Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2015-2331
Description:Integer overflow in the _zip_cdir_new function in zip_dirent.c in libzip 0.11.2 and earlier, as used in the ZIP extension in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a ZIP archive that contains many entries, leading to a heap-based buffer overflow.
Test IDs: 1.3.6.1.4.1.25623.1.0.869274   1.3.6.1.4.1.25623.1.0.703198   1.3.6.1.4.1.25623.1.0.869509   1.3.6.1.4.1.25623.1.0.869549   1.3.6.1.4.1.25623.1.0.869184   1.3.6.1.4.1.25623.1.0.869272   1.3.6.1.4.1.25623.1.0.869180   1.3.6.1.4.1.25623.1.1.4.2015.0668.1  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2015-2331
http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html
Debian Security Information: DSA-3198 (Google Search)
http://www.debian.org/security/2015/dsa-3198
http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154666.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155299.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153983.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154266.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154276.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155622.html
HPdes Security Advisory: HPSBMU03380
http://marc.info/?l=bugtraq&m=143748090628601&w=2
HPdes Security Advisory: HPSBMU03409
http://marc.info/?l=bugtraq&m=144050155601375&w=2
HPdes Security Advisory: HPSBUX03337
http://marc.info/?l=bugtraq&m=143403519711434&w=2
HPdes Security Advisory: SSRT102066
http://marc.info/?l=bugtraq&m=143403519711434&w=2
http://www.mandriva.com/security/advisories?name=MDVSA-2015:079
http://www.securitytracker.com/id/1031985
SuSE Security Announcement: openSUSE-SU-2015:0615 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-03/msg00083.html
SuSE Security Announcement: openSUSE-SU-2015:0644 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-04/msg00002.html




© 1998-2024 E-Soft Inc. All rights reserved.