oss-sec mailing list archives
Re: [CVE Requests] PHP issues
From: cve-assign () mitre org
Date: Thu, 28 Apr 2016 11:57:38 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
1. Heap corruption in tar/zip/phar parser https://bugs.php.net/bug.php?id=71354
Use CVE-2016-4342.
2. Uninitialized pointer in phar_make_dirstream() https://bugs.php.net/bug.php?id=71331
Use CVE-2016-4343.
3. Multiple Heap Overflow due to integer overflows | xml/filter_url/addcslashes https://bugs.php.net/bug.php?id=71637
ext/xml/xml.c
Use CVE-2016-4344.
ext/filter/sanitizing_filters.c
Use CVE-2016-4345.
ext/standard/string.c
Use CVE-2016-4346. - -- CVE Assignment Team M/S M300, 202 Burlington Road, Bedford, MA 01730 USA [ A PGP key is available for encrypted communications at http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJXIjJmAAoJEHb/MwWLVhi2TDUQAJYgRTY/sXSPOhCSGULqnbSv /LTTtL494AMrbdwVwuAEEE2gQnQh1ceEyT6T7CCOZMIwid7c8eDjFTrglCSuN75s 731+HOkd4e5UV7/Ms/rUUHarAz8iaroYqcJfFjFRZqbGrIA6K40Z9BOkvjbEQeDU f4tXQZqtiK7zvQWPbootRZ4+97U6BwuxBRs39nJTkKwcuGF6c25rORoJoof5wypV HFfUiwbPPlxHroNlZKb9MrhUUriT1PAo+HrOEthPX5H5RLBVzuB8wNdaz/XztUWB 88Ia2upuBIIYDiygUrhL3ZiT5ot13qxBES8gF9VrLtPKLTDudg24B9/sUu/+AdFS c28Z1dU9Khh4wO+e44c+BWU2yX/92RLxf2aQHuu51UKGtvJQSOGtPL/jVVwYkqS7 9Nk5DRq4SHU6xMi2u3o9huY3A3jiVQ10SsVE+ogq7xpmTWTtRotcv2QXk0eTX0gN Q/KmOG44Tn/eszUz8qo3cuspVqmpNygvZJZg2ezuiZhEiFf5en88S4f6FUWCEA/Y utxuKZRyPXIx3O+SBFEuytPDXhDlNyknpJIfOOR5DRf/fno9Jd8zRr43xRYa7K34 pVtF417ZDQbO/Qfu9kjpXV2t34uM8HPSk8RQopj8Pda/FDJjPUSVB6slA4Ug+V9I v6LoUj4kgrDaip73ispF =o+rt -----END PGP SIGNATURE-----
Current thread:
- [CVE Requests] PHP issues Luật Nguyễn (Apr 28)
- Re: [CVE Requests] PHP issues cve-assign (Apr 28)