CVE-2016-3074

Synopsis Moderate: rh-php56 security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Topic An update for rh-php56, rh-php56-php, and rh-php56-php-pear is now available for Red Hat Software CollectionsRed Hat Product Security has rated this update as having a security impact of Mo ...

The GD library could be made to crash or run programs if it processed a specially crafted image file ...

Debian Bug report logs - #835032 hhvm: Various CVEs (CVE-2014-9709 CVE-2015-8865 CVE-2016-1903 CVE-2016-4070 CVE-2016-4539 CVE-2016-6870 CVE-2016-6871 CVE-2016-6872 CVE-2016-6873 CVE-2016-6874 CVE-2016-6875) Package: src:hhvm; Maintainer for src:hhvm is (unknown); Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: ...

Debian Bug report logs - #822242 libgd2: CVE-2016-3074: Signedness vulnerability causing heap overflow Package: src:libgd2; Maintainer for src:libgd2 is GD Team <team+gd@trackerdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 22 Apr 2016 12:36:02 UTC Severity: grave Tags: fixed-upstream, ...

Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development The vulnerabilities are addressed by upgrading PHP to the new upstream version 5622, which includes additional bug fixes Please refer to the upstream changelog for more information: phpnet/ChangeLog-5php#562 ...

The following security-related issues were resolved: Buffer over-write in finfo_open with malformed magic file (CVE-2015-8865)Signedness vulnerability causing heap overflow in libgd (CVE-2016-3074)Integer overflow in php_raw_url_encode (CVE-2016-4070)Format string vulnerability in php_snmp_error() (CVE-2016-4071)Invalid memory write in phar on file ...

Integer signedness error in GD Graphics Library 211 (aka libgd or libgd2) allows remote attackers to cause a denial of service (crash) or potentially execute arbitrary code via crafted compressed gd2 data, which triggers a heap-based buffer overflow ...

SecurityCenter is potentially impacted by several vulnerabilities in PHP that were recently disclosed and fixed Note that due to the time involved in doing a full analysis of the issue, Tenable has opted to patch the included version of PHP as a precaution, and to save time instead PHP ext/intl/grapheme/grapheme_stringc zif_grapheme_stripos Neg ...