27 matches found
Linux Distros Unpatched Vulnerability : CVE-2015-4598
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read or...
Debian: Security Advisory (DLA-307-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
K17049: PHP vulnerability CVE-2015-4598
Security Advisory Description PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read or write to arbitrary files via crafted input to an application that calls 1 a DOMDocument save method or 2 t...
Mageia: Security Advisory (MGASA-2015-0258)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2015:1253-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2015:1253-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for php (EulerOS-SA-2019-1544)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
PHP 5.6.x < 5.6.10 Multiple Vulnerabilities
According to its banner, the version of PHP 5.6.x running on the remote web server is prior to 5.6.10. It is, therefore, affected by multiple vulnerabilities : - Multiple heap buffer overflow conditions exist in the bundled Perl-Compatible Regular Expression PCRE library due to improper validatio...
SUSE SLES12 Security Update : php5 (SUSE-SU-2015:1253-1)
This security update of PHP fixes the following issues : Security issues fixed : - CVE-2015-4024 bnc931421: Fixed multipart/form-data remote DOS Vulnerability. - CVE-2015-4026 bnc931776: pcntlexec did not check path validity. - CVE-2015-4022 bnc931772: Fixed and overflow in ftpgenlist that result...
F5 Networks BIG-IP : PHP vulnerability (K17049)
PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read or write to arbitrary files via crafted input to an application that calls 1 a DOMDocument save method or 2 the GD imagepsloadfont function...
PHP < 5.4.42, 5.5.x < 5.5.26, 5.6.x < 5.6.10 Multiple Vulnerabilities (Aug 2016) - Linux
PHP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...
CVE-2015-4598
CVE-2015-4598 affects PHP prior to 5.4.42, 5.5.x prior to 5.5.26, and 5.6.x prior to 5.6.10. The issue arises because pathnames may contain a NULL byte (%00), which can allow a remote attacker to read or write arbitrary files when an application calls either a DOMDocument save method or the GD im...
[SECURITY] [DSA 3344-1] php5 security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3344-1 [email protected] https://www.debian.org/security/ Sebastien Delafond August 27, 2015 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3344-1] php5 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3344-1 [email protected] https://www.debian.org/security/ Sebastien Delafond August 27, 2015 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3344-1] php5 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3344-1 [email protected] https://www.debian.org/security/ Sebastien Delafond August 27, 2015 https://www.debian.org/security/faq -...
Debian Security Advisory DSA 3344-1 (php5 - security update)
Multiple vulnerabilities have been discovered in the PHP language: CVE-2015-4598 thoger at redhat dot com discovered that paths containing a NUL character were improperly handled, thus allowing an attacker to manipulate unexpected files on the server. CVE-2015-4643 Max Spelsberg discovered an...
DSA-3344-1 php5 - security update
Bulletin has no description...
SOL17049 - PHP vulnerability CVE-2015-4598
Important: Although the software of the affected F5 products contains the vulnerable code, the affected F5 products do not use the vulnerable code in a way that exposes the vulnerability in a standard configuration. An attacker must have local shell access to the affected F5 products, to trigger ...
CentOS Update for php CESA-2015:1218 centos6
Check the version of php SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882219";...
RedHat Update for php RHSA-2015:1218-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...