De Eindbazen discovered that PHP, when run with mod\_cgi, interprets a query string as command line parameters, allowing execution of arbitrary code. Also, fixes insufficient validation of upload name leading to corrupted $\_FILES indices
Reporter | Title | Published | Views | Family All 199 |
---|---|---|---|---|
![]() | Security update for PHP5 (critical) | 9 May 201202:08 | โ | suse |
![]() | Security update for PHP5 (critical) | 9 May 201206:08 | โ | suse |
![]() | Security update for PHP5 (critical) | 9 May 201222:08 | โ | suse |
![]() | update for php5 (critical) | 7 May 201216:08 | โ | suse |
![]() | [SECURITY] [DSA 2465-1] php5 security update | 9 May 201217:23 | โ | debian |
![]() | Debian DSA-2465-1 : php5 - several vulnerabilities | 10 May 201200:00 | โ | nessus |
![]() | SuSE 10 Security Update : PHP5 (ZYPP Patch Number 8114) | 9 May 201200:00 | โ | nessus |
![]() | SuSE 11.1 Security Update : PHP5 (SAT Patch Number 6252) | 25 Jan 201300:00 | โ | nessus |
![]() | SuSE 11.2 Security Update : PHP5 (SAT Patch Number 6251) | 25 Jan 201300:00 | โ | nessus |
![]() | Fedora 15 : maniadrive-1.2-32.fc15.5 / php-5.3.13-1.fc15 / php-eaccelerator-0.9.6.1-9.fc15.5 (2012-7567) | 29 May 201200:00 | โ | nessus |
Source | Link |
---|---|
debian | www.debian.org/security/2012/dsa-2465 |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contactย us for a demo andย discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo