10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.317 Low
EPSS
Percentile
96.9%
The PHP development team reports:
Added missing safe_mode/open_basedir checks inside the
error_log(), file_exists(), imap_open() and imap_reopen()
functions.
Fixed overflows inside str_repeat() and wordwrap()
functions on 64bit systems.
Fixed possible open_basedir/safe_mode bypass in cURL
extension and with realpath cache.
Fixed overflow in GD extension on invalid GIF
images.
Fixed a buffer overflow inside sscanf() function.
Fixed an out of bounds read inside stripos()
function.
Fixed memory_limit restriction on 64 bit system.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
FreeBSD | any | noarch | php4 | < 4.4.4 | UNKNOWN |
FreeBSD | any | noarch | php5 | < 4.4.4 | UNKNOWN |
FreeBSD | any | noarch | php4-cli | < 4.4.4 | UNKNOWN |
FreeBSD | any | noarch | php5-cli | < 4.4.4 | UNKNOWN |
FreeBSD | any | noarch | php4-cgi | < 4.4.4 | UNKNOWN |
FreeBSD | any | noarch | php5-cgi | < 4.4.4 | UNKNOWN |
FreeBSD | any | noarch | php4-dtc | < 4.4.4 | UNKNOWN |
FreeBSD | any | noarch | php5-dtc | < 4.4.4 | UNKNOWN |
FreeBSD | any | noarch | php4-horde | < 4.4.4 | UNKNOWN |
FreeBSD | any | noarch | php5-horde | < 4.4.4 | UNKNOWN |