According to its banner the version of PHP installed on the remote host is earlier than 5.3.3 / 5.2.14. Such version are potentially affected by multiple vulnerabilities :
An information disclosure vulnerability in var_export() when a fatal error occurs.
A resource destruction issue in shm_put_var().
A possible information leak because of an interruption of XOR operator.
A memory corruption issue caused by an unexpected call-time pass by reference and the following memory clobbering through callbacks.
A memory corruption issue in ArrayObject::uasort().
A memory corruption issue in parse_str().
A memory corruption issue in pack().
A memory corruption issue in substr_replace().
A memory corruption issue in addcslashes().
A stack exhaustion issue in fnmatch().
A buffer overflow vulnerability in the dechunking filter.
An arbitrary memory access issue in the sqlite extension.
A string format validation issue in the phar extension.
An unspecified issue relating to the handling of session variable serialization on certain prefix characters.
A NULL pointer dereference issue when processing invalid XML-RPC requests.
An unserialization issue in SplObjectStorage.
Buffer overflow vulnerabilities in mysqlnd_list_fields and mysqlnd_change_user.
Buffer overflows when handling error packets in mysqlnd.
Binary data 801070.prm
.php.net/ChangeLog-5.php#5.2.14
.php.net/ChangeLog-5.php#5.3.3
.php.net/releases/5_2_14.php
.php.net/releases/5_3_3.php
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1860
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1862
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1864
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2097
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2100
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2101
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2190
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2191
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2225
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2484
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2531