VYPR

rpm package

suse/imap&distro=SUSE Linux Enterprise Software Development Kit 12 SP1

pkg:rpm/suse/imap&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP1

Vulnerabilities (10)

  • CVE-2016-9137CriJan 4, 2017
    affected < 2007e_suse-22.1fixed 2007e_suse-22.1

    Use-after-free vulnerability in the CURLFile implementation in ext/curl/curl_file.c in PHP before 5.6.27 and 7.x before 7.0.12 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data that is mishandled during __wa

  • CVE-2016-5773CriAug 7, 2016
    affected < 2007e_suse-22.1fixed 2007e_suse-22.1

    php_zip.c in the zip extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and

  • CVE-2016-5096HigAug 7, 2016
    affected < 2007e_suse-19.1fixed 2007e_suse-19.1

    Integer overflow in the fread function in ext/standard/file.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large integer in the second argument.

  • CVE-2016-5095HigAug 7, 2016
    affected < 2007e_suse-19.1fixed 2007e_suse-19.1

    Integer overflow in the php_escape_html_entities_ex function in ext/standard/html.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering a large output string from a FILTER_SANITI

  • CVE-2016-5094HigAug 7, 2016
    affected < 2007e_suse-19.1fixed 2007e_suse-19.1

    Integer overflow in the php_html_entities function in ext/standard/html.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering a large output string from the htmlspecialchars func

  • CVE-2016-5093HigAug 7, 2016
    affected < 2007e_suse-19.1fixed 2007e_suse-19.1

    The get_icu_value_internal function in ext/intl/locale/locale_methods.c in PHP before 5.5.36, 5.6.x before 5.6.22, and 7.x before 7.0.7 does not ensure the presence of a '\0' character, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly ha

  • CVE-2013-7456HigAug 7, 2016
    affected < 2007e_suse-19.1fixed 2007e_suse-19.1

    gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.1.1, as used in PHP before 5.5.36, 5.6.x before 5.6.22, and 7.x before 7.0.7, allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted image

  • CVE-2015-8879HigMay 22, 2016
    affected < 2007e_suse-19.1fixed 2007e_suse-19.1

    The odbc_bindcols function in ext/odbc/php_odbc.c in PHP before 5.6.12 mishandles driver behavior for SQL_WVARCHAR columns, which allows remote attackers to cause a denial of service (application crash) in opportunistic circumstances by leveraging use of the odbc_fetch_array func

  • CVE-2015-8877HigMay 22, 2016
    affected < 2007e_suse-19.1fixed 2007e_suse-19.1

    The gdImageScaleTwoPass function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.0, as used in PHP before 5.6.12, uses inconsistent allocate and free approaches, which allows remote attackers to cause a denial of service (memory consumption) via a crafted

  • CVE-2015-8876CriMay 22, 2016
    affected < 2007e_suse-19.1fixed 2007e_suse-19.1

    Zend/zend_exceptions.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 does not validate certain Exception objects, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or trigger unintended method executio