SUSE-SU-2016:0284-1

Advisory lineage Upstream: 2 Downstream: 0

Upstream

CVE-2015-7803 CVE-2016-1903

Published: 29 Jan 2016, 11:33

Last modified:04 Feb 2026, 03:48

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

29 Jan 2016, 11:33

Published

Vulnerability first disclosed

04 Feb 2026, 03:48

Last Modified

Vulnerability information updated

Description

Security update for php5 This update for php5 fixes the following issues: - CVE-2015-7803: Specially crafted .phar files with a crafted TAR archive entry allowed remote attackers to cause a Denial of Service (DoS) [bsc#949961] - CVE-2016-1903: Specially crafted image files could could allow remote attackers read unspecified memory when rotating images [bsc#962057]

Affected Systems

suse•php5&distro=SUSE Linux Enterprise Module for Web and Scripting 12
< 5.5.14-42.2
suse•php5&distro=SUSE Linux Enterprise Software Development Kit 12
< 5.5.14-42.2
suse•php5&distro=SUSE Linux Enterprise Software Development Kit 12 SP1
< 5.5.14-42.2

SUSE-SU-2016:0284-1

Vulnerability Summary

Timeline

Description

Affected Systems

References (5)