CVE-2016-8876: Out-of-Bounds read vulnerability in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to execute…

CVE-2016-8876 [HIGH] CWE-125 GHSA-p4hj-x8wm-pqjj: Out-of-Bounds read vulnerability in Foxit Reader and PhantomPDF before 8 Out-of-Bounds read vulnerability in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to execute arbitrary code via a crafted TIFF image embedded in the XFA stream in a PDF document, aka "Read Access Violation starting at FoxitReader."

CVE-2016-7478 [CRITICAL] php: Unserialize Exception object can lead to infinite loop php: Unserialize Exception object can lead to infinite loop Zend/zend_exceptions.c in PHP, possibly 5.x before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (infinite loop) via a crafted Exception object in serialized data, a related issue to CVE-2015-8876. Package: php (Red Hat Enterprise Linux 5) - Will not fix Package: php53 (Red Hat Enterprise Linux 5) - Will not fix Package: php (Red Hat Enterprise Linux 6) - Will not fix Package: php (Red Hat Enterprise Linux 7) - Will not fix Package: php (Red Hat OpenShift Enterprise 2) - Will not fix Package: rh-php56-php (Red Hat Software Collections) - Will not fix Package: rh-php70-php (Red Hat Software Collections) - Will not fix