31 matches found
Linux Distros Unpatched Vulnerability : CVE-2010-3870
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The utf8decode function in PHP before 5.3.4 does not properly handle non-shortest form UTF-8 encoding and ill-formed subsequences in UTF-8 data, which makes it...
Oracle: Security Advisory (ELSA-2011-0195)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle: Security Advisory (ELSA-2010-0919)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
F5 Networks BIG-IP : Multiple PHP vulnerabilities (K13519)
PHP has been cited with the following multiple vulnerabilities, which may be locally exploitable on some F5 products : CVE-2006-7243 PHP before 5.3.4 accepts the \0 character in a pathname, which might allow context-dependent attackers to bypass intended access restrictions by placing a safe file...
openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2010:1012-1)
Insufficient handling of certain character sequences in the utf8decode function could be leveraged to conduct cross-site-scripting XSS attacks CVE-2010-3870. php5 could also consume large amounts of memory and crash if a long mail address was passed to filtervar with parmeter FILTERVALIDATEEMAIL...
Scientific Linux Security Update : php on SL4.x, SL5.x i386/x86_64
An input validation flaw was discovered in the PHP session serializer. If a PHP script generated session variable names from untrusted user input, a remote attacker could use this flaw to inject an arbitrary variable into the PHP session. CVE-2010-3065 An information leak flaw was discovered in t...
Scientific Linux Security Update : php on SL6.x i386/x86_64
A flaw was found in the way PHP converted certain floating point values from string representation to a number. If a PHP script evaluated an attacker's input in a numeric context, the PHP interpreter could cause high CPU usage until the script execution time limit is reached. This issue only...
PHP < 5.3.4 Multiple Vulnerabilities
PHP is prone to multiple vulnerabilities. Copyright C 2012 NopSec Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or...
CentOS Update for php CESA-2010:0919 centos5 i386
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Debian Security Advisory DSA 2195-1 (php5)
The remote host is missing an update to php5 announced via advisory DSA 2195-1. OpenVAS Vulnerability Test $Id: deb21951.nasl 6613 2017-07-07 12:08:40Z cfischer $ Description: Auto-generated from advisory DSA 2195-1 php5 Authors: Thomas Reinke Copyright: Copyright c 2011 E-Soft Inc...
openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2010:1012-1)
Insufficient handling of certain character sequences in the utf8decode function could be leveraged to conduct cross-site-scripting XSS attacks CVE-2010-3870. php5 could also consume large amounts of memory and crash if a long mail address was passed to filtervar with parmeter FILTERVALIDATEEMAIL...
openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2010:1012-1)
Insufficient handling of certain character sequences in the utf8decode function could be leveraged to conduct cross-site-scripting XSS attacks CVE-2010-3870. php5 could also consume large amounts of memory and crash if a long mail address was passed to filtervar with parmeter FILTERVALIDATEEMAIL...
Debian DSA-2195-1 : php5 - several vulnerabilities
Stephane Chazelas discovered that the cronjob of the PHP 5 package in Debian suffers from a race condition which might be used to remove arbitrary files from a system CVE-2011-0441 . When upgrading your php5-common package take special care to acceptthe changes to the /etc/cron.d/php5 file...
DSA-2195-1 php5 - several
Bulletin has no description...
php security update
5.3.2-6.1 - add security fixes for CVE-2010-3709, CVE-2010-3870, CVE-2009-5016, CVE-2010-4645 670461...
Moderate: Red Hat Security Advisory: php security update
Updated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...
Ubuntu 6.06 LTS / 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : php5 vulnerabilities (USN-1042-1)
It was discovered that an integer overflow in the XML UTF-8 decoding code could allow an attacker to bypass cross-site scripting XSS protections. This issue only affected Ubuntu 6.06 LTS, Ubuntu 8.04 LTS, and Ubuntu 9.10. CVE-2009-5016 It was discovered that the XML UTF-8 decoding code did not...
Fedora Update for php-eaccelerator FEDORA-2010-18976
Check for the Version of php-eaccelerator OpenVAS Vulnerability Test Fedora Update for php-eaccelerator FEDORA-2010-18976 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...
Fedora Update for php FEDORA-2010-19011
Check for the Version of php OpenVAS Vulnerability Test Fedora Update for php FEDORA-2010-19011 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...
Fedora Update for php-eaccelerator FEDORA-2010-18976
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...