7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
COMPLETE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:C/A:N
0.22 Low
EPSS
Percentile
95.8%
Several remote vulnerabilities have been discovered in PHP, a
server-side, HTML-embedded scripting language, which may lead to the
execution of arbitrary code. The Common Vulnerabilities and Exposures
project identifies the following problems:
For the oldstable distribution (sarge) these problems have been fixed in
version 4.3.10-20.
For the stable distribution (etch) these problems have been fixed
in version 4.4.4-8+etch2.
For the unstable distribution (sid) these problems have been fixed in
version 4.4.6-1. php4 will be removed from sid; thus you are strongly
advised to migrate to php5 if you prefer to follow the unstable
distribution.
We recommend that you upgrade your PHP packages. Packages for the arm,
m68k, mips and mipsel architectures are not yet available. They will be
provided later.
CPE | Name | Operator | Version |
---|---|---|---|
php4 | eq | 6:4.4.4-8+etch1 |