5 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-11144
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, the openssl extension PEM sealing code did not check the return value of the OpenSSL sealing...
Arbitrary Code Execution
php is vulnerable to arbitrary code execution. A buffer over-read flaw was discovered in PHP's gd extension. A script that could be forced to write arbitrary strings using a JIS font from an untrusted source could cause the PHP interpreter to crash...
CVE-2017-11143
In PHP before 5.6.31, an invalid free in the WDDX deserialization of boolean parameters could be used by attackers able to inject XML for deserialization to crash the PHP interpreter, related to an invalid free for an empty boolean element in ext/wddx/wddx.c...
RedHat Update for php53 RHSA-2012:0092-01
Check for the Version of php53 OpenVAS Vulnerability Test RedHat Update for php53 RHSA-2012:0092-01 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...
Critical: php
Issue Overview: It was discovered that the fix for CVE-2011-4885 introduced an uninitialized memory use flaw. A remote attacker could send a specially-crafted HTTP request to cause the PHP interpreter to crash or, possibly, execute arbitrary code. Affected Packages: php Issue Correction: Run yum...