Remicollet

**Name of the Vulnerable Software and Affected Versions** ImageMagick versions prior to 6.9.8-8 ImageMagick versions 7.x prior to 7.0.5-9 **Description** The issue arises from improper validation of the channel geometry in the ReadJP2Image function, located in coders/jp2.c, leading to a crash. **Recommendations** For ImageMagick versions prior to 6.9.8-8, update to version 6.9.8-8 or later. For ImageMagick versions 7.x prior to 7.0.5-9, update to version 7.0.5-9 or later.

**Name of the Vulnerable Software and Affected Versions** PHP versions prior to 5.4.32 PHP versions 5.5.x prior to 5.5.16 **Description** The issue is related to multiple buffer overflows in the `php parserr` function, which can be exploited by remote DNS servers using crafted DNS records. This can lead to a denial of service (application crash) or possibly the execution of arbitrary code. The `dns get record` and `dn expand` functions are involved in this issue. **Recommendations** For PHP versions prior to 5.4.32, update to version 5.4.32 or later. For PHP versions 5.5.x prior to 5.5.16, update to version 5.5.16 or later. As a temporary workaround, consider restricting access to the `dns get record` and `dn expand` functions until a patch is available.