Lucene search

K

DebianDEBIAN:15E18346F4EC1799981CDE552EAD4BA6:72349

HistoryJun 27, 2014 - 11:30 a.m.

php5 security update

2014-06-2711:30:03

lists.debian.org

14

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.951 High

EPSS

Percentile

99.1%

Package : php5
Version : 5.3.3-7+squeeze20
CVE ID : CVE-2014-4049

It was discovered that PHP, a general-purpose scripting
language commonly used for web application development, is
vulnerable to a heap-based buffer overflow in the DNS TXT
record parsing. A malicious server or man-in-the-middle
attacker could possibly use this flaw to execute arbitrary
code as the PHP interpreter if a PHP application uses
dns_get_record() to perform a DNS query.

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.951 High

EPSS

Percentile

99.1%

Related for DEBIAN:15E18346F4EC1799981CDE552EAD4BA6:72349

osv4 debian8 openvas41 nessus37 checkpoint_advisories1 prion2 veracode4 cve2 ubuntucve2 suse5 ubuntu2 ibm5 securityvulns5 mageia3 f54 oraclelinux5 amazon3 freebsd1 slackware1 redhat4 centos2 gentoo1 rosalinux1