Red Hat Security Advisory: php53 and php security update
🔗 CVE IDs covered (11)
📋 Description
CVE-2012-1571 — file: out of bounds read in CDF parser CVE-2013-6712 — php: heap-based buffer over-read in DateInterval CVE-2014-0237 — file: cdf_unpack_summary_info() excessive looping DoS CVE-2014-0238 — file: CDF property info parsing nelements infinite loop CVE-2014-1943 — file: unrestricted recursion in handling of indirect type rules CVE-2014-2270 — file: out-of-bounds access in search rules with offsets from input file CVE-2014-3479 — file: cdf_check_stream_offset insufficient boundary check CVE-2014-3480 — file: cdf_count_chain insufficient boundary check CVE-2014-3515 — php: unserialize() SPL ArrayObject / SPLObjectStorage type confusion flaw CVE-2014-4049 — php: heap-based buffer overflow in DNS TXT record parsing CVE-2014-4721 — php: type confusion issue in phpinfo() leading to information leak
🔗 References (14)
- selfhttps://access.redhat.com/errata/RHSA-2014:1012
- externalhttps://access.redhat.com/security/updates/classification/#moderate
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=805197
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1035670
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1065836
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1072220
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1098155
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1098193
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1104858
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1104869
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1108447
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1112154
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1116662
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_1012.json