ALAS-2017-812

Description

Integer overflow in gd_io.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via vectors involving the number of horizontal and vertical chunks in an image. (CVE-2016-10168 )In all versions of PHP 7, during the unserialization process, resizing the 'properties'; hash table of a serialized object may lead to use-after-free. A remote attacker may exploit this bug to gain arbitrary code execution. (CVE-2016-7479 )The object_common1 function in ext/standard/var_unserializer.c in PHP before 5.6.30, 7.0.x before 7.0.15, and 7.1.x before 7.1.1 allows remote attackers to cause a denial of service (buffer over-read and application crash) via crafted serialized data that is mishandled in a finish_nested_data call. (CVE-2016-10161 )Off-by-one error in the phar_parse_pharfile function in ext/phar/phar.c in PHP before 5.6.30 and 7.0.x before 7.0.15 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted PHAR archive with an alias mismatch. (CVE-2016-10160 )The php_wddx_pop_element function in ext/wddx/wddx.c in PHP 7.0.x before 7.0.15 and 7.1.x before 7.1.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an inapplicable class name in a wddxPacket XML document, leading to mishandling in a wddx_deserialize call. (CVE-2016-10162 )It was found that the exif_convert_any_to_int() function in PHP was vulnerable to floating point exceptions when parsing tags in image files. A remote attacker with the ability to upload a malicious image could crash PHP, causing a Denial of Service. (CVE-2016-10158 )Integer overflow in the phar_parse_pharfile function in ext/phar/phar.c in PHP before 5.6.30 and 7.0.x before 7.0.15 allows remote attackers to cause a denial of service (memory consumption or application crash) via a truncated manifest entry in a PHAR archive. (CVE-2016-10159 )The gdImageCreateFromGd2Ctx function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (application crash) via a crafted image file. (CVE-2016-10167 )Zend/zend_hash.c in PHP before 7.0.15 and 7.1.x before 7.1.1 mishandles certain cases that require large array allocations, which allows remote attackers to execute arbitrary code or cause a denial of service (integer overflow, uninitialized memory access, and use of arbitrary destructor function pointers) via crafted serialized data.(CVE-2017-5340 )

Am I vulnerable?

The constraints below list the versions that this vulnerability is patched in, and versions that are unaffected. If a patch is ready but unrealeased, then it is pending.

Or, you can just let us figure it out for you! Appcanary continously monitor your installed packages, and tell you if any of them are vulnerable.

Sign up for monitoring

Affected package information

Package Patched in
php70 php70-7.0.16-1.21.amzn1.i686
php70 php70-7.0.16-1.21.amzn1.src
php70 php70-7.0.16-1.21.amzn1.x86_64
php70-bcmath php70-bcmath-7.0.16-1.21.amzn1.i686
php70-bcmath php70-bcmath-7.0.16-1.21.amzn1.x86_64
php70-cli php70-cli-7.0.16-1.21.amzn1.i686
php70-cli php70-cli-7.0.16-1.21.amzn1.x86_64
php70-common php70-common-7.0.16-1.21.amzn1.i686
php70-common php70-common-7.0.16-1.21.amzn1.x86_64
php70-dba php70-dba-7.0.16-1.21.amzn1.i686
php70-dba php70-dba-7.0.16-1.21.amzn1.x86_64
php70-dbg php70-dbg-7.0.16-1.21.amzn1.x86_64
php70-dbg php70-dbg-7.0.16-1.21.amzn1.i686
php70-debuginfo php70-debuginfo-7.0.16-1.21.amzn1.i686
php70-debuginfo php70-debuginfo-7.0.16-1.21.amzn1.x86_64
php70-devel php70-devel-7.0.16-1.21.amzn1.i686
php70-devel php70-devel-7.0.16-1.21.amzn1.x86_64
php70-embedded php70-embedded-7.0.16-1.21.amzn1.i686
php70-embedded php70-embedded-7.0.16-1.21.amzn1.x86_64
php70-enchant php70-enchant-7.0.16-1.21.amzn1.i686
php70-enchant php70-enchant-7.0.16-1.21.amzn1.x86_64
php70-fpm php70-fpm-7.0.16-1.21.amzn1.x86_64
php70-fpm php70-fpm-7.0.16-1.21.amzn1.i686
php70-gd php70-gd-7.0.16-1.21.amzn1.x86_64
php70-gd php70-gd-7.0.16-1.21.amzn1.i686
php70-gmp php70-gmp-7.0.16-1.21.amzn1.i686
php70-gmp php70-gmp-7.0.16-1.21.amzn1.x86_64
php70-imap php70-imap-7.0.16-1.21.amzn1.i686
php70-imap php70-imap-7.0.16-1.21.amzn1.x86_64
php70-intl php70-intl-7.0.16-1.21.amzn1.x86_64
php70-intl php70-intl-7.0.16-1.21.amzn1.i686
php70-json php70-json-7.0.16-1.21.amzn1.x86_64
php70-json php70-json-7.0.16-1.21.amzn1.i686
php70-ldap php70-ldap-7.0.16-1.21.amzn1.i686
php70-ldap php70-ldap-7.0.16-1.21.amzn1.x86_64
php70-mbstring php70-mbstring-7.0.16-1.21.amzn1.i686
php70-mbstring php70-mbstring-7.0.16-1.21.amzn1.x86_64
php70-mcrypt php70-mcrypt-7.0.16-1.21.amzn1.i686
php70-mcrypt php70-mcrypt-7.0.16-1.21.amzn1.x86_64
php70-mysqlnd php70-mysqlnd-7.0.16-1.21.amzn1.x86_64
php70-mysqlnd php70-mysqlnd-7.0.16-1.21.amzn1.i686
php70-odbc php70-odbc-7.0.16-1.21.amzn1.x86_64
php70-odbc php70-odbc-7.0.16-1.21.amzn1.i686
php70-opcache php70-opcache-7.0.16-1.21.amzn1.x86_64
php70-opcache php70-opcache-7.0.16-1.21.amzn1.i686
php70-pdo php70-pdo-7.0.16-1.21.amzn1.i686
php70-pdo php70-pdo-7.0.16-1.21.amzn1.x86_64
php70-pdo-dblib php70-pdo-dblib-7.0.16-1.21.amzn1.i686
php70-pdo-dblib php70-pdo-dblib-7.0.16-1.21.amzn1.x86_64
php70-pgsql php70-pgsql-7.0.16-1.21.amzn1.i686
php70-pgsql php70-pgsql-7.0.16-1.21.amzn1.x86_64
php70-process php70-process-7.0.16-1.21.amzn1.i686
php70-process php70-process-7.0.16-1.21.amzn1.x86_64
php70-pspell php70-pspell-7.0.16-1.21.amzn1.i686
php70-pspell php70-pspell-7.0.16-1.21.amzn1.x86_64
php70-recode php70-recode-7.0.16-1.21.amzn1.i686
php70-recode php70-recode-7.0.16-1.21.amzn1.x86_64
php70-snmp php70-snmp-7.0.16-1.21.amzn1.x86_64
php70-snmp php70-snmp-7.0.16-1.21.amzn1.i686
php70-soap php70-soap-7.0.16-1.21.amzn1.x86_64
php70-soap php70-soap-7.0.16-1.21.amzn1.i686
php70-tidy php70-tidy-7.0.16-1.21.amzn1.x86_64
php70-tidy php70-tidy-7.0.16-1.21.amzn1.i686
php70-xml php70-xml-7.0.16-1.21.amzn1.x86_64
php70-xml php70-xml-7.0.16-1.21.amzn1.i686
php70-xmlrpc php70-xmlrpc-7.0.16-1.21.amzn1.i686
php70-xmlrpc php70-xmlrpc-7.0.16-1.21.amzn1.x86_64
php70-zip php70-zip-7.0.16-1.21.amzn1.x86_64
php70-zip php70-zip-7.0.16-1.21.amzn1.i686