12 matches found
PHP < 5.2.7 Multiple Vulnerabilities
PHP is prone to multiple vulnerabilities. Copyright C 2012 NopSec Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or...
SuSE 10 Security Update : PHP5 (ZYPP Patch Number 6847)
This update of PHP5 fixes : - CVE-2008-5625: CVSS v2 Base Score: 7.5 HIGH AV:N/AC:L/Au:N/C:P/I:P/A:P: Permissions, Privileges, and Access Control CWE-264 CVE-2008-5814: CVSS v2 Base Score: 2.6 LOW AV:N/AC:H/Au:N/C:N/I:P/A:N: Cross-Site Scripting XSS CWE-79 CVE-2009-2626: CVSS v2 Base Score: 6.4...
SuSE 11 Security Update : PHP5 (SAT Patch Number 1978)
This update of PHP5 fixes : - CVE-2008-5624: CVSS v2 Base Score: 7.5 HIGH AV:N/AC:L/Au:N/C:P/I:P/A:P : Permissions, Privileges, and Access Control CWE-264 - CVE-2008-5625: CVSS v2 Base Score: 7.5 HIGH AV:N/AC:L/Au:N/C:P/I:P/A:P : Permissions, Privileges, and Access Control CWE-264 - Cross-Site...
openSUSE Security Update : apache2-mod_php5 (apache2-mod_php5-1993)
This update of php5 fixes: CVE-2008-5624: CVSS v2 Base Score: 7.5 HIGH AV:N/AC:L/Au:N/C:P/I:P/A:P: Permissions, Privileges, and Access Control CWE-264 CVE-2008-5625: CVSS v2 Base Score: 7.5 HIGH AV:N/AC:L/Au:N/C:P/I:P/A:P: Permissions, Privileges, and Access Control CWE-264 CVE-2008-5814: CVSS v2...
SuSE 10 Security Update : PHP5 (ZYPP Patch Number 6846)
This update of PHP5 fixes : - CVE-2008-5625: CVSS v2 Base Score: 7.5 HIGH AV:N/AC:L/Au:N/C:P/I:P/A:P: Permissions, Privileges, and Access Control CWE-264 CVE-2008-5814: CVSS v2 Base Score: 2.6 LOW AV:N/AC:H/Au:N/C:N/I:P/A:N: Cross-Site Scripting XSS CWE-79 CVE-2009-2626: CVSS v2 Base Score: 6.4...
openSUSE Security Update : apache2-mod_php5 (apache2-mod_php5-1993)
This update of php5 fixes: CVE-2008-5624: CVSS v2 Base Score: 7.5 HIGH AV:N/AC:L/Au:N/C:P/I:P/A:P: Permissions, Privileges, and Access Control CWE-264 CVE-2008-5625: CVSS v2 Base Score: 7.5 HIGH AV:N/AC:L/Au:N/C:P/I:P/A:P: Permissions, Privileges, and Access Control CWE-264 CVE-2008-5814: CVSS v2...
openSUSE Security Update : apache2-mod_php5 (apache2-mod_php5-1993)
This update of php5 fixes: CVE-2008-5624: CVSS v2 Base Score: 7.5 HIGH AV:N/AC:L/Au:N/C:P/I:P/A:P: Permissions, Privileges, and Access Control CWE-264 CVE-2008-5625: CVSS v2 Base Score: 7.5 HIGH AV:N/AC:L/Au:N/C:P/I:P/A:P: Permissions, Privileges, and Access Control CWE-264 CVE-2008-5814: CVSS v2...
Gentoo Security Advisory GLSA 201001-03 (php)
The remote host is missing updates announced in advisory GLSA 201001-03. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2010 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
HP-UX Update for Apache Web Server Suite HPSBUX02431
Check for the Version of Apache Web Server Suite OpenVAS Vulnerability Test HP-UX Update for Apache Web Server Suite HPSBUX02431 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...
Mandriva Linux Security Advisory : php (MDVSA-2009:045)
A number of vulnerabilities have been found and corrected in PHP : improve mbflfiltconvhtmldecflush error handling in ext/mbstring/libmbfl/filters/mbfilterhtmlent.c CVE-2008-5557. Additionally on Mandriva Linux 2009.0 and up the php-mbstring module is linked against a separate shared libmbfl...
Mandrake Security Advisory MDVSA-2009:045 (php)
The remote host is missing an update to php announced via advisory MDVSA-2009:045. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-on...
CVE-2008-5625
PHP 5 before 5.2.7 is affected by CVE-2008-5625: when safe_mode is enabled via php_admin_flag in httpd.conf, error_log restrictions are not enforced, allowing context-dependent attackers to write to arbitrary files by placing a php_value error_log entry in .htaccess. The vulnerability arises from...