5 matches found
Gentoo Security Advisory GLSA 201001-03 (php)
The remote host is missing updates announced in advisory GLSA 201001-03. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2010 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
SuSE 11 Security Update : PHP5 (SAT Patch Number 1015)
This update fixes the JSON parser CVE-2009-1271 and the zip packer code CVE-2009-1272 in php5. Both bugs can lead to a remote denial of service attack. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update...
Mac OS X Multiple Vulnerabilities (Security Update 2009-005)
The remote host is running a version of Mac OS X 10.5 or 10.4 that does not have Security Update 2009-005 applied. This security update contains fixes for the following products : - Alias Manager - CarbonCore - ClamAV - ColorSync - CoreGraphics - CUPS - Flash Player plug-in - ImageIO - Launch...
CVE-2009-1272
The phpzipmakerelativepath function in phpzip.c in PHP 5.2.x before 5.2.9 allows context-dependent attackers to cause a denial of service crash via a ZIP file that contains filenames with relative paths, which is not properly handled during extraction...
CVE-2009-1272
The vulnerability CVE-2009-1272 affects PHP 5.2.x prior to 5.2.9. The php_zip_make_relative_path function in php_zip.c can mishandle ZIP entries containing relative paths during extraction, enabling context-dependent attackers to trigger a crash (DoS). Affected component: PHP’s ZIP extraction log...