KLA10515Multiple vulnerabilities in PHP and extensions

2015-03-30T00:00:00
ID KLA10515
Type kaspersky
Reporter Kaspersky Lab
Modified 2019-03-07T00:00:00

Description

Detect date:

03/30/2015

Severity:

Critical

Description:

Multiple serious vulnerabilities have been found in PHP and extensions. Malicious users can exploit these vulnerabilities to cause denial of service or inject code.

Affected products:

PHP versions 5.6.7 and possibly earlier
PHP extensions calendar and pgsql

Solution:

These vulnerabilities aren’t mitigated by vendor. You can protect yourself with disabling some functionality.

Impacts:

ACE

CVE-IDS:

CVE-2015-23317.5Critical
CVE-2015-02317.5Critical
CVE-2015-23056.8Critical