Lucene search

K
nessusTenable5824.PRM
HistoryMar 18, 2011 - 12:00 a.m.

PHP 5.3.x < 5.3.6 Multiple Vulnerabilities

2011-03-1800:00:00
Tenable
www.tenable.com
15

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

EPSS

0.082

Percentile

94.4%

Versions of PHP 5.3 earlier than 5.3.6 are potentially affected by multiple vulnerabilities :

  • An error exists in the function ‘_zip_name_locate()’ in the file ‘ext/zip/lib/zip_name_locate.c’ which allows a NULL pointer to be dereferenced when processing an empty archive. (CVE-2011-0421)
  • A variable casting error exists in the Exif extension’s C function ‘exif_process_IFD_TAG()’ in the file ‘ext/exif/exif.c’ could allow arbitrary code execution. (CVE-2011-0708)
  • An integer overflow vulnerability exists in the implementation of the PHP function ‘shmop_read’ in the file ‘ext/shmop/shmop.c’. (CVE-2011-1092)
  • An error exists in the file ‘phar/phar_object.c’ n which calls to ‘zend_throw_exception_ex()’ pass data as a string format parameter which could lead to information disclosure or memory corruption when handling PHP archives. (CVE-2011-1153)
  • A buffer overflow error exists in the C function ‘xbuf_format_converter’ in the file ‘main/snprintf.c’ when the PHP configuration setting for ‘precision’ is set to a large value. (Bug 54055)
  • An unspecified error exists in the security enforcement regarding the parsing of the fastcgi protocol with the ‘FastCGI Process Manager’ (FPM) SAPI.
Binary data 5824.prm
VendorProductVersionCPE
phpphpcpe:/a:php:php

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

EPSS

0.082

Percentile

94.4%