9.3 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.59 Medium
EPSS
Percentile
97.5%
Description
The SQLite functionality in PHP before 5.3.15 allows remote attackers to bypass the open_basedir protection mechanism via unspecified vectors.
Buffer overflow in the apache_request_headers function in sapi/cgi/cgi_main.c in PHP 5.4.x before 5.4.3 allows remote attackers to cause a denial of service (application crash) via a long string in the header of an HTTP request.
Stack-based buffer overflow in the socket_connect function in ext/sockets/sockets.c in PHP 5.3.3 through 5.3.6 might allow context-dependent attackers to execute arbitrary code via a long pathname for a UNIX socket.
The crypt_des (aka DES-based crypt) function in FreeBSD before 9.0-RELEASE-p2, as used in PHP, PostgreSQL, and other products, does not process the complete cleartext password if this password contains a 0x80 character, which makes it easier for context-dependent attackers to obtain access via an authentication attempt with an initial substring of the intended password, as demonstrated by a Unicode password.
The scan function in ext/date/lib/parse_iso_intervals.c in PHP through 5.5.6 does not properly restrict creation of DateInterval objects, which might allow remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted interval specification.
Format string vulnerability in stream.c in the phar extension in PHP 5.3.x through 5.3.3 allows context-dependent attackers to obtain sensitive information (memory contents) and possibly execute arbitrary code via a crafted phar:// URI that is not properly handled by the phar_stream_flush function, leading to errors in the php_stream_wrapper_log_error function. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-2094.
Impact
None. No F5 products are affected by these vulnerabilities.
Status
To determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:
Product | Versions known to be vulnerable | Versions known to be not vulnerable | Vulnerable component or feature |
---|---|---|---|
BIG-IP LTM | None | ||
11.0.0 - 11.6.0 | |||
10.0.0 - 10.2.4 | |||
None | |||
BIG-IP AAM | None | 11.4.0 - 11.6.0 | |
None | |||
BIG-IP AFM | None | 11.3.0 - 11.6.0 | |
None | |||
BIG-IP Analytics | None | 11.0.0 - 11.6.0 | |
None | |||
BIG-IP APM | None | 11.0.0 - 11.6.0 | |
10.1.0 - 10.2.4 | |||
None | |||
BIG-IP ASM | None | 11.0.0 - 11.6.0 | |
10.0.0 - 10.2.4 | |||
None | |||
BIG-IP Edge Gateway | |||
None | 11.0.0 - 11.3.0 | ||
10.1.0 - 10.2.4 | |||
None | |||
BIG-IP GTM | None | 11.0.0 - 11.6.0 | |
10.0.0 - 10.2.4 | |||
None | |||
BIG-IP Link Controller | None | ||
11.0.0 - 11.6.0 | |||
10.0.0 - 10.2.4 | |||
None | |||
BIG-IP PEM | None | ||
11.3.0 - 11.6.0 | |||
None | |||
BIG-IP PSM | None | 11.0.0 - 11.4.1 | |
10.0.0 - 10.2.4 | |||
None | |||
BIG-IP WebAccelerator | None | 11.0.0 - 11.3.0 | |
10.0.0 - 10.2.4 | |||
None | |||
BIG-IP WOM | None | 11.0.0 - 11.3.0 | |
10.0.0 - 10.2.4 | |||
None | |||
ARX | None | 6.0.0 - 6.4.0 | |
None | |||
Enterprise Manager | None | 3.0.0 - 3.1.1 | |
2.1.0 - 2.3.0 | |||
None | |||
FirePass | None | 7.0.0 | |
6.0.0 - 6.1.0 | |||
None | |||
BIG-IQ Cloud | None | ||
4.0.0 - 4.4.0 | |||
None | |||
BIG-IQ Device | None | ||
4.2.0 - 4.4.0 | |||
None | |||
BIG-IQ Security | None | ||
4.0.0 - 4.4.0 | |||
None | |||
LineRate | None | 2.2.0 - 2.5.0 | |
1.6.0 - 1.6.4 | None | ||
WebSafe | None | 1.0.0 | None |
Recommended action
None
Supplemental Information