Webdev PHP vulnerabilitiies March 07, 2022 08:53PM |
Registered: 5 years ago Posts: 192 |
Quote
An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x
before 7.1.17, and 7.2.x before 7.2.5. ext/ldap/ldap.c allows remote
LDAP servers to cause a denial of service (NULL pointer dereference
and application crash) because of mishandling of the ldap_get_dn
return value.
Quote
gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP
before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before
7.2.1, has an integer signedness error that leads to an infinite loop via a
crafted GIF file, as demonstrated by a call to the imagecreatefromgif
or imagecreatefromstring PHP function. This is related to GetCode_
and gdImageCreateFromGifCtx.
Argus
Re: Webdev PHP vulnerabilitiies March 07, 2022 09:53PM |
Re: Webdev PHP vulnerabilitiies March 08, 2022 10:57AM |
Registered: 5 years ago Posts: 192 |