FreeBSD : php -- multiple vulnerabilities (5764c634-10d2-11e6-94fa-002590263bf5)

The PHP Group reports : - BCMath : - Fixed bug 72093 bcpowmod accepts negative scale and corrupts one definition. - Exif : - Fixed bug 72094 Out of bounds heap read access in exif header processing. - GD : - Fixed bug 71912 libgd: signedness vulnerability. CVE-2016-3074 - Intl : - Fixed bug 72061...

Fedora 23 : php-5.6.21-1.fc23 (2016-f1d98cf017)

28 Apr 2016, PHP 5.6.21 Core: Fixed bug 69537 debugInfo with empty string for key gives error. krakjoe Fixed bug 71841 EGerrorzval is not handled well. Laruence BCmath: Fixed bug 72093 bcpowmod accepts negative scale and corrupts one definition. Stas Curl: Fixed bug 71831 CURLOPTNOPROXY applied a...

php -- multiple vulnerabilities

The PHP Group reports: BCMath: Fixed bug 72093 bcpowmod accepts negative scale and corrupts one definition. Exif: Fixed bug 72094 Out of bounds heap read access in exif header processing. GD: Fixed bug 71912 libgd: signedness vulnerability. CVE-2016-3074 Intl: Fixed bug 72061 Out-of-bounds reads ...

Oracle: Security Advisory (ELSA-2015-1219)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory for PHP5 (SUSE-SU-2014:0873-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux: Security Advisory (ALAS-2015-464)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Medium: php54

Issue Overview: acinclude.m4, as used in the configure script in PHP 5.5.13 and earlier, allows local users to overwrite arbitrary files via a symlink attack on the /tmp/phpglibccheck file. A denial of service flaw was found in the way the File Information fileinfo extension parsed certain...

openSUSE Security Update : php5 (openSUSE-2012-288)

The patch for CVE-2012-1823 was incomplete, this update fixes the remaining bits CVE-2012-2335, CVE-2012-2336 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2012-288. The text...

Critical: php

Issue Overview: The asn1timetotimet function in ext/openssl/openssl.c in PHP before 5.3.28, 5.4.x before 5.4.23, and 5.5.x before 5.5.7 does not properly parse 1 notBefore and 2 notAfter timestamps in X.509 certificates, which allows remote attackers to execute arbitrary code or cause a denial of...

Amazon Linux AMI : php (ALAS-2012-116)

Unspecified vulnerability in the phpstreamscandir function in the stream implementation in PHP before 5.3.15 and 5.4.x before 5.4.5 has unknown impact and remote attack vectors, related to an 'overflow.' C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

Oracle Linux 5 : php (ELSA-2009-0338)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2009-0338 advisory. - ext/gd: fix overflow2 usage for CVE-2007-3996, CVE-2008-3658 Tenable has extracted the preceding description block directly from the Oracle Linux...

SuSE 11.2 Security Update : PHP5 (SAT Patch Number 6777)

This update fixes CVE-2011-1398 / CVE-2011-4388 header injection via CR. This update also changes the default configuration to use FilesMatch with 'SetHandler' rather than 'AddHandler' to protect weakly written web applications from content confusion. Since this is a hardening measure, no CVE was...

SuSE 10 Security Update : PHP5 (ZYPP Patch Number 8264)

This update changes the default configuration to use FilesMatch with 'SetHandler' rather than 'AddHandler' to protect weakly written web applications from content confusion. Since this is a hardening measure, no CVE was assigned. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text...

CentOS Update for php53 CESA-2012:0547 centos5

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CentOS Update for php53 CESA-2012:0092 centos5

Check for the Version of php53 OpenVAS Vulnerability Test CentOS Update for php53 CESA-2012:0092 centos5 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

RHEL 5 / 6 : php (RHSA-2012:0546)

The remote Redhat Enterprise Linux 5 / 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2012:0546 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way the php-cgi executable processe...

SuSE 10 Security Update : PHP5 (ZYPP Patch Number 7375)

php5 was updated to fix several security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. if NASLLEVEL 3000 exit0; include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid53285; scriptversion"1.7";...

SLES10: Security update for PHP5

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: apache2-modphp5 php5 php5-bcmath php5-bz2 php5-calendar php5-ctype php5-curl php5-dba php5-dbase php5-devel php5-dom php5-exif php5-fastcgi php5-ftp php5-gd...

Mandrake Security Advisory MDVSA-2009:285 (php)

The remote host is missing an update to php announced via advisory MDVSA-2009:285. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-on...

SLES10: Security update for PHP5

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: apache2-modphp5 php5 php5-bcmath php5-bz2 php5-calendar php5-ctype php5-curl php5-dba php5-dbase php5-devel php5-dom php5-exif php5-fastcgi php5-ftp php5-gd...