | |
CVE-2015-5589 | |
kwrnel at hotmail dot com discovered that PHP could crash when | |
processing an invalid phar file, thus leading to a denial of | |
service. | |
CVE-2015-5590 | |
jared at enhancesoft dot com discovered a buffer overflow in the | |
phar_fix_filepath function, that could causes a crash or execution | |
of arbitrary code. | |
Additionally, several other vulnerabilites were fixed: | |
sean dot heelan at gmail dot com discovered a problem in the | |
unserialization of some items, that could lead to arbitrary code | |
execution. | |
stewie at mail dot ru discovered that the phar extension improperly | |
handled zip archives with relative paths, which would allow an | |
attacker to overwrite files outside of the destination directory. | |
taoguangchen at icloud dot com discovered several use-after-free | |
vulnerabilities that could lead to arbitrary code execution. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment