openSUSE Security Update : php5 (openSUSE-2016-703)

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

This update for php5 fixes the following issues :

- CVE-2013-7456: imagescale out-of-bounds read
(bnc#982009).

- CVE-2016-5093: get_icu_value_internal out-of-bounds read
(bnc#982010).

- CVE-2016-5094: Don't create strings with lengths outside
int range (bnc#982011).

- CVE-2016-5095: Don't create strings with lengths outside
int range (bnc#982012).

- CVE-2016-5096: int/size_t confusion in fread
(bsc#982013).

- CVE-2016-5114: fpm_log.c memory leak and buffer overflow
(bnc#982162).

- CVE-2015-8877: The gdImageScaleTwoPass function in
gd_interpolation.c in the GD Graphics Library (aka
libgd), as used in PHP, used inconsistent allocate and
free approaches, which allowed remote attackers to cause
a denial of service (memory consumption) via a crafted
call, as demonstrated by a call to the PHP imagescale
function (bsc#981061).

- CVE-2015-8876: Zend/zend_exceptions.c in PHP did not
validate certain Exception objects, which allowed remote
attackers to cause a denial of service (NULL pointer
dereference and application crash) or trigger unintended
method execution via crafted serialized data
(bsc#981049).

- CVE-2015-8879: The odbc_bindcols function in
ext/odbc/php_odbc.c in PHP mishandled driver behavior
for SQL_WVARCHAR columns, which allowed remote attackers
to cause a denial of service (application crash) in
opportunistic circumstances by leveraging use of the
odbc_fetch_array function to access a certain type of
Microsoft SQL Server table Aliased: (bsc#981050).

- CVE-2015-4116: Use-after-free vulnerability in the
spl_ptr_heap_insert function in ext/spl/spl_heap.c in
PHP allowed remote attackers to execute arbitrary code
by triggering a failed SplMinHeap::compare operation
(bsc#980366).

- CVE-2015-8874: Stack consumption vulnerability in GD in
PHP allowed remote attackers to cause a denial of
service via a crafted imagefilltoborder call
(bsc#980375).

- CVE-2015-8873: Stack consumption vulnerability in
Zend/zend_exceptions.c in PHP allowed remote attackers
to cause a denial of service (segmentation fault) via
recursive method calls (bsc#980373).

- CVE-2016-3074: Integer signedness error in GD Graphics
Library (aka libgd or libgd2) allowed remote attackers
to cause a denial of service (crash) or potentially
execute arbitrary code via crafted compressed gd2 data,
which triggers a heap-based buffer overflow
(bsc#976775).

See also :

https://bugzilla.opensuse.org/show_bug.cgi?id=976775
https://bugzilla.opensuse.org/show_bug.cgi?id=980366
https://bugzilla.opensuse.org/show_bug.cgi?id=980373
https://bugzilla.opensuse.org/show_bug.cgi?id=980375
https://bugzilla.opensuse.org/show_bug.cgi?id=981049
https://bugzilla.opensuse.org/show_bug.cgi?id=981050
https://bugzilla.opensuse.org/show_bug.cgi?id=981061
https://bugzilla.opensuse.org/show_bug.cgi?id=982009
https://bugzilla.opensuse.org/show_bug.cgi?id=982010
https://bugzilla.opensuse.org/show_bug.cgi?id=982011
https://bugzilla.opensuse.org/show_bug.cgi?id=982012
https://bugzilla.opensuse.org/show_bug.cgi?id=982013
https://bugzilla.opensuse.org/show_bug.cgi?id=982162

Solution :

Update the affected php5 packages.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now