31 matches found
Linux Distros Unpatched Vulnerability : CVE-2014-3478
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer overflow in the mconvert function in softmagic.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14,...
SUSE: Security Advisory (SUSE-SU-2014:0938-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle: Security Advisory (ELSA-2015-2155)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-27-1 : file security update
Fix various denial of service attacks : CVE-2014-3487 The cdfreadpropertyinfo function does not properly validate a stream offset, which allows remote attackers to cause a denial of service application crash via a crafted CDF file. CVE-2014-3480 The cdfcountchain function in cdf.c in does not...
Important: Red Hat Security Advisory: php54-php security update
Updated php54-php packages that fix multiple security issues are now available for Red Hat Software Collections 1. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...
PHP 5.6.0 Multiple Vulnerabilities
According to its banner, the version of PHP installed on the remote host is a development version of 5.6.0. It is, therefore, affected by multiple vulnerabilities. Note that Nessus has not attempted to exploit this issue but has instead relied only on application's self-reported version number...
Oracle Linux 7 : php (ELSA-2014-1327)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-1327 advisory. - gd: fix NULL pointer dereference in gdImageCreateFromXpm. CVE-2014-2497 - gd: fix NUL byte injection in file names. CVE-2014-5120 - fileinfo: fix...
CentOS Update for php CESA-2014:1327 centos7
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
php security update
CentOS Errata and Security Advisory CESA-2014:1327 Updated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, whic...
Moderate: Red Hat Security Advisory: php security update
Updated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available for...
php security update
5.4.16-23.1 - gd: fix NULL pointer dereference in gdImageCreateFromXpm. CVE-2014-2497 - gd: fix NUL byte injection in file names. CVE-2014-5120 - fileinfo: fix extensive backtracking in regular expression incomplete fix for CVE-2013-7345. CVE-2014-3538 - fileinfo: fix mconvert incorrect handling ...
[SECURITY] [DSA 3021-2] file regression update
------------------------------------------------------------------------- Debian Security Advisory DSA-3021-2 [email protected] http://www.debian.org/security/ Luciano Bello September 10, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3021-1] file security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3021-1 [email protected] http://www.debian.org/security/ Luciano Bello September 09, 2014 http://www.debian.org/security/faq -...
Debian Security Advisory DSA 3021-1 (file - security update)
Multiple security issues have been found in file, a tool to determine a file type. These vulnerabilities allow remote attackers to cause a denial of service, via resource consumption or application crash. OpenVAS Vulnerability Test $Id: deb3021.nasl 6750 2017-07-18 09:56:47Z teissa $ Auto-generat...
openSUSE Security Update : php / php5 / php53 (openSUSE-SU-2014:0925-1)
This update fixes the following security issues with php, php5 and php53 : - bnc884986, CVE-2014-0207: file: php5: cdfreadshortsector insufficient boundary check - bnc884987, CVE-2014-3478: file: mconvert incorrect handling of truncated pascal string size - bnc884989, CVE-2014-3479: php53: file:...
Ubuntu: Security Advisory (USN-2278-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 14.04 LTS : file vulnerabilities (USN-2278-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2278-1 advisory. Mike Frysinger discovered that the file awk script detector used multiple wildcard with unlimited repetitions. An attacker could use this issue to cause...
USN-2278-1: file vulnerabilities
Mike Frysinger discovered that the file awk script detector used multiple wildcard with unlimited repetitions. An attacker could use this issue to cause file to consume resources, resulting in a denial of service. CVE-2013-7345 Francisco Alonso discovered that file incorrectly handled certain CDF...
Ubuntu: Security Advisory (USN-2276-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Slackware 14.0 / 14.1 / current : php (SSA:2014-192-01)
New php packages are available for Slackware 14.0, 14.1, and -current to fix security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2014-192-01. The text itself is copyright C...