|
Lines 57-62
Link Here
|
| 57 |
|
57 |
|
| 58 |
--> |
58 |
--> |
| 59 |
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> |
59 |
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> |
|
|
60 |
<vuln vid="db119391-d59f-11e4-991c-002590263bf5"> |
| 61 |
<topic>php5 -- multiple vulnerabilities</topic> |
| 62 |
<affects> |
| 63 |
<package> |
| 64 |
<name>php5</name> |
| 65 |
<range><lt>5.4.39</lt></range> |
| 66 |
</package> |
| 67 |
<package> |
| 68 |
<name>php55</name> |
| 69 |
<range><lt>5.5.23</lt></range> |
| 70 |
</package> |
| 71 |
<package> |
| 72 |
<name>php56</name> |
| 73 |
<range><lt>5.6.7</lt></range> |
| 74 |
</package> |
| 75 |
</affects> |
| 76 |
<description> |
| 77 |
<body xmlns="http://www.w3.org/1999/xhtml"> |
| 78 |
<p>The PHP Project reports:</p> |
| 79 |
<blockquote cite="http://www.php.net/ChangeLog-5.php"> |
| 80 |
<p>Use After Free Vulnerability in unserialize().</p> |
| 81 |
<p>Heap overflow vulnerability in regcomp.c.</p> |
| 82 |
<p>ZIP Integer Overflow leads to writing past heap boundary.</p> |
| 83 |
</blockquote> |
| 84 |
</body> |
| 85 |
</description> |
| 86 |
<references> |
| 87 |
<cvename>CVE-2015-0231</cvename> |
| 88 |
<cvename>CVE-2015-2305</cvename> |
| 89 |
<cvename>CVE-2015-2331</cvename> |
| 90 |
<url>http://php.net/ChangeLog-5.php#5.4.39</url> |
| 91 |
<url>http://php.net/ChangeLog-5.php#5.5.23</url> |
| 92 |
<url>http://php.net/ChangeLog-5.php#5.6.7</url> |
| 93 |
</references> |
| 94 |
<dates> |
| 95 |
<discovery>2015-03-19</discovery> |
| 96 |
<entry>2015-03-28</entry> |
| 97 |
</dates> |
| 98 |
</vuln> |
| 99 |
|
| 60 |
<vuln vid="264749ae-d565-11e4-b545-00269ee29e57"> |
100 |
<vuln vid="264749ae-d565-11e4-b545-00269ee29e57"> |
| 61 |
<topic>libzip -- integer overflow</topic> |
101 |
<topic>libzip -- integer overflow</topic> |
| 62 |
<affects> |
102 |
<affects> |