SUSE-SU-2018:2681-1
Advisory lineage Upstream: 3 Downstream: 0
Published: 10 Sept 2018, 13:51
Last modified:04 Feb 2026, 03:05
Vulnerability Summary
Overall Risk (default)
minimal
0/100 CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
10 Sept 2018, 13:51
Published
Vulnerability first disclosed
04 Feb 2026, 03:05
Last Modified
Vulnerability information updated
Description
Security update for php53 This update for php53 fixes the following issues: The following security issues were fixed: - CVE-2018-14851: Fixed an out-of-bound read in exif_process_IFD_in_MAKERNOTE, which could be exploited by an attacker via crafted JPG files, and could result in an application crash. (bsc#1103659) - CVE-2018-14883: Fixed an integer overflow leading to a heap based buffer over-read in exif_thumbnail_extract of exif.c. (bsc#1103836) - CVE-2017-9118: Fixed an out of bounds access in php_pcre_replace_impl via a crafted preg_replace call (bsc#1105466)
Affected Systems
- suse•php53&distro=SUSE Linux Enterprise Server 11 SP4
< 5.3.17-112.38.1
- suse•php53&distro=SUSE Linux Enterprise Server for SAP Applications 11 SP4
< 5.3.17-112.38.1
- suse•php53&distro=SUSE Linux Enterprise Software Development Kit 11 SP4
< 5.3.17-112.38.1
References (7)
- https://www.suse.com/support/update/announcement/2018/suse-su-20182681-1/
- https://bugzilla.suse.com/1103659
- https://bugzilla.suse.com/1103836
- https://bugzilla.suse.com/1105466
- https://www.suse.com/security/cve/CVE-2017-9118
- https://www.suse.com/security/cve/CVE-2018-14851
- https://www.suse.com/security/cve/CVE-2018-14883