Lucene search

K
redhatRedHatRHSA-2012:0092
HistoryFeb 02, 2012 - 12:00 a.m.

(RHSA-2012:0092) Critical: php53 security update

2012-02-0200:00:00
access.redhat.com
29

0.875 High

EPSS

Percentile

98.7%

PHP is an HTML-embedded scripting language commonly used with the Apache
HTTP Server.

It was discovered that the fix for CVE-2011-4885 (released via
RHSA-2012:0019 for php53 packages in Red Hat Enterprise Linux 5) introduced
an uninitialized memory use flaw. A remote attacker could send a specially-
crafted HTTP request to cause the PHP interpreter to crash or, possibly,
execute arbitrary code. (CVE-2012-0830)

All php53 users should upgrade to these updated packages, which contain a
backported patch to resolve this issue. After installing the updated
packages, the httpd daemon must be restarted for the update to take effect.