[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    [oss-security] Re: [CVE Requests] PHP issues
From:       cve-assign () mitre ! org
Date:       2016-04-28 15:57:38
Message-ID: 20160428155738.EBD503AE1B2 () smtpvbsrv1 ! mitre ! org
[Download RAW message or body]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> 1. Heap corruption in tar/zip/phar parser
> https://bugs.php.net/bug.php?id=71354

Use CVE-2016-4342.


> 2. Uninitialized pointer in phar_make_dirstream()
> https://bugs.php.net/bug.php?id=71331

Use CVE-2016-4343.


> 3. Multiple Heap Overflow due to integer overflows | xml/filter_url/addcslashes
> https://bugs.php.net/bug.php?id=71637

>> ext/xml/xml.c

Use CVE-2016-4344.


>> ext/filter/sanitizing_filters.c

Use CVE-2016-4345.


>> ext/standard/string.c

Use CVE-2016-4346.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJXIjJmAAoJEHb/MwWLVhi2TDUQAJYgRTY/sXSPOhCSGULqnbSv
/LTTtL494AMrbdwVwuAEEE2gQnQh1ceEyT6T7CCOZMIwid7c8eDjFTrglCSuN75s
731+HOkd4e5UV7/Ms/rUUHarAz8iaroYqcJfFjFRZqbGrIA6K40Z9BOkvjbEQeDU
f4tXQZqtiK7zvQWPbootRZ4+97U6BwuxBRs39nJTkKwcuGF6c25rORoJoof5wypV
HFfUiwbPPlxHroNlZKb9MrhUUriT1PAo+HrOEthPX5H5RLBVzuB8wNdaz/XztUWB
88Ia2upuBIIYDiygUrhL3ZiT5ot13qxBES8gF9VrLtPKLTDudg24B9/sUu/+AdFS
c28Z1dU9Khh4wO+e44c+BWU2yX/92RLxf2aQHuu51UKGtvJQSOGtPL/jVVwYkqS7
9Nk5DRq4SHU6xMi2u3o9huY3A3jiVQ10SsVE+ogq7xpmTWTtRotcv2QXk0eTX0gN
Q/KmOG44Tn/eszUz8qo3cuspVqmpNygvZJZg2ezuiZhEiFf5en88S4f6FUWCEA/Y
utxuKZRyPXIx3O+SBFEuytPDXhDlNyknpJIfOOR5DRf/fno9Jd8zRr43xRYa7K34
pVtF417ZDQbO/Qfu9kjpXV2t34uM8HPSk8RQopj8Pda/FDJjPUSVB6slA4Ug+V9I
v6LoUj4kgrDaip73ispF
=o+rt
-----END PGP SIGNATURE-----
[prev in list] [next in list] [prev in thread] [next in thread]