Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2005:031
HistoryJan 19, 2005 - 12:00 a.m.

(RHSA-2005:031) php security update

2005-01-1900:00:00
access.redhat.com
36

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.073 Low

EPSS

Percentile

93.4%

JSON

PHP is an HTML-embedded scripting language commonly used with the Apache
HTTP Web server.

A double-free bug was found in the deserialization code of PHP. PHP
applications use the unserialize function on untrusted user data, which
could allow a remote attacker to gain access to memory or potentially
execute arbitrary code. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2004-1019 to this issue.

Flaws were found in the pack and unpack PHP functions. These functions
do not normally pass user supplied data, so they would require a malicious
PHP script to be exploited. The Common Vulnerabilities and Exposures
project (cve.mitre.org) has assigned the name CAN-2004-1018 to this issue.

A bug was discovered in the initialization of the OpenSSL library, such
that the curl extension could not be used to perform HTTP requests over SSL
unless the php-imap package was installed.

Users of PHP should upgrade to these updated packages, which contain fixes
for these issues.

Related

nessus 22
redhat 3
securityvulns 2
ubuntucve 3
cve 3
openvas 22
f5 2
amazon 2
suse 3
ubuntu 2
veracode 1
freebsd 1
prion 1
centos 1
gentoo 1
rosalinux 1
nessus
nessus
RHEL 2.1 : php (RHSA-2005:031)
2005-01-19 00:00:00
RHEL 4 : php (RHSA-2005:032)
2005-02-22 00:00:00
RHEL 3 : php (RHSA-2004:687)
2004-12-23 00:00:00
redhat
redhat
(RHSA-2005:032) php security update
2005-02-15 00:00:00
(RHSA-2004:687) php security update
2004-12-21 00:00:00
(RHSA-2005:838) php security update
2005-11-10 00:00:00
securityvulns
securityvulns
Advisory 01/2004: Multiple vulnerabilities in PHP 4/5
2004-12-16 00:00:00
PHP security vulnerabilities
2014-12-23 00:00:00
ubuntucve
ubuntucve
CVE-2004-1019
2005-01-10 00:00:00
CVE-2004-1018
2005-01-10 00:00:00
CVE-2014-8142
2014-12-20 00:00:00
cve
cve
CVE-2004-1018
2005-01-10 05:00:00
CVE-2004-1019
2005-01-10 05:00:00
CVE-2014-8142
2014-12-20 11:59:00
openvas
openvas
Gentoo Security Advisory GLSA 200412-14 (PHP)
2008-09-24 00:00:00
SLES9: Security update for PHP4
2009-10-10 00:00:00
SLES9: Security update for PHP4
2009-10-10 00:00:00
f5
f5
K16021 : PHP vulnerability CVE-2014-8142
2015-01-22 00:00:00
SOL16021 - PHP vulnerability CVE-2014-8142
2015-01-22 00:00:00
amazon
amazon
Medium: php55
2015-01-08 11:35:00
Medium: php54
2015-01-08 11:35:00
suse
suse
remote code execution in php4, mod_php4
2005-01-17 17:12:32
Security update for php5 (important)
2015-02-24 11:05:36
Security update for php53 (important)
2016-06-21 13:08:17
ubuntu
ubuntu
PHP vulnerabilities
2004-12-17 00:00:00
PHP4 vulnerabilities
2005-03-18 00:00:00
veracode
veracode
Arbitrary Code Execution
2019-01-15 09:06:10
freebsd
freebsd
php -- multiple vulnerabilities
2004-12-16 00:00:00
prion
prion
Design/Logic Flaw
2014-12-20 11:59:00
centos
centos
php security update
2005-11-10 23:45:48
gentoo
gentoo
PHP: Multiple vulnerabilities
2004-12-19 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1950
2021-07-02 17:57:45

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.073 Low

EPSS

Percentile

93.4%

JSON
Related for RHSA-2005:031
nessus22redhat3securityvulns2ubuntucve3cve3openvas22f52amazon2suse3ubuntu2veracode1freebsd1prion1centos1gentoo1rosalinux1