Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2016:2080-1)
Summary:The remote host is missing an update for the 'php5' package(s) announced via the SUSE-SU-2016:2080-1 advisory.
The remote host is missing an update for the 'php5' package(s) announced via the SUSE-SU-2016:2080-1 advisory.

Vulnerability Insight:
php5 was updated to fix the following security issues:
- CVE-2016-6297: Stack-based buffer overflow vulnerability in
php_stream_zip_opener (bsc#991426).
- CVE-2016-6291: Out-of-bounds access in exif_process_IFD_in_MAKERNOTE
- CVE-2016-6289: Integer overflow leads to buffer overflow in
virtual_file_ex (bsc#991428).
- CVE-2016-6290: Use after free in unserialize() with Unexpected Session
Deserialization (bsc#991429).
- CVE-2016-5399: Improper error handling in bzread() (bsc#991430).
- CVE-2016-6288: Buffer over-read in php_url_parse_ex (bsc#991433).
- CVE-2016-6296: Heap buffer overflow vulnerability in simplestring_addn
in simplestring.c (bsc#991437).
- CVE-2016-5769: Mcrypt: Heap Overflow due to integer overflows
- CVE-2015-8935: XSS in header() with Internet Explorer (bsc#986004).
- CVE-2016-5772: Double free corruption in wddx_deserialize (bsc#986244).
- CVE-2016-5766: Integer Overflow in _gd2GetHeader() resulting in heap
overflow (bsc#986386).
- CVE-2016-5767: Integer Overflow in gdImagePaletteToTrueColor() resulting
in heap overflow (bsc#986393).

Affected Software/OS:
'php5' package(s) on SUSE Linux Enterprise Server 11-SP2, SUSE Linux Enterprise Debuginfo 11-SP2

Please install the updated package(s).

CVSS Score:

CVSS Vector:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2015-8935
RedHat Security Advisories: RHSA-2016:2750
SuSE Security Announcement: SUSE-SU-2016:2013 (Google Search)
SuSE Security Announcement: openSUSE-SU-2016:1761 (Google Search)
SuSE Security Announcement: openSUSE-SU-2016:1922 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2016-5399
BugTraq ID: 92051
Bugtraq: 20160721 CVE-2016-5399: php: out-of-bounds write in bzread() (Google Search)
Debian Security Information: DSA-3631 (Google Search)
RedHat Security Advisories: RHSA-2016:2598
Common Vulnerability Exposure (CVE) ID: CVE-2016-5766
Debian Security Information: DSA-3619 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2016-5767
BugTraq ID: 91395
Common Vulnerability Exposure (CVE) ID: CVE-2016-5769
BugTraq ID: 91399
Debian Security Information: DSA-3618 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2016-5772
BugTraq ID: 91398
Common Vulnerability Exposure (CVE) ID: CVE-2016-6288
BugTraq ID: 92111
Common Vulnerability Exposure (CVE) ID: CVE-2016-6289
BugTraq ID: 92074
Common Vulnerability Exposure (CVE) ID: CVE-2016-6290
BugTraq ID: 92097
Common Vulnerability Exposure (CVE) ID: CVE-2016-6291
BugTraq ID: 92073
Common Vulnerability Exposure (CVE) ID: CVE-2016-6296
BugTraq ID: 92095
Common Vulnerability Exposure (CVE) ID: CVE-2016-6297
BugTraq ID: 92099
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2021 E-Soft Inc. All rights reserved.